fai.xoxoday.com Open in urlscan Pro
104.18.31.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fai.xoxoday.com/home/f20884ad-3954-4591-b94b-70d2944787ad-1608724647051/post/1634754904533-e3416429-d9d3-4e39-8a...
Effective URL:
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zd...
Submission: On October 20 via api (October 20th 2021, 8:11:12 pm UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 54 HTTP transactions. The main IP is 104.18.31.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is fai.xoxoday.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2021. Valid for: a year.

This is the only time fai.xoxoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 40	104.18.31.19 104.18.31.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
2	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
2	52.222.236.120 52.222.236.120	16509 (AMAZON-02) (AMAZON-02)
1	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	158.69.52.117 158.69.52.117	16276 (OVH) (OVH)
1	34.213.28.223 34.213.28.223	16509 (AMAZON-02) (AMAZON-02)
1	52.219.124.31 52.219.124.31	16509 (AMAZON-02) (AMAZON-02)
54	13

40 104.18.31.19 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

fai.xoxoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-120.fra56.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.52.117 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-3.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.28.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-28-223.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.124.31 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	xoxoday.com 2 redirects fai.xoxoday.com	1 MB
5	stripe.com js.stripe.com q.stripe.com m.stripe.com	66 KB
2	stripe.network m.stripe.network	15 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	trackjs.com cdn.trackjs.com usage.trackjs.com	10 KB
1	amazonaws.com xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com	95 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	doubleclick.net stats.g.doubleclick.net	410 B
1	googletagmanager.com www.googletagmanager.com	42 KB
0	firstam.com Failed sts.firstam.com Failed
54	10

	Domain	Requested by
40	fai.xoxoday.com	2 redirects fai.xoxoday.com cdn.trackjs.com
3	js.stripe.com	fai.xoxoday.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com
1	m.stripe.com	m.stripe.network
1	usage.trackjs.com
1	q.stripe.com	fai.xoxoday.com
1	fonts.googleapis.com	fai.xoxoday.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	fai.xoxoday.com
1	cdn.trackjs.com	fai.xoxoday.com
0	sts.firstam.com Failed	fai.xoxoday.com
54	13

This site contains no links.

Subject Issuer	Validity	Valid
xoxoday.com Cloudflare Inc ECC CA-3	`2021-04-26` - `2022-04-25`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.trackjs.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-11` - `2022-08-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon	`2021-03-26` - `2022-03-15`	a year	crt.sh

This page contains 3 frames:

Frame: https://sts.firstam.com/adfs/ls/?SAMLRequest=hZJNTxsxEIb%2Fysp3r9ebUBorGykQISLRNCLbHrigwTtLLPkj9Xgh%2FPuaDW3pofTo8Tzv%2BLE9J3D2oJZD2vtb%2FDEgpeLorCc1bjRsiF4FIEPKg0NSSavd8suNqstKHWJIQQfL3iEfE0CEMZngWbFeNez%2BfDbFSk86XsmzMz7Vk5rP9ETyHh961ICfPsM5K75jpMw0LEdkkGjAtacEPuVSVUsuK15XbV0pKVUly9m0vmPFKrsYD2kk9ykdSAlBicrexAy7UgcnoOtJWBKs2L7JXBjfGf%2F4scfDqYnUddtu%2BfbrrmXF8pfbZfA0OIw7jE9G47fbmz%2FzezDlMRxDBy%2FjfL3HXhAF8QTWdJCQv16i2LTr6ea5adhi%2FrpWo3Nc%2FDfFYYKcApwOvzPm4n3E%2FPTgm6y0Xm2DNfqluArRQfq3sSzlWDEd78dWhQ6MXXZdRKJsbm14voyYj9%2BwHiwhE4vT2L%2B%2F1uIn&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=OsDk%2BA3oqUzi6ZqePInW4AHcwzIVSUJndFkbi6Io6hP9%2FiveQlOqQCMR5OhcExiWPz4ngtFagbYBfaL6e8Zq8g6RhsNAZ3EsJfhpssM1DIE2%2FdfJv1UVyluqrQLv5NiY%2BzGq9ekgV6Pd9U8sLGG1%2BiiDRxfYR0OqOGPMuuBc%2FUc5aQUcWhjDw%2FJw4w819a3urzNFBMPwi7aXa9bEZxrdEz7r%2BiTs1V0eJ%2FqoomgvQIgEk%2F2%2BGE%2BgEBWnUcivJ9aJ7rDGsiydL0RubPXi3VyD5ZZyDbJ2WgIYbpbtwbpzvkIhxF0m9SBEkcEc3kjlfg0K8%2FDec7QAmg23t8vicDy7HQ%3D%3D
Frame ID: 331883D184C2ACFD9FFDF64C6544299A
Requests: 48 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 595973C1BD5315143D393807AA783692
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1EF968BAA711E3EF9CCF616B0307F549
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fai.xoxoday.com/home/f20884ad-3954-4591-b94b-70d2944787ad-1608724647051/post/1634754904533-e... HTTP 302
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2M... Page URL

Page Statistics

54
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

1336 kB
Transfer

4677 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fai.xoxoday.com/home/f20884ad-3954-4591-b94b-70d2944787ad-1608724647051/post/1634754904533-e3416429-d9d3-4e39-8a79-819090ceb60d?nudge_id=8a30422048b1c6e8ce28dffdd2c4dcc16c7e4e4b&notif_id=7df95ab0361a115ef2eb99305a05b84d&utm_medium=email&utm_source=notifications&utm_campaign=today_work_anniversary_nudge HTTP 302
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://fai.xoxoday.com/image/clients/fai/fai_1504509165-logo.png HTTP 302
https://fai.xoxoday.com/login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n

