urlscan.io logo urlscan.io
SecurityTrails logo

go.xero.com Open in urlscan Pro
23.214.42.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.au.m.mimecastprotect.com/s/pwIBCD1jmXIrz6NC5h4Hj6mzR?domain=go.xero.com
Effective URL: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Submission: On November 06 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 23.214.42.77, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is go.xero.com. The Cisco Umbrella rank of the primary domain is 57916.
TLS certificate: Issued by GeoTrust RSA CA 2018 on May 18th 2024. Valid for: a year.
This is the only time go.xero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 103.13.69.19 136792 (MIMECAST-...)
10 23.214.42.77 16625 (AKAMAI-AS)
1 23.48.247.233 20940 (AKAMAI-ASN1)
1 162.247.243.39 54113 (FASTLY)
3 162.247.243.30 54113 (FASTLY)
15 4
2    103.13.69.19 (Australia)

ASN136792 (MIMECAST-AS-AP Mimecast Australia Pty Ltd, AU)
url.au.m.mimecastprotect.com
10    23.214.42.77 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-42-77.deploy.static.akamaitechnologies.com
go.xero.com
edge.xero.com
1    23.48.247.233 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-247-233.deploy.static.akamaitechnologies.com
xerolytics.xero.com
1    162.247.243.39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    162.247.243.30 (United States)

ASN54113 (FASTLY, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
11 xero.com
go.xero.com — Cisco Umbrella Rank: 57916
edge.xero.com — Cisco Umbrella Rank: 37922
xerolytics.xero.com — Cisco Umbrella Rank: 72391
276 KB
3 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 3783
1 KB
2 mimecastprotect.com
url.au.m.mimecastprotect.com — Cisco Umbrella Rank: 384672
3 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 592
31 KB
15 4
Domain Requested by
7 edge.xero.com go.xero.com
edge.xero.com
3 bam-cell.nr-data.net edge.xero.com
3 go.xero.com go.xero.com
edge.xero.com
2 url.au.m.mimecastprotect.com 2 redirects
1 js-agent.newrelic.com edge.xero.com
1 xerolytics.xero.com edge.xero.com
15 6

This site contains no links.

Subject Issuer Validity Valid
*.xero.com
GeoTrust RSA CA 2018		 2024-05-18 -
2025-05-21		 a year crt.sh
public.xero.com
R11		 2024-10-30 -
2025-01-28		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-12 -
2025-08-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Frame ID: C05775AFE267A3F4C26FB4AE914A1E4E
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xero

Page URL History Show full URLs

  1. https://url.au.m.mimecastprotect.com/s/pwIBCD1jmXIrz6NC5h4Hj6mzR?domain=go.xero.com HTTP 307
    https://url.au.m.mimecastprotect.com/r/pMF93BbHFuEJVqe8yfB859VJxb3e1OpRO3OR21SSxve5BuzI6X5UIOt6IxmeO7OprjCrH-bAS9... HTTP 307
    https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

