urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:148::12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sttelemediagdc.xoxoday.com/home/wishboard/65e15ce4ee605c8417332381?utm_medium=email&utm_source=notifications&utm_campaign=w...
Effective URL: https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92Jf...
Submission: On March 06 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 59 HTTP transactions. The main IP is 2603:1026:3000:148::12, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 21st 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 27 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:235... 16509 (AMAZON-02)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
3 151.101.64.176 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3.225.28.129 14618 (AMAZON-AES)
2 2600:9000:272... 16509 (AMAZON-02)
1 44.241.19.114 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
1 18.239.83.59 16509 (AMAZON-02)
1 54.73.91.67 16509 (AMAZON-02)
2 2600:9000:25a... 16509 (AMAZON-02)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.227.225.220 396982 (GOOGLE-CL...)
2 18.245.46.19 16509 (AMAZON-02)
2 2603:1026:300... 8075 (MICROSOFT...)
1 2620:1ec:bdf::62 8075 (MICROSOFT...)
59 21
27    2606:4700::6812:1e13 (United States)

ASN13335 (CLOUDFLARENET, US)
sttelemediagdc.xoxoday.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:235a:1e00:b:35c1:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
imagestore-002.xoxoday.com
1    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.trackjs.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2606:4700:10::6816:3bb5 (United States)

ASN13335 (CLOUDFLARENET, US)
app.posthog.com
us-assets.i.posthog.com
3    3.225.28.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-28-129.compute-1.amazonaws.com
us.i.posthog.com
2    2600:9000:2724:2800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    44.241.19.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-19-114.us-west-2.compute.amazonaws.com
m.stripe.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2491:4400:11:fb43:99c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
imagestore-001.xoxoday.com
1    18.239.83.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-59.ams58.r.cloudfront.net
widget.intercom.io
1    54.73.91.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-91-67.eu-west-1.compute.amazonaws.com
app.productfruits.com
2    2600:9000:25a2:8400:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.customer.io
2    2606:4700:20::681a:a92 (United States)

ASN13335 (CLOUDFLARENET, US)
code.gist.build
1    35.227.225.220 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 220.225.227.35.bc.googleusercontent.com
track.customer.io
2    18.245.46.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-19.fra56.r.cloudfront.net
js.intercomcdn.com
2    2603:1026:3000:148::12 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    2620:1ec:bdf::62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
Apex Domain
Subdomains		 Transfer
30 xoxoday.com
sttelemediagdc.xoxoday.com
imagestore-002.xoxoday.com
imagestore-001.xoxoday.com
5 MB
5 posthog.com
app.posthog.com — Cisco Umbrella Rank: 9325
us.i.posthog.com — Cisco Umbrella Rank: 9789
us-assets.i.posthog.com — Cisco Umbrella Rank: 18322
77 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1155
m.stripe.com — Cisco Umbrella Rank: 1134
169 KB
3 customer.io
assets.customer.io — Cisco Umbrella Rank: 17404
track.customer.io — Cisco Umbrella Rank: 12839
5 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
26 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2000
290 KB
2 gist.build
code.gist.build — Cisco Umbrella Rank: 16964
12 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1243
16 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
171 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 937
49 KB
1 productfruits.com
app.productfruits.com — Cisco Umbrella Rank: 80595
13 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1628
3 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 trackjs.com
cdn.trackjs.com — Cisco Umbrella Rank: 17541
11 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
0 live.com Failed
login.live.com Failed
59 16
Domain Requested by
27 sttelemediagdc.xoxoday.com 3 redirects sttelemediagdc.xoxoday.com
3 us.i.posthog.com app.posthog.com
3 js.stripe.com sttelemediagdc.xoxoday.com
js.stripe.com
2 login.microsoftonline.com sttelemediagdc.xoxoday.com
aadcdn.msauth.net
2 js.intercomcdn.com widget.intercom.io
2 code.gist.build 1 redirects
2 assets.customer.io sttelemediagdc.xoxoday.com
assets.customer.io
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.googletagmanager.com sttelemediagdc.xoxoday.com
www.googletagmanager.com
2 imagestore-002.xoxoday.com sttelemediagdc.xoxoday.com
1 aadcdn.msauth.net login.microsoftonline.com
1 track.customer.io
1 app.productfruits.com sttelemediagdc.xoxoday.com
1 widget.intercom.io sttelemediagdc.xoxoday.com
1 imagestore-001.xoxoday.com sttelemediagdc.xoxoday.com
1 fonts.gstatic.com fonts.googleapis.com
1 m.stripe.com m.stripe.network
1 us-assets.i.posthog.com app.posthog.com
1 app.posthog.com sttelemediagdc.xoxoday.com
1 cdn.trackjs.com sttelemediagdc.xoxoday.com
1 fonts.googleapis.com sttelemediagdc.xoxoday.com
0 login.live.com Failed login.microsoftonline.com
59 22

This site contains no links.

Subject Issuer Validity Valid
xoxoday.com
Cloudflare Inc ECC CA-3		 2023-03-26 -
2024-03-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.xoxoday.com
Amazon RSA 2048 M03		 2024-01-17 -
2025-02-14		 a year crt.sh
cdn.trackjs.com
R3		 2024-01-30 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
*.i.posthog.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-12		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2024-05-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
productfruits.com
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-05		 a year crt.sh
*.customer.io
Amazon RSA 2048 M03		 2023-10-19 -
2024-11-15		 a year crt.sh
api.customer.io
GTS CA 1D4		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-02-21 -
2025-02-21		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-01-29 -
2025-01-29		 a year crt.sh

This page contains 5 frames:

Primary Page: https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D&sso_reload=true
Frame ID: BF06D31284079259A127D5BC69DB8843
Requests: 50 HTTP requests in this frame

Frame: https://sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Frame ID: 1D847B4679EA3C73B626869A3AF9DC42
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 287AB4F15A4A3C617E6CA57569EF1FA4
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CA5A2B3374B25B9A53EA4ACCFF156CFD
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.aecd3378.js
Frame ID: DA1AD91E6568D8E5B9EEDF1E58D94C9F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://sttelemediagdc.xoxoday.com/home/wishboard/65e15ce4ee605c8417332381?utm_medium=email&utm_source=notifica... HTTP 302
    https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fb... Page URL
  2. https://sttelemediagdc.xoxoday.com/chef/sso/sso-redirect?company_id=MzUwMw==&type=saml&uid=https%3A%2F%2Fsts.wi... HTTP 302
    https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyY... Page URL
  3. https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyY... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