Request Chain 52

https://fai.xoxoday.com/chef/sso/sso-redirect?company_id=NTI4Nw== HTTP 302
https://sts.firstam.com/adfs/ls/?SAMLRequest=hZJNTxsxEIb%2Fysp3r9ebUBorGykQISLRNCLbHrigwTtLLPkj9Xgh%2FPuaDW3pofTo8Tzv%2BLE9J3D2oJZD2vtb%2FDEgpeLorCc1bjRsiF4FIEPKg0NSSavd8suNqstKHWJIQQfL3iEfE0CEMZngWbFeNez%2BfDbFSk86XsmzMz7Vk5rP9ETyHh961ICfPsM5K75jpMw0LEdkkGjAtacEPuVSVUsuK15XbV0pKVUly9m0vmPFKrsYD2kk9ykdSAlBicrexAy7UgcnoOtJWBKs2L7JXBjfGf%2F4scfDqYnUddtu%2BfbrrmXF8pfbZfA0OIw7jE9G47fbmz%2FzezDlMRxDBy%2FjfL3HXhAF8QTWdJCQv16i2LTr6ea5adhi%2FrpWo3Nc%2FDfFYYKcApwOvzPm4n3E%2FPTgm6y0Xm2DNfqluArRQfq3sSzlWDEd78dWhQ6MXXZdRKJsbm14voyYj9%2BwHiwhE4vT2L%2B%2F1uIn&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=OsDk%2BA3oqUzi6ZqePInW4AHcwzIVSUJndFkbi6Io6hP9%2FiveQlOqQCMR5OhcExiWPz4ngtFagbYBfaL6e8Zq8g6RhsNAZ3EsJfhpssM1DIE2%2FdfJv1UVyluqrQLv5NiY%2BzGq9ekgV6Pd9U8sLGG1%2BiiDRxfYR0OqOGPMuuBc%2FUc5aQUcWhjDw%2FJw4w819a3urzNFBMPwi7aXa9bEZxrdEz7r%2BiTs1V0eJ%2FqoomgvQIgEk%2F2%2BGE%2BgEBWnUcivJ9aJ7rDGsiydL0RubPXi3VyD5ZZyDbJ2WgIYbpbtwbpzvkIhxF0m9SBEkcEc3kjlfg0K8%2FDec7QAmg23t8vicDy7HQ%3D%3D

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
fai.xoxoday.com/
Redirect Chain

https://fai.xoxoday.com/home/f20884ad-3954-4591-b94b-70d2944787ad-1608724647051/post/1634754904533-e3416429-d9d3-4e39-8a79-819090ceb60d?nudge_id=8a30422048b1c6e8ce28dffdd2c4dcc16c7e4e4b&notif_id=7d...
https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV...

16 KB
5 KB

391ms
391ms

Document
text/html

104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e52041837ed6a29c872b92f00459428a8caa2d8104d0a1641f6adf56a595a7e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://.giphy.com https://.licdn.com https://.amazonaws.com https://.s3.amazonaws.com https://.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: fai.xoxoday.com
:scheme: https
:path: /login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 20 Oct 2021 20:10:56 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a14e4774e5af9d2-PRG
content-encoding: gzip

Redirect headers

date: Wed, 20 Oct 2021 20:10:56 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
cache-control: no-cache, no-store, must-revalidate
location: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
vary: Accept
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=; path=/; expires=Wed, 20-Oct-21 20:40:56 GMT; domain=.xoxoday.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 6a14e4750ac3f9d2-PRG

GET
H2 200 material-design-iconic-font.min.css
fai.xoxoday.com/vendors/material-design-iconic-font/css/ 69 KB
8 KB 219ms
218ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors/material-design-iconic-font/css/material-design-iconic-font.min.css

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors/material-design-iconic-font/css/material-design-iconic-font.min.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb35f9d2-PRG

GET
H2 200 weather-icons.min.css
fai.xoxoday.com/vendors/weather-icons/css/ 26 KB
4 KB 234ms
233ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors/weather-icons/css/weather-icons.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c09c6a4a8c69a981ad315ac5bf6d92b3f68aad57f2f527b26f3a5bca517202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors/weather-icons/css/weather-icons.min.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 3989
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb37f9d2-PRG

GET
H2 200 sprite-flags-24x24.css
fai.xoxoday.com/vendors/flag/ 17 KB
2 KB 772ms
772ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors/flag/sprite-flags-24x24.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd3dbbe2f2707587be1e399a99cf7850a798b83127c213a0165b12bd3ef63783

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors/flag/sprite-flags-24x24.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 1675
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb3af9d2-PRG

GET
H2 200 animate.css
fai.xoxoday.com/vendors/ 26 KB
3 KB 242ms
241ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors/animate.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93c8e04661dfa9ae9a664d3c879c76f65288c81609bff288a32e1c260db57426

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors/animate.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb3cf9d2-PRG

GET
H2 200 bootstrap-rtl.css
fai.xoxoday.com/vendors/ 194 KB
26 KB 225ms
225ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors/bootstrap-rtl.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fd7f15e18740cacae91badbd1ccb819e431cdb510d8af3eef4510083de2e733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors/bootstrap-rtl.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 26175
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb3ff9d2-PRG

GET
H2 200 react-notifications.css
fai.xoxoday.com/vendors/react-notification/ 2 KB
844 B 228ms
228ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors/react-notification/react-notifications.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00f3859bc4b09e2c065b94092f469c24c58c92608e34b937b39792cf877d7ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors/react-notification/react-notifications.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 776
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb42f9d2-PRG

GET
H2 200 loader.css
fai.xoxoday.com/vendors/ 2 KB
671 B 230ms
230ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors/loader.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40eb3f63a01f7a841d33b9c36cfe2d4eb18bc9d8bf81348711e991b0ef9bce79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors/loader.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 603
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb43f9d2-PRG