308 kB
Transfer

978 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.au.m.mimecastprotect.com/s/pwIBCD1jmXIrz6NC5h4Hj6mzR?domain=go.xero.com HTTP 307
    https://url.au.m.mimecastprotect.com/r/pMF93BbHFuEJVqe8yfB859VJxb3e1OpRO3OR21SSxve5BuzI6X5UIOt6IxmeO7OprjCrH-bAS9LSLsNfyyt_KMKnF8Av7vGjTNQ9ywAjmSa4OWBlb_5QvOaX7CIN17J_jYm2TEUoEvOwLlnbpoAsbmZXDYfRPDlzqsYz-qLzWsIvycmnAQrq6-lfJI5Zp4R04W3lQLmsRBa-2g337xXg02bEiZZH15Ox2o8axk12GdyYkkQJVmu6ES_NRuNBa2o9T894rKvssHQcL-7YR0sWYfJLiFvdaHywZ-IKEkmIgTS2Z0XYc0nb4F5VtCy0A4ro0q-9J7xW3G5b6DyDG-XGKnGNgv-MAUQWu4QR5fwk1EG17jOvhQCXr94F7wUdkz5FDTZvRFoIufNwGkibf1tH_VRDpO0fV4TlUtPzAiSlUfy_QnRIQQ2kWoRujqDzHwRW4ijLXudT6t7L1KKbfIBsLOme8zNpe4BiPH9aR0unarI1-lgF7cORqVwg3hdr3lGxQVOjrhgCkDyFhYtjUKfrlQPb27YYXz7hIyNfxtItNSlxCbSuhMjuLeMTFb3QVad8euvFXGVwqKtCxN3ylWH4cILf0e4iXtIwH2ZR9gYT5Vf12m2-rfw8YK3evUQDZSfSyqUICZuxv6dFv4Yvqj2MXRQqNA3K-7QlhL3xrWDXJ_oVr9dyQr53aK9DrpSZs2KBUZIlywhtxhfPPNp3epf8rn6_dJDIFv3p-zMZNhOnLL1By41p-B3Q6Ro3TIRBXsBwRP_rukeR9bvVd6s0yQ-LOSzVOAKpAA_-mExa7CldcAntJBdp9ZPHgG_hIlEt6A5yXRXCmE8TtrzQQFn162LBJpRt35Qa1vG9bCEIB1geWCougF-9f-S-WrqrY5N4zOISL5wTUoUX8MY-rrT6TSgkeDRdWRWLLNldb2Ik6gogb8t9cfqwb1MAZs3VpgMUM2a_YJu4KVjh0PwvcnDAEU8SpvvzIYCDrbaeHimK8s3icBsXVKGjGlsKagkPWNtDNqIrCTLgUotogUHE5wZr4AN3NKZmiRK1i2yyGkOVdYmu8fV9VdTdmEmd_AA5z6aeB4DSNamc9USTaMp2vok7Pe54hWo5UaRTFMquLF_F_karxAwrxeO21ki96HsEwVN2E7UWlqT1N6V-Tj5tfs6bQD59PZnOgrZPwSch3d_aSafMPoY8xZLTV_eq6bhPAjAQh9hDtK-4e4-ynA87KplTq0dAgYnqTrR_sSgke5_TeYAQVmTIsdXCwkP6eRk9DoHs4iVm4x6TLeQlEFvnnrjdA5O-zuWaZYGwNMNmzsMbQX86f2RBO_lk5B2gyKOfWDed2du02lGcL42peSaG-Wo6f0jYiHr4u-KMJEHZASmxtDd3H0jZIcCoCToun0_ddjKjSLUr2iAzzG3rGPUvD3ldiWGpc7zMUvQ6xkbB9uELBanaQFZJIyd0TMNujwGTQYO8Na8bWkdbWAd3DYcD-kAp-Ccgnn_E91nqxWx