59
Requests

88 %
HTTPS

65 %
IPv6

16
Domains

22
Subdomains

21
IPs

4
Countries

5808 kB
Transfer

19628 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sttelemediagdc.xoxoday.com/home/wishboard/65e15ce4ee605c8417332381?utm_medium=email&utm_source=notifications&utm_campaign=wishboard_new_wish HTTP 302
    https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo Page URL
  2. https://sttelemediagdc.xoxoday.com/chef/sso/sso-redirect?company_id=MzUwMw==&type=saml&uid=https%3A%2F%2Fsts.windows.net%2F08557a0b-c685-40ea-92b5-b0c5037052eb%2F HTTP 302
    https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D Page URL
  3. https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://sttelemediagdc.xoxoday.com/home/wishboard/65e15ce4ee605c8417332381?utm_medium=email&utm_source=notifications&utm_campaign=wishboard_new_wish HTTP 302
  • https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Request Chain 24
  • https://sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Request Chain 46
  • https://code.gist.build/web/latest/gist.min.js HTTP 302
  • https://code.gist.build/web/3.7.1/gist.min.js
Request Chain 51
  • https://sttelemediagdc.xoxoday.com/chef/sso/sso-redirect?company_id=MzUwMw==&type=saml&uid=https%3A%2F%2Fsts.windows.net%2F08557a0b-c685-40ea-92b5-b0c5037052eb%2F HTTP 302
  • https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
sttelemediagdc.xoxoday.com/
Redirect Chain
  • https://sttelemediagdc.xoxoday.com/home/wishboard/65e15ce4ee605c8417332381?utm_medium=email&utm_source=notifications&utm_campaign=wishboard_new_wish
  • https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld19...
24 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8723edbaae5a25932d9fad830c7fa4f3c169a62ce59e43872107945d6613b8e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-8600818a5bb64dbd-FRA' https://js.stripe.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.posthog.com https://us.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com https://www.googletagmanager.com https://*.storage.googleapis.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-src 'self' https://india.perks.xoxoday.com/ https://apps.youforia.store/ https://usa.perks.xoxoday.com/ https://af9c07.myshopify.com/ https://*.app.refyne.co.in/ https://*.uat.refyne.co.in/ https://*.refyne.co.in/ https://perks.xoxoday.com/ https://perks-philippines.myshopify.com/ https://perks-uae.myshopify.com/ https://perksuk.myshopify.com/ https://perksuk.myshopify.com/ https://perksus.myshopify.com/ https://uae.perks.xoxoday.com/ https://uk.perks.xoxoday.com/ https://philippines.perks.xoxoday.com/ https://checkout.razorpay.com/ https://api.razorpay.com/ https://express.razorpay.com/ https://perks.xoxotest.net/ https://calendly.com https://*.hotjar.com https://www.google.com https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://renderer.gist.build https://code.gist.build https://intercom-sheets.com; img-src 'self' https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net data: blob: https://empulsclients.blob.core.windows.net https://*.hotjar.com https://*.xoxoday.com https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://*.storage.googleapis.com https://cdn.jsdelivr.net https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://m.media-amazon.com https://track.customer.io https://*.intercomassets.com https://*.intercomcdn.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://js.stripe.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://*.storage.googleapis.com https://assets.customer.io https://code.gist.build https://*.intercom.io https://*.intercomcdn.com; style-src 'self' 'nonce-8600818a5bb64dbd-FRA' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-elem 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://app-static-prod.posthog.com https://app-static-prod.posthog.com https://stackpath.bootstrapcdn.com https://app.productfruits.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-attr 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; font-src 'self' https://*.hotjar.com https://fonts.gstatic.com https://www.youtube.com https://*.intercomcdn.com; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com; report-to empuls-csp;worker-src 'self' blob: ; media-src 'self' https://imagestore-002.xoxoday.com https://imagestore-001.xoxoday.com https://empuls-dropbox-oregon-prod.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://xoxoday-dropbox-oregon-public-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://empuls-oregon-private-cloudfront.xoxoday.com https://*.intercomcdn.com; form-action https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; child-src https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.netframe-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8600818a5bb64dbd-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-8600818a5bb64dbd-FRA' https://js.stripe.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.posthog.com https://us.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com https://www.googletagmanager.com https://*.storage.googleapis.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-src 'self' https://india.perks.xoxoday.com/ https://apps.youforia.store/ https://usa.perks.xoxoday.com/ https://af9c07.myshopify.com/ https://*.app.refyne.co.in/ https://*.uat.refyne.co.in/ https://*.refyne.co.in/ https://perks.xoxoday.com/ https://perks-philippines.myshopify.com/ https://perks-uae.myshopify.com/ https://perksuk.myshopify.com/ https://perksuk.myshopify.com/ https://perksus.myshopify.com/ https://uae.perks.xoxoday.com/ https://uk.perks.xoxoday.com/ https://philippines.perks.xoxoday.com/ https://checkout.razorpay.com/ https://api.razorpay.com/ https://express.razorpay.com/ https://perks.xoxotest.net/ https://calendly.com https://*.hotjar.com https://www.google.com https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://renderer.gist.build https://code.gist.build https://intercom-sheets.com; img-src 'self' https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net data: blob: https://empulsclients.blob.core.windows.net https://*.hotjar.com https://*.xoxoday.com https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://*.storage.googleapis.com https://cdn.jsdelivr.net https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://m.media-amazon.com https://track.customer.io https://*.intercomassets.com https://*.intercomcdn.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://js.stripe.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://*.storage.googleapis.com https://assets.customer.io https://code.gist.build https://*.intercom.io https://*.intercomcdn.com; style-src 'self' 'nonce-8600818a5bb64dbd-FRA' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-elem 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://app-static-prod.posthog.com https://app-static-prod.posthog.com https://stackpath.bootstrapcdn.com https://app.productfruits.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-attr 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; font-src 'self' https://*.hotjar.com https://fonts.gstatic.com https://www.youtube.com https://*.intercomcdn.com; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com; report-to empuls-csp;worker-src 'self' blob: ; media-src 'self' https://imagestore-002.xoxoday.com https://imagestore-001.xoxoday.com https://empuls-dropbox-oregon-prod.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://xoxoday-dropbox-oregon-public-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://empuls-oregon-private-cloudfront.xoxoday.com https://*.intercomcdn.com; form-action https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; child-src https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.netframe-ancestors 'self'
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 07:06:57 GMT
pragma
no-cache
reporting-endpoints
empuls-csp="/chef/csp_report"
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
xoxo-tracer-id
8600818a5bb64dbd-FRA