GET
H2 200 react-select.css
fai.xoxoday.com/vendors/react-select/ 11 KB
2 KB 735ms
735ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors/react-select/react-select.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0349a0cbee492036f0b2be5c5fbd4282930779b257bb09a30744839cd0afd2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors/react-select/react-select.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2156
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb44f9d2-PRG

GET
H2 200 style.f2f184b5f06cc7e8e1ac.css
fai.xoxoday.com/ 767 KB
113 KB 293ms
293ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/style.f2f184b5f06cc7e8e1ac.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7304b8b4173d08a3677d8ae674fc3591bd7db70b5eb0d8216f6a41154be4f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /style.f2f184b5f06cc7e8e1ac.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb47f9d2-PRG

GET
H2 200 style.css
fai.xoxoday.com/CustomIcomoon/customIcons/ 4 KB
1 KB 229ms
229ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/CustomIcomoon/customIcons/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30a755619b5a41defe0898aab1cd19fb3890c1b489b3575b5f0122e8b70b267a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /CustomIcomoon/customIcons/style.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 1039
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479eb48f9d2-PRG

GET
H2 200 stylesheet.css
fai.xoxoday.com/fonts/IBM_Plex_Sans/ 2 KB
423 B 247ms
247ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/fonts/IBM_Plex_Sans/stylesheet.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2bc90f677899104fe4297381645c6f9b8ae65910dd52118bda6e2c514a0d502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /fonts/IBM_Plex_Sans/stylesheet.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 355
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb5cf9d2-PRG

GET
H2 200 stylesheet.css
fai.xoxoday.com/fonts/metropolis/ 1 KB
326 B 235ms
235ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/fonts/metropolis/stylesheet.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4480c866a6394c5502675afbe32465bf5b1e2a30151f69dcc4401d3c5503f34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /fonts/metropolis/stylesheet.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 258
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb5ef9d2-PRG

GET
H2 200 stylesheet.css
fai.xoxoday.com/fonts/graphik/ 8 KB
860 B 228ms
228ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/fonts/graphik/stylesheet.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18aabc06c194df4f5de4a5990f4e14741e13ef8594d61cb65364a696a7dc0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /fonts/graphik/stylesheet.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 792
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb5ff9d2-PRG

GET
H2 200 api.js Show response
fai.xoxoday.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 29ms
28ms Script
text/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6a14e479fb6ff9d2-PRG

GET
H2 200 ie.png
fai.xoxoday.com/static/images/browserIcon/ 24 KB
25 KB 244ms
243ms Image
image/png 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fai.xoxoday.com/static/images/browserIcon/ie.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bbe175e5d074e50dcaa253c4c2a0c89a1ba050e8d5cca200e6d12cf77cf3923

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /static/images/browserIcon/ie.png
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a14e479fb71f9d2-PRG
content-length: 25014
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 firefox.png
fai.xoxoday.com/static/images/browserIcon/ 20 KB
20 KB 244ms
243ms Image
image/png 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fai.xoxoday.com/static/images/browserIcon/firefox.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30aec7d1fd57ac4d90ec345d003b8b0253597675cde0d84bbacebddfd57cd18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /static/images/browserIcon/firefox.png
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a14e479fb72f9d2-PRG
content-length: 20840
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 chrome.png
fai.xoxoday.com/static/images/browserIcon/ 13 KB
13 KB 254ms
253ms Image
image/png 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fai.xoxoday.com/static/images/browserIcon/chrome.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4b6756b0f2f06e7c4e347e0ee1d354fe28efd6d0fe233903709dce9b0ea17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /static/images/browserIcon/chrome.png
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a14e479fb73f9d2-PRG
content-length: 13253
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 safari.png
fai.xoxoday.com/static/images/browserIcon/ 19 KB
19 KB 241ms
240ms Image
image/png 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fai.xoxoday.com/static/images/browserIcon/safari.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe415ecf3aafc9cd7109afad3f9ed66cd9f3c1b3821d0e28d172b2c459635f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /static/images/browserIcon/safari.png
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a14e479fb74f9d2-PRG
content-length: 18992
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 jquery-3.5.1.slim.min.js Show response
fai.xoxoday.com/js/ 71 KB
24 KB 268ms
266ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/js/jquery-3.5.1.slim.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /js/jquery-3.5.1.slim.min.js
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 24659
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb60f9d2-PRG

GET
H2 200 popper.min.js Show response
fai.xoxoday.com/js/ 20 KB
7 KB 217ms
215ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/js/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /js/popper.min.js
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7241
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb62f9d2-PRG

GET
H2 200 bootstrap.min.js Show response
fai.xoxoday.com/js/ 49 KB
14 KB 227ms
225ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb64f9d2-PRG

GET
H2 200 material-icons.css
fai.xoxoday.com/fonts/material_icons/ 970 B
512 B 216ms
214ms Stylesheet
text/css 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/fonts/material_icons/material-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb727c828f3957ada8e546f9bce9c9c733bc1d2f09a83eb47f2114302cd9f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /fonts/material_icons/material-icons.css
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 444
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb66f9d2-PRG

GET
H2 200 common.js Show response
fai.xoxoday.com/js/ 21 B
86 B 247ms
245ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/js/common.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b423500bd62a21260dc16b1da6e2eb5a77fbddaa49fbeb97cb3dcec7cdd5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /js/common.js
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a14e479fb67f9d2-PRG
content-length: 21
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 / Show response
js.stripe.com/v3/ 264 KB
64 KB 36ms
6ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

810c4ec2fd4b4ac9ca638fbebd651512e2d13a6e4f1aecb461d43ce06f391130

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 143
via: 1.1 varnish
x-cache: HIT
content-length: 64476
x-amz-id-2: rq+WWm8UhNg+dInNguzJky2Ol/CXATMGZdTys+WzJNTI6MUwhGGX945kW0QwM23r7D71cZ+mx8w=
x-served-by: cache-hhn4055-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 22:04:33 GMT
server: AmazonS3
etag: "162d95aadbf0d6bd433739b5c2433fea"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: KFJQXHXW2XJWBPSN
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 164