_uQGrSiAmIbOOdDCWaAab7FdKHiAI5-ZX5zynRjiz_EU0i3WL3gVNwn4CpiGGlrpPoU6kdoHrQRaoOefzS517QrlhDWKSY2C9neT3Y6JlyHEfOUACFwm9jzw9J-PmapAy__2OgKn61AbtQGic6Xbmur7GH2L_x0g3L7-gJc81fAdz29FRLluPez5O7PvmCJqif-fzAq__Dl8WKWLbakccec9b0l4Kxbk9jB34y3Uj4S2_GI5IEdSgYUFQ-IOseZyxcqFnlbUtD5Cwp8wM3vZMVP8UD4Ho_XC_qlp49vnlmTbzy4SqNHJyyMgGhh57PaJKqWUqoq_--o4wrAhyBXMGdkx1DyMSzsq3sbOUbP3qGpRi4eWjk8JTGjWoMaQ_xUqCmLrS2F94NkdAhSYawCdSpMiDj6y97sB0jgHQ6-3gTMIoS_Z3nVSztEme-ISsjI7czd2urWITU3VjGCld51awskoOeV6isA2iUWsThNMfSE_TxYg9ZhC-Fg HTTP 307
    https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
go.xero.com/app/!tW742/invoicing/view/
Redirect Chain
  • https://url.au.m.mimecastprotect.com/s/pwIBCD1jmXIrz6NC5h4Hj6mzR?domain=go.xero.com
  • https://url.au.m.mimecastprotect.com/r/pMF93BbHFuEJVqe8yfB859VJxb3e1OpRO3OR21SSxve5BuzI6X5UIOt6IxmeO7OprjCrH-bAS9LSLsNfyyt_KMKnF8Av7vGjTNQ9ywAjmSa4OWBlb_5QvOaX7CIN17J_jYm2TEUoEvOwLlnbpoAsbmZXDYfRPD...
  • https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
37 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
57386bd6f162ed41a1635a26e83bad59e6414de2a29210b9e3a6c51a4a4f4de3
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=300
content-encoding
gzip
content-length
4945
content-type
text/html
date
Wed, 06 Nov 2024 22:42:11 GMT
etag
"b419220e2a6f1665e4219a6986e15492"
last-modified
Wed, 06 Nov 2024 00:42:16 GMT
vary
Accept-Encoding
x-akamai-transformed
9 38105 0 pmb=mTOE,1
x-amz-id-2
GhYiQroSFPsF3PHt0PtgECSGqsjHjbahTiznKNQVntrHdVUfoIcL3w6b3l9VWCmRk3VQBwgqjiw=
x-amz-replication-status
COMPLETED
x-amz-request-id
BDRN7KZ0AK6EA2YS
x-amz-server-side-encryption
AES256
x-amz-version-id
BQzaAN3A_TpBD4ruIQ8xCzD3myg8qa1C
x-client-ip
33690
x-frame-options
sameorigin