Redirect headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86008185fea74dbd-FRA
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-86008185fea74dbd-FRA' https://js.stripe.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.posthog.com https://us.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com https://www.googletagmanager.com https://*.storage.googleapis.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-src 'self' https://india.perks.xoxoday.com/ https://apps.youforia.store/ https://usa.perks.xoxoday.com/ https://af9c07.myshopify.com/ https://*.app.refyne.co.in/ https://*.uat.refyne.co.in/ https://*.refyne.co.in/ https://perks.xoxoday.com/ https://perks-philippines.myshopify.com/ https://perks-uae.myshopify.com/ https://perksuk.myshopify.com/ https://perksuk.myshopify.com/ https://perksus.myshopify.com/ https://uae.perks.xoxoday.com/ https://uk.perks.xoxoday.com/ https://philippines.perks.xoxoday.com/ https://checkout.razorpay.com/ https://api.razorpay.com/ https://express.razorpay.com/ https://perks.xoxotest.net/ https://calendly.com https://*.hotjar.com https://www.google.com https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://renderer.gist.build https://code.gist.build https://intercom-sheets.com; img-src 'self' https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net data: blob: https://empulsclients.blob.core.windows.net https://*.hotjar.com https://*.xoxoday.com https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://*.storage.googleapis.com https://cdn.jsdelivr.net https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://m.media-amazon.com https://track.customer.io https://*.intercomassets.com https://*.intercomcdn.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://js.stripe.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://*.storage.googleapis.com https://assets.customer.io https://code.gist.build https://*.intercom.io https://*.intercomcdn.com; style-src 'self' 'nonce-86008185fea74dbd-FRA' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-elem 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://app-static-prod.posthog.com https://app-static-prod.posthog.com https://stackpath.bootstrapcdn.com https://app.productfruits.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-attr 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; font-src 'self' https://*.hotjar.com https://fonts.gstatic.com https://www.youtube.com https://*.intercomcdn.com; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com; report-to empuls-csp;worker-src 'self' blob: ; media-src 'self' https://imagestore-002.xoxoday.com https://imagestore-001.xoxoday.com https://empuls-dropbox-oregon-prod.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://xoxoday-dropbox-oregon-public-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://empuls-oregon-private-cloudfront.xoxoday.com https://*.intercomcdn.com; form-action https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; child-src https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.netframe-ancestors 'self'
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 07:06:56 GMT
location
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
reporting-endpoints
empuls-csp="/chef/csp_report"
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
xoxo-tracer-id
86008185fea74dbd-FRA
styles.css
sttelemediagdc.xoxoday.com/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/css/styles.css
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4760878852d7ad80691fbcc0cd8712faec855b891502c1b2caecc3b302dc5870
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
4946
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:43:34 GMT
server
cloudflare
etag
W/"587a-18e0dff3970"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600818c1dd44dbd-FRA
bootstrap-rtl.css
sttelemediagdc.xoxoday.com/vendors/ 		193 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/vendors/bootstrap-rtl.css
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a8c35a582387f53b4cddcca6e7c01a639e5008ad7cb937902adabcb2c1147e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:43:34 GMT
server
cloudflare
etag
W/"305f6-18e0dff3970"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8600818c1dd84dbd-FRA
style.css
sttelemediagdc.xoxoday.com/CustomIcomoon/customIcons/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/CustomIcomoon/customIcons/style.css
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a4466164ad370ad0963a12b5b70ed1b5c113cb5474258dafb526379c00a3d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
1107
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:43:34 GMT
server
cloudflare
etag
W/"10df-18e0dff3970"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600818c1ddb4dbd-FRA
style.e2586b5d006357e5dd95.css
sttelemediagdc.xoxoday.com/ 		748 KB
151 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/style.e2586b5d006357e5dd95.css
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83faf5f17db901df90368ba6e08d648c8f05ce6d179b0a9c3bfdf4a9d48aee64
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"bb09e-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8600818c1ddc4dbd-FRA
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63fd0069ced51bf0645c28ded71b08ad8d15b1cfb358ff56edb137872e8c62dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 06:08:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 07:06:57 GMT
stt-logock7fr0zbz00086ckm1dlp445j1583473065518.jpg
imagestore-002.xoxoday.com/image/clients/10350300000000000/platform_setting/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagestore-002.xoxoday.com/image/clients/10350300000000000/platform_setting/stt-logock7fr0zbz00086ckm1dlp445j1583473065518.jpg
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:1e00:b:35c1:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34c5520a1ba326151cd272b2064b6ae68e7c1d8d2ffeff64989a9508d4080a57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
x-amz-version-id
null
via
1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront)
last-modified
Fri, 06 Mar 2020 05:39:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
etag
"cdd82aec923ff664c796d06a8f70ed64"
vary
Origin
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
22086
x-amz-cf-id
5cDazoxYz6fPvpgS5pRkuqY4j5A6P1leOe6tIw8bT17fVWW8FLTqhQ==
vendor-react.72946ee13d9e48968854.bundle.js
sttelemediagdc.xoxoday.com/ 		136 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/vendor-react.72946ee13d9e48968854.bundle.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b671b4d71349b520bebce0afcd2afd713798ed04d57ecb4808d26edd75ee5ec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"220b6-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8600818c2e064dbd-FRA
bundle.e2586b5d006357e5dd95.js
sttelemediagdc.xoxoday.com/ 		3 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/bundle.e2586b5d006357e5dd95.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9fee3e11c689287349f6d7799d55a27421da73861978f706f5eb8003037d7ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"333309-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8600818c3e074dbd-FRA
fluent-icon.021b66518a65fb456b15.bundle.js
sttelemediagdc.xoxoday.com/ 		10 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/fluent-icon.021b66518a65fb456b15.bundle.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
178c30f65f682cc0d6df7fd78312d552a8f3cf950098a21796c664b8fddec37d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"a758fe-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8600818c3e094dbd-FRA
common.js
sttelemediagdc.xoxoday.com/js/ 		21 B
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/js/common.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b423500bd62a21260dc16b1da6e2eb5a77fbddaa49fbeb97cb3dcec7cdd5b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
21
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:43:34 GMT
server
cloudflare
etag
W/"15-18e0dff3970"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600818c3e0a4dbd-FRA
password-algo.js
sttelemediagdc.xoxoday.com/js/ 		694 KB
353 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/js/password-algo.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfbca7219c35f0c7c9303544f720d119e3760a7a7e631e06b317ea40d442bd1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:43:34 GMT
server
cloudflare
etag
W/"ad920-18e0dff3970"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8600818c3e0d4dbd-FRA
firebase-app.js
sttelemediagdc.xoxoday.com/js/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/js/firebase-app.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f650f70bd4a8e7ce25699e594dde50a2817bd8cf94f8b591b9468c08095e366a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
14064
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:43:34 GMT
server
cloudflare
etag
W/"881c-18e0dff3970"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600818c3e0f4dbd-FRA
firebase-messaging.js
sttelemediagdc.xoxoday.com/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/js/firebase-messaging.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a30a8925144ecf34ae36038be8f30d915c15335cbb9e4cafa4ca733d8628e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
11548
x-xss-protection
1; mode=block
last-modified
Mon, 04 Mar 2024 12:59:40 GMT
server
cloudflare
etag
W/"8b10-18e098c6660"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600818c5e454dbd-FRA
t.js
cdn.trackjs.com/agent/v3/latest/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
x-amz-meta-cache-control
s-max-age=3600, max-age=604800, public
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
BJC8GYV0BSYQ3PQX
x-amz-server-side-encryption
AES256
x-amz-meta-content-type
application/javascript
cdn-cachedat
12/12/2023 18:59:55
cdn-pullzone
1606702
x-amz-id-2
UrrgZixWIK0kBP4UVcbLjE9th/ozfTjU44PsmUapgZ+rRQCBM+fBpNdLM4gZz8x3ZbDh3as0skU=
last-modified
Wed, 06 Dec 2023 15:35:37 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"f62a120cfe36e652de667aaed72b7815"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
cd4e6a4c-6811-495a-bea9-94fbb4c46859
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=604800, s-max-age=3600
cdn-requestid
0d8151293948ac43cf3e266aaae4dfa9
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8HNG5D
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0ec27e0508e29c31c21031337a9e0a05911736b8314ee0e4fcf8b69473752ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78718
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Mar 2024 07:06:57 GMT
/
js.stripe.com/v3/ 		603 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
79f4ebb4e08dc3c74b4fccee2addb664ab02798d6397f565ade46ff807feab9f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 06 Mar 2024 07:06:57 GMT
via
1.1 varnish
age
38
x-cache
HIT
content-length
170999
x-request-id
941026a3-2f48-4eaf-a76b-2b78b4a602c9
x-served-by
cache-fra-etou8220052-FRA
last-modified
Tue, 05 Mar 2024 22:40:08 GMT
server
Fastly
etag
"a5568449f32d13dd1ce018b1deb15d0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
js
www.googletagmanager.com/gtag/ 		281 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4C1ETMKY22&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8HNG5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2c341a2c84b4eb23ba21758e466469b4cf3b0be4b2c96de977f7c13f1c39ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96090
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 06 Mar 2024 07:06:57 GMT
array.js
app.posthog.com/static/ 		124 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/array.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da03335665fb99cc01b7d57e2b33139e6b2e3e3938633ea5a3b48fe7b0275194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
237
referrer-policy
same-origin
last-modified
Wed, 06 Mar 2024 00:26:52 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65e7b84c-1efad"
x-frame-options
SAMEORIGIN
vary
Cookie, Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
860081904fb01e3e-FRA
/
us.i.posthog.com/e/ 		13 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.i.posthog.com/e/?ip=1&_=1709708818021&ver=1.111.0
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.28.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-28-129.compute-1.amazonaws.com
Software
/
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sttelemediagdc.xoxoday.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 06 Mar 2024 07:06:58 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://sttelemediagdc.xoxoday.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
/
us.i.posthog.com/decide/ 		732 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.i.posthog.com/decide/?v=3&ip=1&_=1709708818022&ver=1.111.0
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.28.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-28-129.compute-1.amazonaws.com
Software
/
Resource Hash
f5cd610df04af99e1df22343133c569ab8cf7b3b2de3f498166ae3b3f2d9c58a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sttelemediagdc.xoxoday.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 06 Mar 2024 07:06:58 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://sttelemediagdc.xoxoday.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
recorder-v2.js
us-assets.i.posthog.com/static/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-assets.i.posthog.com/static/recorder-v2.js?v=1.111.0
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab3ed1d796b094b1a4dd370702e21600fcb4b555f3828094e4758c588bd289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
119
x-envoy-upstream-service-time
4
referrer-policy
same-origin
last-modified
Wed, 06 Mar 2024 00:26:52 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Cookie, Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
8600819408e80378-FRA
consumer.query.getEnterpriseDashboardConfig
sttelemediagdc.xoxoday.com/chef/api/graph/consumer/query/ 		51 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/chef/api/graph/consumer/query/consumer.query.getEnterpriseDashboardConfig
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/bundle.e2586b5d006357e5dd95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b047f967daff31a12b5f7152c73683249e11ddeb9076bfaf18799215615c62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
csrf
accept-language
de-DE,de;q=0.9
lng
en
pltfm
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
content-length
51
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
etag
W/"33-UyLO22XwrSQfpFIeCYRSqtQsKN4"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sttelemediagdc.xoxoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xoxo-tracer-id
860081985b984dbd-FRA
cf-ray
860081985b984dbd-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
fetchFrontend
sttelemediagdc.xoxoday.com/chef/language/ 		481 KB
176 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/chef/language/fetchFrontend?languagePreference=en
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/bundle.e2586b5d006357e5dd95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5234da9821184942c1541d6e4cd9c0284d1b532373810a29b2b22378ab09b271
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
csrf
hash
accept-language
de-DE,de;q=0.9
lng
en
pltfm
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"78485-02tJlRazflL2pnGBNZaHs2uSsWI"
x-download-options
noopen
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
undefined
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
xoxo-tracer-id
860081985b994dbd-FRA
cf-ray
860081985b994dbd-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
main.js
sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame 1D84
Redirect Chain
  • https://sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29b24915dade1ab36ba62129b8edb463544dfa4ed7c7b87687212a7ef7ec02a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
860081991ca04dbd-FRA