GET
H2 200 firebase-app.js Show response
fai.xoxoday.com/js/ 34 KB
12 KB 232ms
230ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/js/firebase-app.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f650f70bd4a8e7ce25699e594dde50a2817bd8cf94f8b591b9468c08095e366a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /js/firebase-app.js
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 12399
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb69f9d2-PRG

GET
H2 200 firebase-messaging.js Show response
fai.xoxoday.com/js/ 35 KB
10 KB 232ms
231ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/js/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a30a8925144ecf34ae36038be8f30d915c15335cbb9e4cafa4ca733d8628e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /js/firebase-messaging.js
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb6cf9d2-PRG

GET
H2 200 bundle.f2f184b5f06cc7e8e1ac.js Show response
fai.xoxoday.com/ 1 MB
313 KB 269ms
267ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c682fc42f7a729f1170627881f171cac0896296cbcb31f71c44b982ebd29f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /bundle.f2f184b5f06cc7e8e1ac.js
pragma: no-cache
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e479fb6ef9d2-PRG

GET
H2 200 t.js Show response
cdn.trackjs.com/agent/v3/latest/ 29 KB
9 KB 26ms
10ms Script
application/javascript 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by: Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:56 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:40:38 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 8ZJ82FEGXV07M7M7
etag: W/"48ead32171e554edb2744890102504b0"
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-max-age=3600, max-age=604800, public
x-amz-meta-content-type: application/javascript
x-amz-id-2: WN5CNcekkkh32oLmMgKQYcncAjuod/C6T4uqA2b5QFm0IRQvIb6/yv5qGep7YIorvlOLelZS30c=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
42 KB 74ms
32ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8HNG5D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6ef2cacd05be727ec9fe621ba6bff2ad4e74eca000eadb768c035df7d973219f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 19:40:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 20:10:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8HNG5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 5040
date: Wed, 20 Oct 2021 18:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 20 Oct 2021 20:46:57 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 14ms
13ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1466053775&t=pageview&_s=1&dl=https%3A%2F%2Ffai.xoxoday.com%2Flogin%3Fdest_url%3DL2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl&ul=en-us&de=UTF-8&dt=Employee%20Rewards%20and%20Recognition%20Solution%20%7C%20Employee%20Success%20Platform%20%7C%20First%20American%20(india)%20Private%20Limited&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=875778015&gjid=285077479&cid=302697311.1634760657&tid=UA-137252764-1&_gid=47144763.1634760657&_r=1&gtm=2wgai0N8HNG5D&z=346474982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fai.xoxoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 20:10:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fai.xoxoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
410 B 43ms
14ms XHR
text/plain 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-137252764-1&cid=302697311.1634760657&jid=875778015&gjid=285077479&_gid=47144763.1634760657&_u=YEBAAAAAAAAAAC~&z=348685664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fai.xoxoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Oct 2021 20:10:57 GMT
content-type: text/plain
access-control-allow-origin: https://fai.xoxoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 59ms
24ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/style.f2f184b5f06cc7e8e1ac.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

a3b68c4aad59fb65a0ececd9d6e8fd467b3d2f23a2ee8d50d076fcbc890deafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 20:10:57 GMT
server: ESF
date: Wed, 20 Oct 2021 20:10:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 20:10:57 GMT

GET
H2 200 fetchFrontend Show response
fai.xoxoday.com/chef/language/ 1 MB
326 KB 278ms
277ms Fetch
application/json 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/chef/language/fetchFrontend

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d5e60353888a58f753c7549355bf9733c764778118f2cfe91e6bbc35ed0966

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
csrf
accept-encoding: gzip, deflate, br
hash
accept-language: de-DE,de;q=0.9
lng: en
sec-fetch-dest: empty
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=; _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1
pltfm: 1
:path: /chef/language/fetchFrontend
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
csrf
hash
Accept-Language: de-DE,de;q=0.9
lng: en
pltfm: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-allow-credentials: true
xoxo-tracer-id: d5ee7560-31e1-11ec-ac14-230e5f437708
cf-ray: 6a14e47f6c3ff9d2-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame 5959 240 B
544 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-f7902241893e7a497417843cb15dc858.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fai.xoxoday.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/

Response headers

x-amz-id-2: 4twYMzGFKZxyNOvOOF9drJay8/pTuNs+Ph5tRhnM3jPBo9TnwuHgoAkLeznjeyqcztzQBq1N1qo=
x-amz-request-id: PR22Y218FS3C6MT5
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
etag: "f7902241893e7a497417843cb15dc858"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Wed, 20 Oct 2021 20:10:57 GMT
via: 1.1 varnish
age: 67
x-served-by: cache-hhn4055-HHN
x-cache: HIT
x-cache-hits: 130
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 141

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5959 1 KB
827 B 9ms
8ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
content-encoding: br
vary: Accept-Encoding
age: 70
via: 1.1 varnish
x-cache: HIT
content-length: 645
x-amz-id-2: HRINMDo5ekrpPu+9c93OznX7/9MXrEUhKztx8Ee7Poreyst4Eimnr4m8JleIOvwa3DplG0S/OUs=
x-served-by: cache-hhn4055-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:00 GMT
server: AmazonS3
etag: "5213886b88cd72e6d0aebc89868e5d13"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: NHATZM9HJBMFEKS4
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 135

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1EF9 932 B
2 KB 25ms
7ms Document
text/html 52.222.236.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.120 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-120.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
date: Wed, 20 Oct 2021 20:07:45 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 934706f40ffde6f857deae8d024c1193.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: VCX7_dhPHj2kztZMh9dDhBhu7KoflvpP5bEtcon0oQkldUNFt2gK3w==
age: 193