Redirect headers

Cache-control
no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 06 Nov 2024 22:42:10 GMT
Location
https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex, nofollow
new-relic.js
edge.xero.com/business/shell-config/1.x-beta/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/business/shell-config/1.x-beta/new-relic.js
Requested by
Host: go.xero.com
URL: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3060790642fbbda7e6ccad977101e90f872b4dde24451703b1b9fb18108a4744

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://go.xero.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"9abf307f1f3d2b1cbe6360e49829575d"
x-amz-version-id
Kzcn7JpgrMaQIHUsUb77vMWMusVgMuO1
access-control-allow-methods
GET
date
Wed, 06 Nov 2024 22:42:11 GMT
last-modified
Wed, 06 Nov 2024 00:42:16 GMT
vary
Accept-Encoding
content-type
application/javascript
x-amz-id-2
h01jFHFH63kHvvnovVz0O/FAmSAkxzQK8HXf1AfPJtxwQBFxdf9c0Vr2PkUP+EejtzNXUOhHx4o=
x-amz-replication-status
COMPLETED
cache-control
max-age=31
x-amz-request-id
J69ZQRP1K2K8JJEH
accept-ranges
bytes
access-control-allow-origin
*
content-length
21172
server
AmazonS3
x-amz-server-side-encryption
AES256
xobs-banner.js
edge.xero.com/xobs/ 		88 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/xobs/xobs-banner.js
Requested by
Host: go.xero.com
URL: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6ccea1b8f15fd58fb99e8fdec0ab84dce1161bbf7112e9caea2ba47cacd7b40b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://go.xero.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"8b45ae2ff3bd780b56ccdb8027932028"
x-amz-version-id
0JBVrRnIFHsuf70BgM4vEWozZmvO.Sac
access-control-allow-methods
GET
date
Wed, 06 Nov 2024 22:42:11 GMT
last-modified
Fri, 30 Aug 2024 03:56:18 GMT
vary
Accept-Encoding
content-type
application/javascript
x-amz-id-2
r1bi2Ek0BkfGeyc6Km2b41TGGz+5sFla9LBaM9LIcL8pbp14jZzYMpla7iTo4kAOKTjHgfquFiY=
x-amz-replication-status
COMPLETED
cache-control
max-age=70
x-amz-request-id
PHXSQFNCP6ESEZXB
accept-ranges
bytes
access-control-allow-origin
*
content-length
22030
server
AmazonS3
x-amz-server-side-encryption
AES256
analytics.js
edge.xero.com/beanie/1.x/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/beanie/1.x/analytics.js
Requested by
Host: go.xero.com
URL: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a70101a97c3801a1f445b513f7461e268e18a985fcce85d27184486cc2f6d3f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://go.xero.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"258a4c101656079e2c489436a16ccb26"
x-amz-version-id
irI.zLii_SBwqNt9zqcg1hG6iHMqRP9N
access-control-allow-methods
GET
date
Wed, 06 Nov 2024 22:42:11 GMT
last-modified
Mon, 26 Feb 2024 01:54:04 GMT
vary
Accept-Encoding
content-type
application/javascript
x-amz-id-2
m81sHMXvBmsgkYszdqYLYhccp/Sh2R3VRUsRB1H2A2Hmic4qt+RMEd+H+5qYmFvux6VXX6BgNpI=
x-amz-replication-status
COMPLETED
cache-control
max-age=172
x-amz-request-id
PQNCF8908M56630W
accept-ranges
bytes
access-control-allow-origin
*
content-length
4460
server
AmazonS3
x-amz-server-side-encryption
AES256
i6m-wrapper.js
edge.xero.com/i6m-wrapper/1.x/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/i6m-wrapper/1.x/i6m-wrapper.js
Requested by
Host: go.xero.com
URL: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
462ec91da5f13557f7035d0beb94e88ea21e41dd1576f1a5e1ca66cce7fc6989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://go.xero.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"8f464f6b465e1bd7c723319b980b0a94"
x-amz-version-id
IrNfuU6ROmir0MBQDbLMlO6RmxsHjVo7
access-control-allow-methods
GET
date
Wed, 06 Nov 2024 22:42:11 GMT
last-modified
Mon, 18 Sep 2023 00:54:29 GMT
vary
Accept-Encoding
content-type
application/javascript
x-amz-id-2
djXR2M0Y9J95I3QqfppZKdP3D1tWqsdHyvdXUJH7kuqXNZ8CjsEMdNYIJnMkf95EB9V0NAdRgRR71b7ni8TAhnGy7YYyVhi7
x-amz-replication-status
COMPLETED
cache-control
max-age=0
x-amz-request-id
VYDJJSMFQS3ZSN75
accept-ranges
bytes
access-control-allow-origin
*
content-length
1836
server
AmazonS3
x-amz-server-side-encryption
AES256
shell.js
edge.xero.com/platform/shell/1.x/ 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/platform/shell/1.x/shell.js
Requested by
Host: go.xero.com
URL: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9b5ac77c6c0d576accb51ea1fd75458794b1f782e7a7836ee9942e10fb07dd7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://go.xero.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"2c03fdc88ef70e242fc78336ec9cc947"
x-amz-version-id
v4EUCciOJ1GbKoP3RzFzf6H6aN5.TlPg
access-control-allow-methods
GET
date
Wed, 06 Nov 2024 22:42:11 GMT
last-modified
Tue, 16 Jul 2024 22:23:26 GMT
vary
Accept-Encoding
content-type
application/javascript
x-amz-id-2
fRkb1IvmqrL8UAhTm9PwuioWwXw91sYcI9AOyb2M9d2rkKNQVbv7h1Ns2OK0Cm6SXILDTqv2E3SXuhsvL3mZNwqZhGPFvtdhDGWaHFgZw7k=
x-amz-replication-status
PENDING
cache-control
max-age=8
x-amz-request-id
P3FDQ6Y8EBK9XAP5
accept-ranges
bytes
access-control-allow-origin
*
content-length
42652
server
AmazonS3
x-amz-server-side-encryption
AES256
cIQ0B
go.xero.com/UnqUZ5/kmTLL/PS6zr/qmW_/iQJYJmt3iOSQ9Vh9/WSo8YwE/OCF2VhA/ 		302 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.xero.com/UnqUZ5/kmTLL/PS6zr/qmW_/iQJYJmt3iOSQ9Vh9/WSo8YwE/OCF2VhA/cIQ0B
Requested by
Host: go.xero.com
URL: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
41607e30e8f799c5a2186a887122d4ea806fd7114feeda38b33ab3340c8f73d7
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7