Redirect headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
cache-control
max-age=300, public
cf-ray
860081989c084dbd-FRA
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 287A 		200 B
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sttelemediagdc.xoxoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3132539
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 07:06:59 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
165276
x-content-type-options
nosniff
x-request-id
5c0b3b29-266d-40c4-b3d8-056a407f73a5
x-served-by
cache-fra-etou8220052-FRA
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 287A 		526 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 06 Mar 2024 07:06:59 GMT
via
1.1 varnish
age
3120449
x-cache
HIT
content-length
315
x-request-id
7e27bc70-9d84-4d90-8711-933488b01f7b
x-served-by
cache-fra-etou8220052-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
157738
inner.html
m.stripe.network/ Frame CA5A 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:2800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
194
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 07:03:46 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 ee047aee7532c119ede08bf41f5f0762.cloudfront.net (CloudFront)
x-amz-cf-id
IvnlAgTGhK2-Y96aWjz9qJk22dl8L6B8Dv-yx7Ol20MgpfbOUy067w==
x-amz-cf-pop
FRA56-P12
x-cache
Hit from cloudfront
x-content-type-options
nosniff
8600818a5bb64dbd
sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1D84 		0
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/h/b/jsd/r/8600818a5bb64dbd
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
server
cloudflare
cf-ray
86008199cd614dbd-FRA
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=xdnY.GBpg3qkXohge3BkDgcgZqxekujsgAsx_5k3O9Y-1709708819-1.0.1.1-IzYGzjstfceKWJkgP4KpiEmzHK0Adh6WNxiThgvLODKWatiVF.HH_2ZqQOBzhlkdmV9eYu15QY2qSWpPY9mgkBZDABGccgHhwv51x..RiC318RCofvv87so2gongo2SaZup61jk65ScQNyGvPtdrskA8xHxczBHuTfPD7vKJFr4; report-to cf-csp-endpoint
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=xdnY.GBpg3qkXohge3BkDgcgZqxekujsgAsx_5k3O9Y-1709708819-1.0.1.1-IzYGzjstfceKWJkgP4KpiEmzHK0Adh6WNxiThgvLODKWatiVF.HH_2ZqQOBzhlkdmV9eYu15QY2qSWpPY9mgkBZDABGccgHhwv51x..RiC318RCofvv87so2gongo2SaZup61jk65ScQNyGvPtdrskA8xHxczBHuTfPD7vKJFr4"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
text/plain; charset=UTF-8
out-4.5.43.js
m.stripe.network/ Frame CA5A 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:2800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:03:10 GMT
content-encoding
br
via
1.1 ee047aee7532c119ede08bf41f5f0762.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
230
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
NYGHBhGkKC42GHBzSAanOsyFTIkxOgRifIjNBsL6jWNH4aK-9M7aeA==
vendors~DashboardReport~MainOnBoardingPage~TakeSurveyModuleNew~Unsubscribe~home~login~oAuth~resetpassword.2b6156a3226122ea20f5.bundle.js
sttelemediagdc.xoxoday.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/vendors~DashboardReport~MainOnBoardingPage~TakeSurveyModuleNew~Unsubscribe~home~login~oAuth~resetpassword.2b6156a3226122ea20f5.bundle.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/bundle.e2586b5d006357e5dd95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76ed64ede571cce1417ac46aedc486ef43d3b3d805e7068a5349ff45cdf0819
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
8636
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"5ed6-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600819a9ea04dbd-FRA
vendors~DashboardReport~TakeCustomSurvey~TakeEngagementSurvey~home~login~oAuth~resetpassword.ce3402a5ccbe7440b2fb.bundle.js
sttelemediagdc.xoxoday.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/vendors~DashboardReport~TakeCustomSurvey~TakeEngagementSurvey~home~login~oAuth~resetpassword.ce3402a5ccbe7440b2fb.bundle.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/bundle.e2586b5d006357e5dd95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5d885bcf3553aadd0efa68bd64933d800781354cb5793b16304a8ece7fa753
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
9608
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"777c-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600819a9ea34dbd-FRA
vendors~DashboardReport~TakeCustomSurvey~home~login~oAuth~resetpassword.2048c82055340d1c4d3d.bundle.js
sttelemediagdc.xoxoday.com/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/vendors~DashboardReport~TakeCustomSurvey~home~login~oAuth~resetpassword.2048c82055340d1c4d3d.bundle.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/bundle.e2586b5d006357e5dd95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b53f8b462fe9a89e0550089439431c9a7e8b86ec90041e379fa83e8003fb00
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
11290
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"899a-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600819a9ea44dbd-FRA
vendors~TakeCustomSurvey~home~login~oAuth~resetpassword.25cebec28dc87bc0bbc9.bundle.js
sttelemediagdc.xoxoday.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/vendors~TakeCustomSurvey~home~login~oAuth~resetpassword.25cebec28dc87bc0bbc9.bundle.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/bundle.e2586b5d006357e5dd95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec35c9790c402643aa2688dc107e09836c648085190406ae1c59ff04f80aa3c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
content-length
3050
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"2560-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8600819a9ea64dbd-FRA
login.d0b9f942a0ee14e15afe.bundle.js
sttelemediagdc.xoxoday.com/ 		270 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/login.d0b9f942a0ee14e15afe.bundle.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/bundle.e2586b5d006357e5dd95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b460e7355e1083e0edce91f732ec92e3e292ad9cb2d6ccbaf3cf8dab325671
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:47:47 GMT
server
cloudflare
etag
W/"4370c-18e0e0315b8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8600819a9ea84dbd-FRA
stt-logock7fr0zbz00086ckm1dlp445j1583473065518.jpg
imagestore-002.xoxoday.com/image/clients/10350300000000000/platform_setting/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagestore-002.xoxoday.com/image/clients/10350300000000000/platform_setting/stt-logock7fr0zbz00086ckm1dlp445j1583473065518.jpg
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:1e00:b:35c1:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34c5520a1ba326151cd272b2064b6ae68e7c1d8d2ffeff64989a9508d4080a57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:06:59 GMT
x-amz-version-id
null
via
1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront)
last-modified
Fri, 06 Mar 2020 05:39:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
1
etag
"cdd82aec923ff664c796d06a8f70ed64"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
22086
x-amz-cf-id
ObBcfIVaazLuHC2sKXzfxZDTn3b7WJRlkHg0Rl7Z1_LLnsywqXOQ5Q==
6
m.stripe.com/ Frame CA5A 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.19.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-19-114.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
22bad91730427433348dd66328c464493e0e8ae902e6042c9d29840c54cdc82e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 06 Mar 2024 07:07:00 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1709708820221227
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1709708820220962
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
tz-cities-to-countries.json
sttelemediagdc.xoxoday.com/static/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/static/tz-cities-to-countries.json
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login.d0b9f942a0ee14e15afe.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b3eda4f36b8b48f84309b4fb09a6b6b9e636ae114fbd80038ae91dc49e441c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
content-length
4640
x-xss-protection
1; mode=block
last-modified
Tue, 05 Mar 2024 09:43:34 GMT
server
cloudflare
etag
W/"2c67-18e0dff3970"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8600819c88d84dbd-FRA
default-src
sttelemediagdc.xoxoday.com
sttelemediagdc_1544004187-logo.jpg
sttelemediagdc.xoxoday.com/image/clients/sttelemediagdc/ 		109 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sttelemediagdc.xoxoday.com/image/clients/sttelemediagdc/sttelemediagdc_1544004187-logo.jpg
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a94b6db31ae72ae41cb97d785364ecf0d1cb5041fbf0ab1e869a05bdd4d61a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-8600819c88d94dbd-FRA' https://js.stripe.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.posthog.com https://us.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com https://www.googletagmanager.com https://*.storage.googleapis.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-src 'self' https://india.perks.xoxoday.com/ https://apps.youforia.store/ https://usa.perks.xoxoday.com/ https://af9c07.myshopify.com/ https://*.app.refyne.co.in/ https://*.uat.refyne.co.in/ https://*.refyne.co.in/ https://perks.xoxoday.com/ https://perks-philippines.myshopify.com/ https://perks-uae.myshopify.com/ https://perksuk.myshopify.com/ https://perksuk.myshopify.com/ https://perksus.myshopify.com/ https://uae.perks.xoxoday.com/ https://uk.perks.xoxoday.com/ https://philippines.perks.xoxoday.com/ https://checkout.razorpay.com/ https://api.razorpay.com/ https://express.razorpay.com/ https://perks.xoxotest.net/ https://calendly.com https://*.hotjar.com https://www.google.com https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://renderer.gist.build https://code.gist.build https://intercom-sheets.com; img-src 'self' https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net data: blob: https://empulsclients.blob.core.windows.net https://*.hotjar.com https://*.xoxoday.com https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://*.storage.googleapis.com https://cdn.jsdelivr.net https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://m.media-amazon.com https://track.customer.io https://*.intercomassets.com https://*.intercomcdn.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://js.stripe.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://*.storage.googleapis.com https://assets.customer.io https://code.gist.build https://*.intercom.io https://*.intercomcdn.com; style-src 'self' 'nonce-8600819c88d94dbd-FRA' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-elem 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://app-static-prod.posthog.com https://app-static-prod.posthog.com https://stackpath.bootstrapcdn.com https://app.productfruits.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-attr 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; font-src 'self' https://*.hotjar.com https://fonts.gstatic.com https://www.youtube.com https://*.intercomcdn.com; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com; report-to empuls-csp;worker-src 'self' blob: ; media-src 'self' https://imagestore-002.xoxoday.com https://imagestore-001.xoxoday.com https://empuls-dropbox-oregon-prod.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://xoxoday-dropbox-oregon-public-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://empuls-oregon-private-cloudfront.xoxoday.com https://*.intercomcdn.com; form-action https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; child-src https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.netframe-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:07:00 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-8600819c88d94dbd-FRA' https://js.stripe.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.posthog.com https://us.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com https://www.googletagmanager.com https://*.storage.googleapis.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-src 'self' https://india.perks.xoxoday.com/ https://apps.youforia.store/ https://usa.perks.xoxoday.com/ https://af9c07.myshopify.com/ https://*.app.refyne.co.in/ https://*.uat.refyne.co.in/ https://*.refyne.co.in/ https://perks.xoxoday.com/ https://perks-philippines.myshopify.com/ https://perks-uae.myshopify.com/ https://perksuk.myshopify.com/ https://perksuk.myshopify.com/ https://perksus.myshopify.com/ https://uae.perks.xoxoday.com/ https://uk.perks.xoxoday.com/ https://philippines.perks.xoxoday.com/ https://checkout.razorpay.com/ https://api.razorpay.com/ https://express.razorpay.com/ https://perks.xoxotest.net/ https://calendly.com https://*.hotjar.com https://www.google.com https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://renderer.gist.build https://code.gist.build https://intercom-sheets.com; img-src 'self' https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net data: blob: https://empulsclients.blob.core.windows.net https://*.hotjar.com https://*.xoxoday.com https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://*.storage.googleapis.com https://cdn.jsdelivr.net https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://m.media-amazon.com https://track.customer.io https://*.intercomassets.com https://*.intercomcdn.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://js.stripe.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://*.storage.googleapis.com https://assets.customer.io https://code.gist.build https://*.intercom.io https://*.intercomcdn.com; style-src 'self' 'nonce-8600819c88d94dbd-FRA' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-elem 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://app-static-prod.posthog.com https://app-static-prod.posthog.com https://stackpath.bootstrapcdn.com https://app.productfruits.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-attr 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; font-src 'self' https://*.hotjar.com https://fonts.gstatic.com https://www.youtube.com https://*.intercomcdn.com; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com; report-to empuls-csp;worker-src 'self' blob: ; media-src 'self' https://imagestore-002.xoxoday.com https://imagestore-001.xoxoday.com https://empuls-dropbox-oregon-prod.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://xoxoday-dropbox-oregon-public-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://empuls-oregon-private-cloudfront.xoxoday.com https://*.intercomcdn.com; form-action https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; child-src https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.netframe-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
reporting-endpoints
empuls-csp="/chef/csp_report"
pragma
no-cache
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
xoxo-tracer-id
8600819c88d94dbd-FRA
cf-ray
8600819c88d94dbd-FRA
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sttelemediagdc.xoxoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 08:49:49 GMT
x-content-type-options
nosniff
age
80231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 08:49:49 GMT
icomoon.ttf
sttelemediagdc.xoxoday.com/CustomIcomoon/customIcons/fonts/ 		34 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sttelemediagdc.xoxoday.com/CustomIcomoon/customIcons/fonts/icomoon.ttf?1vaj8e
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/CustomIcomoon/customIcons/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4d76d9ed9a38d5779a6db440dc9270a24615ccfb3058be2996372acecbf48a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sttelemediagdc.xoxoday.com/CustomIcomoon/customIcons/style.css
Origin
https://sttelemediagdc.xoxoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:07:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2024 09:43:34 GMT
server
cloudflare
content-encoding
gzip
etag
W/"89d0-18e0dff3970"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
font/ttf
cache-control
public, max-age=0
cf-ray
8600819c88db4dbd-FRA
x-xss-protection
1; mode=block
azure.svg
imagestore-001.xoxoday.com/enterprise2/empuls_authentication/ 		33 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagestore-001.xoxoday.com/enterprise2/empuls_authentication/azure.svg
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4400:11:fb43:99c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff32e0d25c2a53d87e0684d61c85f385fbceb1f910eee49dd208d86564932691

