0 |
2017-03-21 - 2017-06-02 |
False |
True |
False |
0 |
False |
False |
False |
0 |
upgrade-insecure-requests; |
1 |
2017-06-04 - 2018-02-15 |
False |
True |
False |
0 |
False |
False |
False |
0 |
upgrade-insecure-requests; |
2 |
2018-02-16 - 2018-02-23 |
False |
True |
True |
0 |
True |
True |
True |
93 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; form-action connect.facebook.net *.bloomingdales.com 'self' *.fds.com www.facebook.com bloomingdales.ugc.bazaarvoice.com bloomingdales.com ct.pinterest.com fashion.bloomingdales.com www.bloomingdales.com m.bloomingdales.com customerservice.bloomingdales.com www.bloomingdalesfashionpacked.com syndication.twitter.com www.customerservice-bloomingdales.com www1.bloomingdales.com as00.estara.com locations.bloomingdales.com platform.twitter.com; media-src *.brightcove.com vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com blob: *.fds.com m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com secure.brightcove.com h.online-metrix.net metrics.brightcove.com *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com bloomingdales-dev.widget.custhelp.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
3 |
2018-02-25 - 2018-03-06 |
False |
True |
True |
0 |
True |
True |
True |
0 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; form-action connect.facebook.net *.bloomingdales.com 'self' *.fds.com www.facebook.com bloomingdales.ugc.bazaarvoice.com bloomingdales.com ct.pinterest.com fashion.bloomingdales.com www.bloomingdales.com m.bloomingdales.com customerservice.bloomingdales.com www.bloomingdalesfashionpacked.com syndication.twitter.com www.customerservice-bloomingdales.com www1.bloomingdales.com as00.estara.com locations.bloomingdales.com platform.twitter.com; media-src *.brightcove.com vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com blob: *.fds.com m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com secure.brightcove.com h.online-metrix.net metrics.brightcove.com *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com bloomingdales-dev.widget.custhelp.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
4 |
2018-03-07 - 2018-03-29 |
False |
True |
False |
0 |
False |
False |
False |
93 |
upgrade-insecure-requests; |
5 |
2018-03-30 - 2018-04-16 |
False |
True |
True |
0 |
True |
True |
True |
76 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; media-src *.brightcove.com vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com blob: *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com secure.brightcove.com h.online-metrix.net metrics.brightcove.com *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com bloomingdales-dev.widget.custhelp.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
6 |
2018-04-17 - 2018-05-04 |
True |
True |
True |
0 |
True |
True |
True |
11 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
7 |
2018-05-05 - 2018-05-15 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
8 |
2018-05-16 - 2018-05-16 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
9 |
2018-05-17 - 2018-05-20 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
10 |
2018-05-21 - 2018-05-21 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
11 |
2018-05-22 - 2018-05-23 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
12 |
2018-05-24 - 2018-05-24 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
13 |
2018-05-25 - 2018-05-26 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
14 |
2018-05-27 - 2018-05-27 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
15 |
2018-05-28 - 2018-06-14 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
16 |
2018-06-15 - 2018-06-15 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
17 |
2018-06-16 - 2018-06-26 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
18 |
2018-06-27 - 2018-06-30 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
19 |
2018-07-01 - 2018-07-01 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
20 |
2018-07-02 - 2018-07-04 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
21 |
2018-07-05 - 2018-07-07 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
22 |
2018-07-08 - 2018-07-18 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
23 |
2018-07-19 - 2018-07-27 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
24 |
2018-07-28 - 2018-07-28 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
25 |
2018-07-29 - 2018-07-29 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
26 |
2018-07-30 - 2018-07-31 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
27 |
2018-08-01 - 2018-08-01 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
28 |
2018-08-02 - 2018-08-03 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
29 |