Response headers

cache-control
max-age=21600, max-age=21600
content-encoding
br
etag
"48b7399ab2e81d3b52fc631d48d126a3b02c1b2ea59eb5bdb7e594d8ae250c85"
content-length
105160
date
Wed, 06 Nov 2024 22:42:11 GMT
stored-attribute-sha-checksum
41607e30e8f799c5a2186a887122d4ea806fd7114feeda38b33ab3340c8f73d7
last-modified
Tue, 03 Sep 2024 15:50:57 GMT
content-type
application/javascript
vary
Accept-Encoding
x-client-ip
33690
x-frame-options
sameorigin
identity.js
edge.xero.com/identity/client/1.1.13/ 		206 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/identity/client/1.1.13/identity.js
Requested by
Host: edge.xero.com
URL: https://edge.xero.com/business/shell-config/1.x-beta/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
573c961ffc4c9ed4ffd7693640512abcd9a31736cfd49b3eae812dfbdb3060db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://go.xero.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
"f1293d9665cf5713b80b2fb0fab4a84e"
x-amz-version-id
0sJHPsDrc755DaXVg_u2i.Zyk7niPYR.
access-control-allow-methods
GET
date
Wed, 06 Nov 2024 22:42:11 GMT
content-type
application/javascript
last-modified
Sun, 04 Aug 2024 05:19:27 GMT
x-amz-id-2
XwCyHG3EO/K4fvQJ5l1rS08z7G4AhNmVbJ/4au8MPMxVJ5hcaWFqN7Ked3dcU3mKMT9hRtPHsPY=
x-amz-replication-status
COMPLETED
cache-control
max-age=3886782
x-amz-request-id
YY83CJRH8PVKK3WZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
49155
server
Akamai Resource Optimizer
cIQ0B
go.xero.com/UnqUZ5/kmTLL/PS6zr/qmW_/iQJYJmt3iOSQ9Vh9/WSo8YwE/OCF2VhA/ 		18 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.xero.com/UnqUZ5/kmTLL/PS6zr/qmW_/iQJYJmt3iOSQ9Vh9/WSo8YwE/OCF2VhA/cIQ0B
Requested by
Host: edge.xero.com
URL: https://edge.xero.com/business/shell-config/1.x-beta/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

traceparent
00-0890aa2c07d02fc43692389cdde48ec4-ddc959075f29c094-01
Referer
https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6IjM3OTI0MjM0MiIsImlkIjoiZGRjOTU5MDc1ZjI5YzA5NCIsInRyIjoiMDg5MGFhMmMwN2QwMmZjNDM2OTIzODljZGRlNDhlYzQiLCJ0aSI6MTczMDkzMjkzMTQyMCwidGsiOiIyOTkwMTg3In19
tracestate
2990187@nr=0-1-1962024-379242342-ddc959075f29c094----1730932931420

Response headers

x-frame-options
sameorigin
access-control-allow-credentials
true
x_req_id
fc14abdc-df21-4341-b31e-202cb36e8eb2
access-control-allow-origin
https://go.xero.com
content-length
18
date
Wed, 06 Nov 2024 22:42:11 GMT
content-type
application/json
vary
Origin
x-client-ip
33690
access-control-allow-headers
Content-Type
/
xerolytics.xero.com/api/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://xerolytics.xero.com/api/
Requested by
Host: edge.xero.com
URL: https://edge.xero.com/platform/shell/1.x/shell.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.247.233 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-247-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://go.xero.com/

Response headers
nr-spa-1.261.2.min.js
js-agent.newrelic.com/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.261.2.min.js
Requested by
Host: edge.xero.com
URL: https://edge.xero.com/business/shell-config/1.x-beta/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22c74a835bbc69aa690c781b1243caf4d8b47335fdc5fc1e2294d8d60c6f1545
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://go.xero.com
Referer
https://go.xero.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"ab3747a3f79dbc9080745d5b175c1285"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
31753
date
Wed, 06 Nov 2024 22:42:11 GMT
last-modified
Tue, 02 Jul 2024 15:00:16 GMT
content-type
application/javascript
x-served-by
cache-syd10133-SYD
x-cache-hits
5331
vary
Accept-Encoding
favicon.ico
edge.xero.com/images/1.0.0/favicon/ 		24 KB
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/images/1.0.0/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.42.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-42-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b5107d80d618e1824d266984e1673710d3a6d766e8b3997c52e1e271fb57fa49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://go.xero.com/