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
qe4DGUzL619wzecrKxAiiw51xjBRI5ni
content-encoding
gzip
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
date
Tue, 05 Mar 2024 09:45:22 GMT
last-modified
Tue, 12 Jul 2022 13:18:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
76899
x-amz-server-side-encryption
AES256
etag
W/"9131f78d76a605a573d9c2ba7f9b1dd7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
eFrXzI5b1ylBBWEAS4gJt1SVs5DH1thj65GlJk4nLZzYFeTFo0gLpQ==
xub4195y
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/xub4195y
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-59.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14a7828f9836ead158ff135f8086a7b0d4fe796ff16555ad7a1da4ef91b35899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
Gjx_SHIMtOujB3srp2Io7zjyIJvC29C7
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
date
Wed, 06 Mar 2024 07:01:52 GMT
x-amz-cf-pop
AMS58-P5
age
330
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2702
last-modified
Tue, 05 Mar 2024 17:49:32 GMT
server
AmazonS3
etag
"61b0af8dba69131e820901c2a54c9cc0"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
UugjRuvgZ1m0vLe0BwtjxZvyb0iD3vs7wDoVU3rkMRCvd2eP5yFEyg==
script.js
app.productfruits.com/static/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.productfruits.com/static/script.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.91.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-91-67.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
4ae50dc7ccf2bf74a0f91bc9400aa20f85f4cfa5aef770cdfc1eeaec2dbdde3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 07:07:00 GMT
content-encoding
br
last-modified
Tue, 05 Mar 2024 19:04:19 GMT
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-store,no-cache
track.js
assets.customer.io/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:8400:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
YnPUbk.59KSLpiqsKMfvCCZt1qaij9rt
content-encoding
gzip
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
date
Wed, 06 Mar 2024 05:41:23 GMT
last-modified
Fri, 11 Aug 2023 18:01:41 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
77482
x-amz-server-side-encryption
AES256
etag
W/"92f4f643083ddfd3fc572a181243cb46"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cross-origin-resource-policy
cross-origin
x-amz-cf-id
qQdgVobzk3JoNKQnTmwVKlif0gy035OsQgHFe4S0qihUlJqKtYsY_g==
in-app.js
assets.customer.io/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.customer.io/assets/in-app.js
Requested by
Host: assets.customer.io
URL: https://assets.customer.io/assets/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:8400:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a23e7b8795e9d5e098500a4fe72372bb291d73fa49587be69c506752a6b1603