POST
H2 204 result Show response
fai.xoxoday.com/cdn-cgi/bm/cv/ 0
383 B 17ms
17ms XHR
text/plain 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fai.xoxoday.com/cdn-cgi/bm/cv/result?req_id=6a14e4774e5af9d2
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://fai.xoxoday.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __cf_bm=SYVJalqMnaa7BCKDrUm8A9PFBCyUYnYB2240mziHnPE-1634760656-0-AdcDd6g9Ltx1DfG5jRD2ZxE4ktROPlAoN6WtTCObnG/wwf+EnZGMeHbutP8EqEi9f3hmF5gvA0gHIplnP74tGBI=; _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1
content-length: 956
:path: /cdn-cgi/bm/cv/result?req_id=6a14e4774e5af9d2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 20:10:57 GMT
server: cloudflare
set-cookie: __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P; path=/; expires=Wed, 20-Oct-21 20:40:57 GMT; domain=.xoxoday.com; HttpOnly; Secure; SameSite=None
cf-ray: 6a14e47fecf6f9d2-PRG
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

POST
H2 200 csp-report
q.stripe.com/ Frame 1EF9 0
121 B 499ms
167ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 20 Oct 2021 20:10:58 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 1EF9 85 KB
14 KB 8ms
8ms Script
application/javascript 52.222.236.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.120 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-120.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: Cloudfront
age: 58
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 934706f40ffde6f857deae8d024c1193.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
vary: Accept-Encoding,Accept-Encoding
x-amz-cf-id: ZX5EAYn-8R8A6v_xrFUOOfX_S1Qn_M1SESM2uGRYRHclJnxMyTpRwQ==

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 392ms
97ms Image
image/gif 158.69.52.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=243963c89e634a1dbb45c346bbc856d6&correlationId=9c9d17ae-44c2-4669-9bac-a2daf5af1a4b&application=empuls-prod&x=bd5e2a49-786e-4e52-904e-db7cc6d79baa&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.52.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-3.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 20:10:58 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 6 Show response
m.stripe.com/ Frame 1EF9 156 B
517 B 595ms
166ms XHR
text/plain 34.213.28.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.28.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-28-223.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

29027820bc6bf8b2a135f4907e3cd6d3909290c69f2909c1ae3e2e03ee788bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 20:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 vendors~home~login~logout~resetpassword.0962dc7e4f986f8d7cca.bundle.js Show response
fai.xoxoday.com/ 22 KB
8 KB 222ms
221ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors~home~login~logout~resetpassword.0962dc7e4f986f8d7cca.bundle.js

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e89010da50b0c184635fe8055768834c7f0bad962186c6690046564323f43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors~home~login~logout~resetpassword.0962dc7e4f986f8d7cca.bundle.js
pragma: no-cache
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7735
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e4844c89f9d2-PRG

GET
H2 200 vendors~login~logout.c4963e3bc499aed64365.bundle.js Show response
fai.xoxoday.com/ 17 KB
5 KB 225ms
224ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/vendors~login~logout.c4963e3bc499aed64365.bundle.js

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42564beab156630df77f40b2c20121cde58943fbe64ff56c568a233ab5cc04e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /vendors~login~logout.c4963e3bc499aed64365.bundle.js
pragma: no-cache
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 5373
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e4844c8cf9d2-PRG

GET
H2 200 login~logout.773f68be8df11fcf2757.bundle.js Show response
fai.xoxoday.com/ 16 KB
4 KB 212ms
211ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/login~logout.773f68be8df11fcf2757.bundle.js

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a46bf04f54bb96acf8cc83cd7dec3f68c0ebf99bde3ef23852f18871e06b3563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /login~logout.773f68be8df11fcf2757.bundle.js
pragma: no-cache
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 4116
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e4844c8df9d2-PRG

GET
H2 200 login.ef80fbc97b027a38b709.bundle.js Show response
fai.xoxoday.com/ 31 KB
8 KB 768ms
767ms Script
application/javascript 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/login.ef80fbc97b027a38b709.bundle.js

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/bundle.f2f184b5f06cc7e8e1ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4530e79d594e50084c5d68d5915bf5220f546120dc3a3c0237ebda120c876314

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /login.ef80fbc97b027a38b709.bundle.js
pragma: no-cache
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7870
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 6a14e4844c8ef9d2-PRG

GET
H/1.1 200
OK Pinnacle%20Logo.png
xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com/image/clients/10528700000000000/platform_setting/ 95 KB
95 KB 668ms
186ms Image
image/png 52.219.124.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com/image/clients/10528700000000000/platform_setting/Pinnacle%20Logo.png?versionId=EiQb_Agk0w5nHKfPBJl67M4m3th9Xrpo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.31 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b5216bb14bdebe09b243f0a4a131e9be8e43c6d6dfdb6943d6e7cdb76d05186d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 20:11:00 GMT
Last-Modified: Mon, 28 Dec 2020 05:00:40 GMT
Server: AmazonS3
x-amz-request-id: 7MYEDH1B3YB03WZT
ETag: "abeeffda8520fadf6ab0eedb0ac1ddf7"
Content-Type: image/png
x-amz-version-id: EiQb_Agk0w5nHKfPBJl67M4m3th9Xrpo
Accept-Ranges: bytes
Content-Length: 96885
x-amz-id-2: XYZmQ/tARi6Zu+YuRe4+9rrcMR/m8g1eaezJn5mnUrhEUsrOZYIgQSdhgczUwmTZjz9Xiufnj3E=