2018-08-04 - 2018-08-04 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
30 |
2018-08-05 - 2018-08-05 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
31 |
2018-08-06 - 2018-08-06 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
32 |
2018-08-07 - 2018-08-07 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
33 |
2018-08-08 - 2018-08-08 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
34 |
2018-08-09 - 2018-08-09 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
35 |
2018-08-10 - 2018-08-11 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
36 |
2018-08-12 - 2018-08-12 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
37 |
2018-08-13 - 2018-08-14 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
38 |
2018-08-15 - 2018-08-15 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
39 |
2018-08-16 - 2018-08-17 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
40 |
2018-08-18 - 2018-08-19 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
41 |
2018-08-20 - 2018-08-21 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
42 |
2018-08-22 - 2018-08-23 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
43 |
2018-08-24 - 2018-08-28 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
44 |
2018-08-29 - 2018-08-31 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
45 |
2018-09-01 - 2018-09-01 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
46 |
2018-09-02 - 2018-09-03 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
47 |
2018-09-04 - 2018-09-04 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
48 |
2018-09-05 - 2018-09-06 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
49 |
2018-09-07 - 2018-09-07 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
50 |
2018-09-08 - 2018-09-11 |
True |
True |
True |
0 |
True |
True |
True |
81 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
51 |
2018-09-12 - 2018-09-13 |
False |
True |
False |
0 |
False |
False |
False |
81 |
upgrade-insecure-requests; |
52 |
2018-09-14 - 2018-09-15 |
True |
True |
True |
0 |
True |
True |
True |
82 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com *.richrelevance.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
53 |
2018-09-16 - 2018-09-16 |
False |
True |
False |
0 |
False |
False |
False |
82 |
upgrade-insecure-requests; |
54 |
2018-09-17 - 2018-09-21 |
True |
True |
True |
0 |
True |
True |
True |
82 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com *.richrelevance.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
55 |
2018-09-22 - 2018-09-23 |
False |
True |
False |
0 |
False |
False |
False |
82 |
upgrade-insecure-requests; |
56 |
2018-09-24 - 2018-09-24 |
True |
True |
True |
0 |
True |
True |
True |
82 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com *.richrelevance.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
57 |
2018-09-25 - 2018-09-26 |
False |
True |
False |
0 |
False |
False |
False |
82 |
upgrade-insecure-requests; |
58 |
2018-09-27 - 2018-09-30 |
True |
True |
True |
0 |
True |
True |
True |
82 |
default-src data: * 'unsafe-inline' 'unsafe-eval' blob:; font-src data: cdn.joinhoney.com *.bloomingdales.com 'self' netdna.bootstrapcdn.com *.fds.com maxcdn.bootstrapcdn.com gateway.answerscloud.com storage.googleapis.com m.bloomingdales.com api.cloudsponge.com *.webcollage.net fonts.gstatic.com cdnjs.cloudflare.com *.truefitcorp.com assets.bloomingdales.com origin.extole.io *.cloudfront.net sxt.cdn.skype.com themes.googleusercontent.com; frame-ancestors 'self'; media-src *.brightcove.com *.fds.com vjs.zencdn.net *.cloudfront.net *.media.brightcove.com *.webcollage.net *.bloomingdales.com 'self' ssl.gstatic.com f1.media.brightcove.com blob: s-static.innovid.com brightcove.hs.llnwd.net m.bloomingdales.com; object-src *.brightcove.com players.brightcove.net vjs.zencdn.net *.cloudfront.net *.webcollage.net *.bloomingdales.com 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com h.online-metrix.net *.fds.com brightcove.hs.llnwd.net m.bloomingdales.com; report-uri report; style-src *.shoprunner.com *.bloomingdales.com 'self' libs.coremetrics.com assets.moovweb.net *.fds.com bloomingdales.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com fonts.googleapis.com gateway.answerscloud.com storage.googleapis.com ln-rules.rewardstyle.com 'unsafe-inline' m.bloomingdales.com *.fiftyone.com api.cloudsponge.com *.truefitcorp.com bloomingdales.sspinc.io static.atgsvcs.com assets.bloomingdales.com *.richrelevance.com www1.bloomingdales.com origin.extole.io *.cloudfront.net *.borderfree.com *.widget.custhelp.com bloomingdales.widget.custhelp.com s-static.innovid.com; upgrade-insecure-requests; |
59 |
2018-10-01 - END |
False |
True |
False |
0 |
False |
False |
False |
82 |
upgrade-insecure-requests; |