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
bDEhyDDXVttCiNpSfXbYQsJXHjz0lr45
content-encoding
gzip
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
date
Wed, 06 Mar 2024 05:45:49 GMT
last-modified
Fri, 11 Aug 2023 18:01:43 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
11310
x-amz-server-side-encryption
AES256
etag
W/"ba7d44c9c3a749cdb169c5092631896e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cross-origin-resource-policy
cross-origin
x-amz-cf-id
pvbClspa_KT_44ONjZ4QsYFQHR3x6yhbWUTDXr9X9Ey54TA30aPo1g==
gist.min.js
code.gist.build/web/3.7.1/
Redirect Chain
  • https://code.gist.build/web/latest/gist.min.js
  • https://code.gist.build/web/3.7.1/gist.min.js
34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.gist.build/web/3.7.1/gist.min.js
Protocol
H2
Server
2606:4700:20::681a:a92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26df4efe671c759899ef3f9254aa54838295cc2af121dd043e078e1499582d3c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:07:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000dca35954ddf1c460-0065e01fcb-4283340f-ams3b
age
2628
x-envoy-upstream-healthchecked-cluster
last-modified
Thu, 29 Feb 2024 06:09:13 GMT
server
cloudflare
etag
W/"71702185ac3f00d305f6d7f395707b24"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiZS%2BH%2FTuhO5UWe1DMsVAnDRaORNZDKWt3GZ%2ByIJa7eK6qa1PTwNWlJd3%2BlmY1wD3bskt9ybTCQt8Tfa2BFhjdq8bdtEAS7xzHNupshDSKfzqXpENnXHxF2PRiQd1341xMB3L60kreeC5bRiJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-do-cdn-uuid
03b5fb56-b915-4b88-b380-33c921f54627
x-rgw-object-type
Normal
cache-control
max-age=14400
cf-ray
860081a0beef2bb5-FRA

Redirect headers

date
Wed, 06 Mar 2024 07:07:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaH3dvBFV6dBOtsIG%2FccNkyynOs2I2wG4HYKqTpOuh25ToKtFxrmXLtJMgE43KzjlNDvzifdI4aL7Q6B%2FUilUaI44%2F0XeeCJIuKe0FQL3NhC9%2FKaqzCpwzJASofkgvyeWsB%2BZVty6DpDgkaj9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://code.gist.build/web/3.7.1/gist.min.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
860081a06e8a2bb5-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
page.gif
track.customer.io/events/ 		35 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fsttelemediagdc.xoxoday.com%2Flogin%3Fdest_url%3DL2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo&data%5Bdest_url%5D=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=66f275b5-2bc4-b354-1e0e-5e035949be18&site_id=e14d4e24f47ec9872f3a&timestamp=1709708820425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.225.220 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sttelemediagdc.xoxoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 07:07:00 GMT
via
1.1 google
content-type
image/gif
access-control-allow-origin
*
status
200 OK
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
cross-origin-resource-policy
cross-origin
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
frame-modern.aecd3378.js
js.intercomcdn.com/ Frame DA1A 		512 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.aecd3378.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xub4195y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2e14a2bc8f4e7d298bb793243749d9d8720e584a4269e2e5b4dfea78ed0c749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
Gr1A986qJgZHN.HAYoUGG8zIVLeiZSCT
content-encoding
gzip
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
date
Wed, 06 Mar 2024 05:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
4645
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
144474
last-modified
Tue, 05 Mar 2024 17:44:48 GMT
server
AmazonS3
etag
"0f3de046000008957cda72676e02aa62"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
nWOQ8qx-vfy-dIbV2GZzWZk550wkDF2Ca4YVN9jMBUGK-tZOQA3JIQ==
vendor-modern.2d2f7395.js
js.intercomcdn.com/ Frame DA1A 		483 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.2d2f7395.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xub4195y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f514dd4bdbc18c2d31cbae09b718344f75fcbfc47c7460b9c5a4a17f24eef977
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
tjRDkvXwbSJOqMWOxm7z4fODUtj_hO21
content-encoding
gzip
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
date
Wed, 06 Mar 2024 06:00:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
3973
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
151124
last-modified
Mon, 04 Mar 2024 17:28:27 GMT
server
AmazonS3
etag
"e68e62227378aca670df6cf5964e7440"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
t1kzljXxLqa7DGjl0fJK6uRE-TLNUnB0xQuaJHNGPumaqs1I0AL7UA==
/
us.i.posthog.com/s/ 		13 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.i.posthog.com/s/?compression=gzip-js&ip=1&_=1709708822348&ver=1.111.0
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.28.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-28-129.compute-1.amazonaws.com
Software
/
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sttelemediagdc.xoxoday.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Mar 2024 07:07:02 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://sttelemediagdc.xoxoday.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
saml2
login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/
Redirect Chain
  • https://sttelemediagdc.xoxoday.com/chef/sso/sso-redirect?company_id=MzUwMw==&type=saml&uid=https%3A%2F%2Fsts.windows.net%2F08557a0b-c685-40ea-92b5-b0c5037052eb%2F
  • https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZd...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D
Requested by
Host: sttelemediagdc.xoxoday.com
URL: https://sttelemediagdc.xoxoday.com/login.d0b9f942a0ee14e15afe.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::12 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
684cb2eab796546bb323b6bed1db3f9f2ad10f48d464c7e520ce21066ddbe13a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sttelemediagdc.xoxoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
9179
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 07:07:03 GMT
expires
-1
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-ms-ests-server
2.1.17396.8 - SEASLR1 ProdSlices
x-ms-request-id
a2a993f9-ff48-409c-a78c-958541ac6401
x-xss-protection
0