GET
H2 200 loading.gif
fai.xoxoday.com/img/ 10 KB
11 KB 218ms
217ms Image
image/gif 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fai.xoxoday.com/img/loading.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38eab160f6b3a61bd6e97d39782a8692eb9fc7b11338f71f97dff2850d63f1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /img/loading.gif
pragma: no-cache
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P; __stripe_mid=af40c9c8-129c-4f13-a060-88e18ef10f807767e0; __stripe_sid=0a070906-e369-44ec-8141-c8ce58d43999dcb7ca
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:59 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: public, max-age=0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a14e4892bebf9d2-PRG
content-length: 10741
x-xss-protection: 1; mode=block 1; mode=block

GET
H2

200

https://fai.xoxoday.com/image/clients/fai/fai_1504509165-logo.png
https://fai.xoxoday.com/login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n

5 KB
5 KB

387ms
386ms

Image
text/html

104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fai.xoxoday.com/login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://.giphy.com https://.licdn.com https://.amazonaws.com https://.s3.amazonaws.com https://.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n
pragma: no-cache
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P; __stripe_mid=af40c9c8-129c-4f13-a060-88e18ef10f807767e0; __stripe_sid=0a070906-e369-44ec-8141-c8ce58d43999dcb7ca
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fai.xoxoday.com/login?dest_url=L2hvbWUvZjIwODg0YWQtMzk1NC00NTkxLWI5NGItNzBkMjk0NDc4N2FkLTE2MDg3MjQ2NDcwNTEvcG9zdC8xNjM0NzU0OTA0NTMzLWUzNDE2NDI5LWQ5ZDMtNGUzOS04YTc5LTgxOTA5MGNlYjYwZD9udWRnZV9pZD04YTMwNDIyMDQ4YjFjNmU4Y2UyOGRmZmRkMmM0ZGNjMTZjN2U0ZTRiJm5vdGlmX2lkPTdkZjk1YWIwMzYxYTExNWVmMmViOTkzMDVhMDViODRkJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ub3RpZmljYXRpb25zJnV0bV9jYW1wYWlnbj10b2RheV93b3JrX2Fubml2ZXJzYXJ5X251ZGdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
cf-ray: 6a14e48dec34f9d2-PRG

Redirect headers

date: Wed, 20 Oct 2021 20:11:00 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept
content-length: 117
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
location: https://fai.xoxoday.com/login?dest_url=L2ltYWdlL2NsaWVudHMvZmFpL2ZhaV8xNTA0NTA5MTY1LWxvZ28ucG5n
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://*.giphy.com https://*.licdn.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://*.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://*.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://*.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
cf-ray: 6a14e4893beff9d2-PRG

GET
H2 200 Graphik-Light.woff2
fai.xoxoday.com/fonts/graphik/ 35 KB
35 KB 216ms
215ms Font
font/woff2 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/fonts/graphik/Graphik-Light.woff2

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/fonts/graphik/stylesheet.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f170a2c634b5385cc26efaf40223b6c2ae6b67faf47de17d51486fcf0dc4ad32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://fai.xoxoday.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P; __stripe_mid=af40c9c8-129c-4f13-a060-88e18ef10f807767e0; __stripe_sid=0a070906-e369-44ec-8141-c8ce58d43999dcb7ca
:path: /fonts/graphik/Graphik-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/fonts/graphik/stylesheet.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fai.xoxoday.com/fonts/graphik/stylesheet.css
Origin: https://fai.xoxoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:59 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/woff2
cache-control: public, max-age=0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a14e4893bf1f9d2-PRG
content-length: 36124
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 Graphik-Regular.woff2
fai.xoxoday.com/fonts/graphik/ 34 KB
34 KB 223ms
222ms Font
font/woff2 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/fonts/graphik/Graphik-Regular.woff2

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/fonts/graphik/stylesheet.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c3fb453d635826f7fb3eeb369e7e469008e8d80ed9b6078769468b2b8ba1fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://fai.xoxoday.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P; __stripe_mid=af40c9c8-129c-4f13-a060-88e18ef10f807767e0; __stripe_sid=0a070906-e369-44ec-8141-c8ce58d43999dcb7ca
:path: /fonts/graphik/Graphik-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/fonts/graphik/stylesheet.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fai.xoxoday.com/fonts/graphik/stylesheet.css
Origin: https://fai.xoxoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 20:10:59 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/woff2
cache-control: public, max-age=0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a14e4893bf2f9d2-PRG
content-length: 34352
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 icomoon.ttf
fai.xoxoday.com/CustomIcomoon/customIcons/fonts/ 31 KB
18 KB 221ms
221ms Font
font/ttf 104.18.31.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fai.xoxoday.com/CustomIcomoon/customIcons/fonts/icomoon.ttf?9hhou1

Requested by

Host: fai.xoxoday.com
URL: https://fai.xoxoday.com/CustomIcomoon/customIcons/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e7d5278ef29cfa1c77e5e90b983b4462caa2f1a8fec1f78118e37f133b14a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://fai.xoxoday.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _ga=GA1.3.302697311.1634760657; _gid=GA1.3.47144763.1634760657; _gat_UA-137252764-1=1; lng=en; pltfm=1; __cf_bm=_APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P; __stripe_mid=af40c9c8-129c-4f13-a060-88e18ef10f807767e0; __stripe_sid=0a070906-e369-44ec-8141-c8ce58d43999dcb7ca
:path: /CustomIcomoon/customIcons/fonts/icomoon.ttf?9hhou1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fai.xoxoday.com
referer: https://fai.xoxoday.com/CustomIcomoon/customIcons/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fai.xoxoday.com/CustomIcomoon/customIcons/style.css
Origin: https://fai.xoxoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a14e4893bf3f9d2-PRG
date: Wed, 20 Oct 2021 20:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/ttf
cache-control: public, max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block 1; mode=block

GET

/
sts.firstam.com/adfs/ls/
Redirect Chain

https://fai.xoxoday.com/chef/sso/sso-redirect?company_id=NTI4Nw==
https://sts.firstam.com/adfs/ls/?SAMLRequest=hZJNTxsxEIb%2Fysp3r9ebUBorGykQISLRNCLbHrigwTtLLPkj9Xgh%2FPuaDW3pofTo8Tzv%2BLE9J3D2oJZD2vtb%2FDEgpeLorCc1bjRsiF4FIEPKg0NSSavd8suNqstKHWJIQQfL3iEfE0CEMZng...