Redirect headers

access-control-allow-methods
GET, POST, PUT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
860081af4e434dbd-FRA
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 07:07:03 GMT
location
https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
xoxo-tracer-id
860081af4e434dbd-FRA
/
us.i.posthog.com/i/v0/e/ 		0
0
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Mar 2024 07:07:04 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
49534
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jan 2024 06:42:40 GMT
etag
0x8DC1CA7A90FB975
x-azure-ref
20240306T070703Z-wrr0m006w52ubfmqh1x3qha138000000042g00000000mh6u
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bd0a5e89-001e-0032-04f9-6c928b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/ 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::12 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f30ff786f312b33b8d6257219139f4a0bed7152d2f26f5a108fc56cebc8246a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/08557a0b-c685-40ea-92b5-b0c5037052eb/saml2?SAMLRequest=lZJbj9owEIX%2FSuR3JyYkBCyCRBdVRVpatLB92JfKsSdgyRfqcRa2v74h9LJ96Eor%2BcXjOcfzHc0chTUnvuzi0T3A9w4wJhdrHPLhoSZdcNwL1MidsIA8Sr5bbu55njJ%2BCj566Q15JXlbIRAhRO0dSdarmnwbtWUlqzanatoIWsxYRRulxrSAXM2mRVOJiSTJVwjYa2rSW%2FRCxA7WDqNwsS%2BxvKBsTNlkzyp%2BPeOUVdMnkqx6Fu1EHJTHGE%2FIs8z4g3ap1TJ49G30zmgHqfQ2Y9OyrARrqJxMS1owEHSWNyVtmCzZuGJlDk12JcxJsv0F%2FkE7pd3hbebm1oT8036%2Fpdsvuz1Jlr9zuPMOOwthB%2BFZS3h8uP87K8YIBiwoLQ5Kphd%2F8Uq8DMPKI7QZos%2BehdFKRKDXybLNj8fz5lzXZDG%2F3vkQVVi8x9BCFL2hoHj6YzfPXrvNbyvzuQddr7beaPmSfPTBivj%2FHEbpaKhoRduhlYMV2iyVCoDY52GMP98F6Elq0gqDQLLF7dt%2Fl3PxEw%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
14744
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 07:07:04 GMT
expires
-1
link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.17396.8 - SEASLR1 ProdSlices
x-ms-request-id
40beb14e-0a77-45c5-8072-72c89c036e01
x-xss-protection
0
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
0
ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		0
0
ux.converged.login.strings-de.min_uesj5bztg-br9z_t0dg5ma2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
0
Me.htm
login.live.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us.i.posthog.com
URL
https://us.i.posthog.com/i/v0/e/?compression=gzip-js&ip=1&_=1709708823534&ver=1.111.0
Domain
aadcdn.msauth.net
URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Domain
aadcdn.msauth.net
URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
Domain
aadcdn.msauth.net
URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_uesj5bztg-br9z_t0dg5ma2.js
Domain
login.live.com
URL
https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Domain/Path Name / Value
.xoxoday.com/ Name: __cf_bm
Value: vN9tRLEXtbEkhH1mlyZfQ6ripuoBE.Ogfj7agXKaICQ-1709708816-1.0.1.1-uPSTv9dFS0X.GsLny4a.Kf_h9E81E_qsKXzna4QfqveaqREACig7jZ7yAyrBgl7jqjmJBt.8kIQ0uh0q9gd7ww
.xoxoday.com/ Name: _cfuvid
Value: 1whhql9HwEcrIFxjJU2ZsXKTxtnOeLMQk1GJ7O_F584-1709708816972-0.0.1.1-604800000
sttelemediagdc.xoxoday.com/ Name: st_sdk
Value: 1
.xoxoday.com/ Name: _ga
Value: GA1.1.918128775.1709708818
.sttelemediagdc.xoxoday.com/ Name: pltfm
Value: 1
.xoxoday.com/ Name: cf_clearance
Value: meMhV5kKwTZUUmclrqAG3vESdUnwqgVyimR6gBX3Ryc-1709708819-1.0.1.1-iv9BKhXoPxldzV5D_VR1yJtDEZ4GudmrGkdxm1yHUr5fVCfujglQReSEyiGXXIj9MukmlzCPDmxGL2YM_AufJQ
.sttelemediagdc.xoxoday.com/ Name: redirection_url
Value: %2Fhome%2Fwishboard%2F65e15ce4ee605c8417332381%3Futm_medium%3Demail%26utm_source%3Dnotifications%26utm_campaign%3Dwishboard_new_wish
m.stripe.com/ Name: m
Value: 14d2762a-aca4-438f-b7f5-5f490d2598a56ceb2d
.sttelemediagdc.xoxoday.com/ Name: __stripe_mid
Value: 5e331f10-f447-4423-bcc8-22217fe52af2e3e2a0
.sttelemediagdc.xoxoday.com/ Name: __stripe_sid
Value: 61776e34-dd81-4bbf-a7c4-2612965ac41fe5c5d0
.xoxoday.com/ Name: _cioanonid
Value: 66f275b5-2bc4-b354-1e0e-5e035949be18
.login.microsoftonline.com/ Name: esctx-U4TGArqCktg
Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8CgGM2Rb7sjw0Pm3TfFEIsImAZYjromrZJkreyFxawLv-fpxVshgL7sAABxBDoGfTgV6L_xYNb7EaXfgqHp2CAYmOxJUhJ2kR0rNtl416QWEuaWap9GF9Z1gB7G8G6OAlo4eM0VZznlH0hbDkAk9rNCAA
login.microsoftonline.com/ Name: fpc
Value: AvkmrAO5YG9PutogVJ-lomE
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8ITHnlotU0QsX5HvRj2AKlRdBNpp2BqegNClAiOTqtnQAxLqccHtG8S13DWdN1L2rYP8_6r9izu7xyIE-uua41ny4kjIboGbMsxS6bMtN2KdGGtnPLX8bc36h41tm8kXgWKuNRnS38C0OzyNqBTmJQ5dkUfo5dqQeUomsF-DgkWkgAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.xoxoday.com/ Name: _ga_4C1ETMKY22
Value: GS1.1.1709708817.1.0.1709708823.0.0.0
.xoxoday.com/ Name: ph_phc_Jz0KddPQRP4FSFwjbKcCTeT1x8OGuXsRg9JqB1114RX_posthog
Value: %7B%22distinct_id%22%3A%22018e1296-3dc3-7360-b756-22382d2bd04d%22%2C%22%24sesid%22%3A%5B1709708823533%2C%22018e1296-40f2-73ee-a6c7-c373ef82b95d%22%2C1709708820722%5D%7D
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1

6 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-4C1ETMKY22&l=dataLayer&cx=c(Line 179)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-4C1ETMKY22&gtm=45je4340v9120366261z8810913351za200&_p=1709708817290&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=918128775.1709708818&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709708817&sct=1&seg=0&dl=https%3A%2F%2Fsttelemediagdc.xoxoday.com%2Flogin%3Fdest_url%3DL2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo&dt=Employee%20Rewards%20and%20Recognition%20Solution%20%7C%20Employee%20Success%20Platform%20%7C%20Stt%20Global%20Data%20Centres%20India%20Private%20Limited&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1788' because it violates the following Content Security Policy directive: "connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com".
network error URL: https://sttelemediagdc.xoxoday.com/chef/api/graph/consumer/query/consumer.query.getEnterpriseDashboardConfig
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sttelemediagdc.xoxoday.com/image/clients/sttelemediagdc/sttelemediagdc_1544004187-logo.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://sttelemediagdc.xoxoday.com/login?dest_url=L2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-4C1ETMKY22&l=dataLayer&cx=c(Line 179)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-4C1ETMKY22&gtm=45je4340v9120366261za200&_p=1709708817290&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=918128775.1709708818&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709708817&sct=1&seg=0&dl=https%3A%2F%2Fsttelemediagdc.xoxoday.com%2Flogin%3Fdest_url%3DL2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo&dt=Employee%20Rewards%20and%20Recognition%20Solution%20%7C%20Employee%20Success%20Platform%20%7C%20Stt%20Global%20Data%20Centres%20India%20Private%20Limited&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6792' because it violates the following Content Security Policy directive: "connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-4C1ETMKY22&l=dataLayer&cx=c(Line 179)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-4C1ETMKY22&gtm=45je4340v9120366261za200&_p=1709708817290&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=918128775.1709708818&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=3&sid=1709708817&sct=1&seg=0&dl=https%3A%2F%2Fsttelemediagdc.xoxoday.com%2Flogin%3Fdest_url%3DL2hvbWUvd2lzaGJvYXJkLzY1ZTE1Y2U0ZWU2MDVjODQxNzMzMjM4MT91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9bm90aWZpY2F0aW9ucyZ1dG1fY2FtcGFpZ249d2lzaGJvYXJkX25ld193aXNo&dt=Employee%20Rewards%20and%20Recognition%20Solution%20%7C%20Employee%20Success%20Platform%20%7C%20Stt%20Global%20Data%20Centres%20India%20Private%20Limited&en=user_engagement&_et=5564&tfd=7357' because it violates the following Content Security Policy directive: "connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-8600818a5bb64dbd-FRA' https://js.stripe.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.posthog.com https://us.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com https://www.googletagmanager.com https://*.storage.googleapis.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-src 'self' https://india.perks.xoxoday.com/ https://apps.youforia.store/ https://usa.perks.xoxoday.com/ https://af9c07.myshopify.com/ https://*.app.refyne.co.in/ https://*.uat.refyne.co.in/ https://*.refyne.co.in/ https://perks.xoxoday.com/ https://perks-philippines.myshopify.com/ https://perks-uae.myshopify.com/ https://perksuk.myshopify.com/ https://perksuk.myshopify.com/ https://perksus.myshopify.com/ https://uae.perks.xoxoday.com/ https://uk.perks.xoxoday.com/ https://philippines.perks.xoxoday.com/ https://checkout.razorpay.com/ https://api.razorpay.com/ https://express.razorpay.com/ https://perks.xoxotest.net/ https://calendly.com https://*.hotjar.com https://www.google.com https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://renderer.gist.build https://code.gist.build https://intercom-sheets.com; img-src 'self' https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net data: blob: https://empulsclients.blob.core.windows.net https://*.hotjar.com https://*.xoxoday.com https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://*.storage.googleapis.com https://cdn.jsdelivr.net https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://m.media-amazon.com https://track.customer.io https://*.intercomassets.com https://*.intercomcdn.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://js.stripe.com/ https://*.hotjar.com https://www.google.com https://www.gstatic.com https://js.stripe.com https://app.posthog.com https://*.i.posthog.com https://app.productfruits.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://*.storage.googleapis.com https://assets.customer.io https://code.gist.build https://*.intercom.io https://*.intercomcdn.com; style-src 'self' 'nonce-8600818a5bb64dbd-FRA' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-elem 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://app-static-prod.posthog.com https://app-static-prod.posthog.com https://stackpath.bootstrapcdn.com https://app.productfruits.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; style-src-attr 'self' 'unsafe-inline' https://*.hotjar.com https://fonts.googleapis.com https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/; font-src 'self' https://*.hotjar.com https://fonts.gstatic.com https://www.youtube.com https://*.intercomcdn.com; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com https://get.geojs.io https://listenat.xoxoday.com wss://listenat.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com https://res.cloudinary.com https://fcm.googleapis.com https://www.youtube.com https://www.youtube.com https://vimeo.com https://www.facebook.com https://www.twitch.tv https://soundcloud.com https://streamable.com https://home.wistia.com https://www.dailymotion.com https://www.mixcloud.com https://video.vidyard.com https://cdnapisec.kaltura.com https://player.vimeo.com/ https://*.storage.googleapis.com https://app.posthog.com https://us.i.posthog.com https://*.posthog.com https://app.productfruits.com https://gist-queue-consumer-api.cloud.gist.build https://track.customer.io https://*.intercom.io https://*.intercomcdn.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com wss://*.intercom.io wss://ws.productfruits.com; report-to empuls-csp;worker-src 'self' blob: ; media-src 'self' https://imagestore-002.xoxoday.com https://imagestore-001.xoxoday.com https://empuls-dropbox-oregon-prod.xoxoday.com https://xoxoday-dropbox-oregon-private-prod.s3.us-west-2.amazonaws.com https://xoxoday-dropbox-oregon-public-prod.s3.us-west-2.amazonaws.com https://empulsprodacc.blob.core.windows.net https://empulsprodaccprivate.blob.core.windows.net https://empuls-oregon-private-cloudfront.xoxoday.com https://*.intercomcdn.com; form-action https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; child-src https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.netframe-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
app.posthog.com
app.productfruits.com
assets.customer.io
cdn.trackjs.com
code.gist.build
fonts.googleapis.com
fonts.gstatic.com
imagestore-001.xoxoday.com
imagestore-002.xoxoday.com
js.intercomcdn.com
js.stripe.com
login.live.com
login.microsoftonline.com
m.stripe.com
m.stripe.network
sttelemediagdc.xoxoday.com
track.customer.io
us-assets.i.posthog.com
us.i.posthog.com
widget.intercom.io
www.googletagmanager.com
aadcdn.msauth.net
login.live.com
us.i.posthog.com
151.101.64.176
18.239.83.59
18.245.46.19
2400:52e0:1e00::1080:1
2600:9000:235a:1e00:b:35c1:5cc0:93a1
2600:9000:2491:4400:11:fb43:99c0:93a1
2600:9000:25a2:8400:11:9cfd:9400:93a1
2600:9000:2724:2800:19:7d10:bd80:93a1
2603:1026:3000:148::12
2606:4700:10::6816:3bb5
2606:4700:20::681a:a92
2606:4700::6812:1e13
2620:1ec:bdf::62
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:827::200a
3.225.28.129
35.227.225.220
44.241.19.114
54.73.91.67
14a7828f9836ead158ff135f8086a7b0d4fe796ff16555ad7a1da4ef91b35899
178c30f65f682cc0d6df7fd78312d552a8f3cf950098a21796c664b8fddec37d
1ab3ed1d796b094b1a4dd370702e21600fcb4b555f3828094e4758c588bd289f
1b4d76d9ed9a38d5779a6db440dc9270a24615ccfb3058be2996372acecbf48a
22bad91730427433348dd66328c464493e0e8ae902e6042c9d29840c54cdc82e
23b53f8b462fe9a89e0550089439431c9a7e8b86ec90041e379fa83e8003fb00
26df4efe671c759899ef3f9254aa54838295cc2af121dd043e078e1499582d3c
3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506
31a94b6db31ae72ae41cb97d785364ecf0d1cb5041fbf0ab1e869a05bdd4d61a
34c5520a1ba326151cd272b2064b6ae68e7c1d8d2ffeff64989a9508d4080a57
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
45b047f967daff31a12b5f7152c73683249e11ddeb9076bfaf18799215615c62
4760878852d7ad80691fbcc0cd8712faec855b891502c1b2caecc3b302dc5870
4ae50dc7ccf2bf74a0f91bc9400aa20f85f4cfa5aef770cdfc1eeaec2dbdde3f
4b671b4d71349b520bebce0afcd2afd713798ed04d57ecb4808d26edd75ee5ec
4f30ff786f312b33b8d6257219139f4a0bed7152d2f26f5a108fc56cebc8246a
5234da9821184942c1541d6e4cd9c0284d1b532373810a29b2b22378ab09b271
63fd0069ced51bf0645c28ded71b08ad8d15b1cfb358ff56edb137872e8c62dc
684cb2eab796546bb323b6bed1db3f9f2ad10f48d464c7e520ce21066ddbe13a
79f4ebb4e08dc3c74b4fccee2addb664ab02798d6397f565ade46ff807feab9f
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83faf5f17db901df90368ba6e08d648c8f05ce6d179b0a9c3bfdf4a9d48aee64
88b460e7355e1083e0edce91f732ec92e3e292ad9cb2d6ccbaf3cf8dab325671
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9a23e7b8795e9d5e098500a4fe72372bb291d73fa49587be69c506752a6b1603
9b3eda4f36b8b48f84309b4fb09a6b6b9e636ae114fbd80038ae91dc49e441c2
9bfbca7219c35f0c7c9303544f720d119e3760a7a7e631e06b317ea40d442bd1
a0a4466164ad370ad0963a12b5b70ed1b5c113cb5474258dafb526379c00a3d0
a2c341a2c84b4eb23ba21758e466469b4cf3b0be4b2c96de977f7c13f1c39ddd
a2e14a2bc8f4e7d298bb793243749d9d8720e584a4269e2e5b4dfea78ed0c749
a9b423500bd62a21260dc16b1da6e2eb5a77fbddaa49fbeb97cb3dcec7cdd5b7
b8a30a8925144ecf34ae36038be8f30d915c15335cbb9e4cafa4ca733d8628e0
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d
c76ed64ede571cce1417ac46aedc486ef43d3b3d805e7068a5349ff45cdf0819
c8723edbaae5a25932d9fad830c7fa4f3c169a62ce59e43872107945d6613b8e
cc5d885bcf3553aadd0efa68bd64933d800781354cb5793b16304a8ece7fa753
d29b24915dade1ab36ba62129b8edb463544dfa4ed7c7b87687212a7ef7ec02a
da03335665fb99cc01b7d57e2b33139e6b2e3e3938633ea5a3b48fe7b0275194
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2a8c35a582387f53b4cddcca6e7c01a639e5008ad7cb937902adabcb2c1147e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9fee3e11c689287349f6d7799d55a27421da73861978f706f5eb8003037d7ce
ec35c9790c402643aa2688dc107e09836c648085190406ae1c59ff04f80aa3c3
f0ec27e0508e29c31c21031337a9e0a05911736b8314ee0e4fcf8b69473752ec
f514dd4bdbc18c2d31cbae09b718344f75fcbfc47c7460b9c5a4a17f24eef977
f5cd610df04af99e1df22343133c569ab8cf7b3b2de3f498166ae3b3f2d9c58a
f650f70bd4a8e7ce25699e594dde50a2817bd8cf94f8b591b9468c08095e366a
ff32e0d25c2a53d87e0684d61c85f385fbceb1f910eee49dd208d86564932691