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sts.firstam.com
URL: https://sts.firstam.com/adfs/ls/?SAMLRequest=hZJNTxsxEIb%2Fysp3r9ebUBorGykQISLRNCLbHrigwTtLLPkj9Xgh%2FPuaDW3pofTo8Tzv%2BLE9J3D2oJZD2vtb%2FDEgpeLorCc1bjRsiF4FIEPKg0NSSavd8suNqstKHWJIQQfL3iEfE0CEMZngWbFeNez%2BfDbFSk86XsmzMz7Vk5rP9ETyHh961ICfPsM5K75jpMw0LEdkkGjAtacEPuVSVUsuK15XbV0pKVUly9m0vmPFKrsYD2kk9ykdSAlBicrexAy7UgcnoOtJWBKs2L7JXBjfGf%2F4scfDqYnUddtu%2BfbrrmXF8pfbZfA0OIw7jE9G47fbmz%2FzezDlMRxDBy%2FjfL3HXhAF8QTWdJCQv16i2LTr6ea5adhi%2FrpWo3Nc%2FDfFYYKcApwOvzPm4n3E%2FPTgm6y0Xm2DNfqluArRQfq3sSzlWDEd78dWhQ6MXXZdRKJsbm14voyYj9%2BwHiwhE4vT2L%2B%2F1uIn&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=OsDk%2BA3oqUzi6ZqePInW4AHcwzIVSUJndFkbi6Io6hP9%2FiveQlOqQCMR5OhcExiWPz4ngtFagbYBfaL6e8Zq8g6RhsNAZ3EsJfhpssM1DIE2%2FdfJv1UVyluqrQLv5NiY%2BzGq9ekgV6Pd9U8sLGG1%2BiiDRxfYR0OqOGPMuuBc%2FUc5aQUcWhjDw%2FJw4w819a3urzNFBMPwi7aXa9bEZxrdEz7r%2BiTs1V0eJ%2FqoomgvQIgEk%2F2%2BGE%2BgEBWnUcivJ9aJ7rDGsiydL0RubPXi3VyD5ZZyDbJ2WgIYbpbtwbpzvkIhxF0m9SBEkcEc3kjlfg0K8%2FDec7QAmg23t8vicDy7HQ%3D%3D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fai.xoxoday.com/	1970-01-20 15:37:12	Name: _ga Value: GA1.3.302697311.1634760657
.fai.xoxoday.com/	1970-01-19 22:07:27	Name: _gid Value: GA1.3.47144763.1634760657
.fai.xoxoday.com/	1970-01-19 22:06:00	Name: _gat_UA-137252764-1 Value: 1
.xoxoday.com/	1978-01-11 21:31:40	Name: lng Value: en
.fai.xoxoday.com/	1978-01-11 21:31:40	Name: pltfm Value: 1
.xoxoday.com/	1970-01-19 22:06:02	Name: __cf_bm Value: _APSajHBt5rcIQ7oEt.UNFDUqf8mI8qR9gmcSbbCnUA-1634760657-0-AUYAsxCZ/8GX5he/P3DKXG0ZwCWsWqVdjE8qI7bZIy+AFYnPid63QGaJ6x+CCkfXk956rrYfzQCiR9vMMsWSpl3S/foUI9piH+6jzq7t7wY5I+8UVF1w1rWRePnBJ+76Lnn6Rgp601jK0f/yc+zeI9vhinQkzdJK+v8h8GE7zT6P
m.stripe.com/	1970-01-20 15:37:12	Name: m Value: 65b253d3-f713-4049-a1d9-a2be011906bd9acc48
.fai.xoxoday.com/	1970-01-20 06:51:36	Name: __stripe_mid Value: af40c9c8-129c-4f13-a060-88e18ef10f807767e0
.fai.xoxoday.com/	1970-01-19 22:06:02	Name: __stripe_sid Value: 0a070906-e369-44ec-8141-c8ce58d43999dcb7ca
.fai.xoxoday.com/	1970-01-19 22:06:00	Name: redirection_url Value: %2Fhome%2Ff20884ad-3954-4591-b94b-70d2944787ad-1608724647051%2Fpost%2F1634754904533-e3416429-d9d3-4e39-8a79-819090ceb60d%3Fnudge_id%3D8a30422048b1c6e8ce28dffdd2c4dcc16c7e4e4b%26notif_id%3D7df95ab0361a115ef2eb99305a05b84d%26utm_medium%3Demail%26utm_source%3Dnotifications%26utm_campaign%3Dtoday_work_anniversary_nudge

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.gstatic.com https://js.stripe.com https://cdn.trackjs.com/ https://www.googletagmanager.com https://cdn.pendo.io https://.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.youtube.com; frame-src 'self' https://js.stripe.com https://www.google-analytics.com https://docs.google.com https://app.pendo.io https://www.youtube.com; img-src 'self' data: blob: https://.giphy.com https://.licdn.com https://.amazonaws.com https://.s3.amazonaws.com https://.s3.ap-southeast-1.amazonaws.com https://usage.trackjs.com https://res.cloudinary.com https://data.pendo.io https://.storage.googleapis.com https://cdn.jsdelivr.net https://cdn.pendo.io https://www.google-analytics.com https://www.googletagmanager.com https://via.placeholder.com https://app.pendo.io https://www.youtube.com; script-src-elem 'self' https://js.stripe.com https://cdn.trackjs.com https://www.googletagmanager.com https://cdn.pendo.io https://.storage.googleapis.com https://data.pendo.io 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://app.pendo.io https://www.gstatic.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://.storage.googleapis.com https://www.youtube.com; style-src-elem 'self' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://stackpath.bootstrapcdn.com https://www.gstatic.com https://.storage.googleapis.com https://fonts.googleapis.com https://www.youtube.com; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com 'unsafe-inline' https://cdn.pendo.io https://data.pendo.io https://www.gstatic.com https://*.storage.googleapis.com https://www.youtube.com; font-src 'self' https://fonts.gstatic.com https://www.youtube.com; connect-src 'self' https://get.geojs.io https://listenat.xoxoday.com https://www.google-analytics.com https://stats.g.doubleclick.net https://capture.trackjs.com wss://listenat.xoxoday.com https://fcm.googleapis.com https://data.pendo.io https://www.youtube.com; report-uri /chef/csp_report;
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.trackjs.com
fai.xoxoday.com
fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
stats.g.doubleclick.net
sts.firstam.com
usage.trackjs.com
www.google-analytics.com
www.googletagmanager.com
xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com
sts.firstam.com
104.18.31.19
142.250.185.104
142.250.185.142
142.250.186.170
151.101.128.176
158.69.52.117
34.213.28.223
52.219.124.31
52.222.236.120
54.186.23.98
64.233.167.154
94.31.29.32
00f3859bc4b09e2c065b94092f469c24c58c92608e34b937b39792cf877d7ea9
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0349a0cbee492036f0b2be5c5fbd4282930779b257bb09a30744839cd0afd2a8
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e7d5278ef29cfa1c77e5e90b983b4462caa2f1a8fec1f78118e37f133b14a93
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
29027820bc6bf8b2a135f4907e3cd6d3909290c69f2909c1ae3e2e03ee788bb2
29c09c6a4a8c69a981ad315ac5bf6d92b3f68aad57f2f527b26f3a5bca517202
2bbe175e5d074e50dcaa253c4c2a0c89a1ba050e8d5cca200e6d12cf77cf3923
2fd7f15e18740cacae91badbd1ccb819e431cdb510d8af3eef4510083de2e733
30a755619b5a41defe0898aab1cd19fb3890c1b489b3575b5f0122e8b70b267a
30aec7d1fd57ac4d90ec345d003b8b0253597675cde0d84bbacebddfd57cd18b
38eab160f6b3a61bd6e97d39782a8692eb9fc7b11338f71f97dff2850d63f1e3
40eb3f63a01f7a841d33b9c36cfe2d4eb18bc9d8bf81348711e991b0ef9bce79
42564beab156630df77f40b2c20121cde58943fbe64ff56c568a233ab5cc04e8
4480c866a6394c5502675afbe32465bf5b1e2a30151f69dcc4401d3c5503f34d
4530e79d594e50084c5d68d5915bf5220f546120dc3a3c0237ebda120c876314
63d5e60353888a58f753c7549355bf9733c764778118f2cfe91e6bbc35ed0966
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef2cacd05be727ec9fe621ba6bff2ad4e74eca000eadb768c035df7d973219f
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a
7fe415ecf3aafc9cd7109afad3f9ed66cd9f3c1b3821d0e28d172b2c459635f4
810c4ec2fd4b4ac9ca638fbebd651512e2d13a6e4f1aecb461d43ce06f391130
8c682fc42f7a729f1170627881f171cac0896296cbcb31f71c44b982ebd29f4e
93c8e04661dfa9ae9a664d3c879c76f65288c81609bff288a32e1c260db57426
9c3fb453d635826f7fb3eeb369e7e469008e8d80ed9b6078769468b2b8ba1fb2
a2bc90f677899104fe4297381645c6f9b8ae65910dd52118bda6e2c514a0d502
a3b68c4aad59fb65a0ececd9d6e8fd467b3d2f23a2ee8d50d076fcbc890deafd
a46bf04f54bb96acf8cc83cd7dec3f68c0ebf99bde3ef23852f18871e06b3563
a9b423500bd62a21260dc16b1da6e2eb5a77fbddaa49fbeb97cb3dcec7cdd5b7
ab4b6756b0f2f06e7c4e347e0ee1d354fe28efd6d0fe233903709dce9b0ea17c
afb727c828f3957ada8e546f9bce9c9c733bc1d2f09a83eb47f2114302cd9f2b
b3e89010da50b0c184635fe8055768834c7f0bad962186c6690046564323f43d
b5216bb14bdebe09b243f0a4a131e9be8e43c6d6dfdb6943d6e7cdb76d05186d
b8a30a8925144ecf34ae36038be8f30d915c15335cbb9e4cafa4ca733d8628e0
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c7304b8b4173d08a3677d8ae674fc3591bd7db70b5eb0d8216f6a41154be4f2a
cd3dbbe2f2707587be1e399a99cf7850a798b83127c213a0165b12bd3ef63783
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e18aabc06c194df4f5de4a5990f4e14741e13ef8594d61cb65364a696a7dc0f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e52041837ed6a29c872b92f00459428a8caa2d8104d0a1641f6adf56a595a7e6
f170a2c634b5385cc26efaf40223b6c2ae6b67faf47de17d51486fcf0dc4ad32
f650f70bd4a8e7ce25699e594dde50a2817bd8cf94f8b591b9468c08095e366a
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

fai.xoxoday.com Open in urlscan Pro 104.18.31.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

54 Requests

98 %HTTPS

0 %IPv6

10 Domains

13 Subdomains

13 IPs

4 Countries

1336 kBTransfer

4677 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fai.xoxoday.com Open in urlscan Pro
104.18.31.19 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

1336 kB
Transfer

4677 kB
Size

10
Cookies

54 HTTP transactions
0 data transactions