Response headers

x-amz-replication-status
COMPLETED
access-control-max-age
3000
cache-control
max-age=2860363
etag
"c169aee3c6f710672ae66cdb0ae20879"
x-amz-version-id
.oqENArTuDlsFYmMd__ZbXsg1mBK8sEQ
access-control-allow-methods
GET
x-amz-request-id
K4N93J0B9Z57FT9N
accept-ranges
bytes
access-control-allow-origin
*
content-length
24838
date
Wed, 06 Nov 2024 22:42:11 GMT
last-modified
Mon, 29 Aug 2022 00:53:42 GMT
content-type
image/vnd.microsoft.icon
server
AmazonS3
x-amz-id-2
Hw1gE0YPtHUSqUI3R+pl6hcsyZOalubXvwZ2OaVsCIj/lOExfA+vPWHnjLlBaD0jrlip6VSVrY4=
bd61b676be
bam-cell.nr-data.net/1/ 		179 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/bd61b676be?a=379242342&sa=1&v=1.261.2&t=Unnamed%20Transaction&rst=7012&ck=0&s=e975eefa73a36c2e&ref=https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7&ptid=87fb0b830c150795&af=err,spa,xhr,stn,ins&be=6704&fe=276&dc=275&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1730932924476,%22n%22:0,%22f%22:6414,%22dn%22:6416,%22dne%22:6421,%22c%22:6421,%22s%22:6423,%22ce%22:6429,%22rq%22:6429,%22rp%22:6704,%22rpe%22:6706,%22di%22:6972,%22ds%22:6979,%22de%22:6979,%22dc%22:6979,%22l%22:6979,%22le%22:6980%7D,%22navigation%22:%7B%7D%7D&fp=6947
Requested by
Host: edge.xero.com
URL: https://edge.xero.com/business/shell-config/1.x-beta/new-relic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fd1a49f8b59250c10293e8844cb99c2d3f332ec6fa250afa6009142307c285a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://go.xero.com/

Response headers

access-control-expose-headers
Date
timing-allow-origin
https://go.xero.com
cross-origin-resource-policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin
https://go.xero.com
Content-Length
179
date
Wed, 06 Nov 2024 22:42:11 GMT
content-type
text/plain
x-served-by
cache-syd10176-SYD
bd61b676be
bam-cell.nr-data.net/ins/1/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/ins/1/bd61b676be?a=379242342&sa=1&v=1.261.2&t=Unnamed%20Transaction&rst=7240&ck=0&s=e975eefa73a36c2e&ref=https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7&ptid=87fb0b830c150795
Requested by
Host: edge.xero.com
URL: https://edge.xero.com/business/shell-config/1.x-beta/new-relic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://go.xero.com/

Response headers

access-control-allow-origin
https://go.xero.com
date
Wed, 06 Nov 2024 22:42:11 GMT
x-served-by
cache-syd10176-SYD
Connection
close
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
bd61b676be
bam-cell.nr-data.net/events/1/ 		24 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/bd61b676be?a=379242342&sa=1&v=1.261.2&t=Unnamed%20Transaction&rst=7244&ck=0&s=e975eefa73a36c2e&ref=https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7&ptid=87fb0b830c150795
Requested by
Host: edge.xero.com
URL: https://edge.xero.com/business/shell-config/1.x-beta/new-relic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://go.xero.com/

Response headers

Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin
https://go.xero.com
Content-Length
24
date
Wed, 06 Nov 2024 22:42:11 GMT
content-type
image/gif
x-served-by
cache-syd10180-SYD

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.261.2.PROD object| newrelic object| XERO boolean| __REACT_INTL_BYPASS_GLOBAL_CONTEXT__ object| _cf object| bmak string| _sdTrace

4 Cookies

Domain/Path Name / Value
.xero.com/ Name: ak_bmsc
Value: 08569AA0534AE97C38C3391D66468CAE~000000000000000000000000000000~YAAQN0DbF0ctCOeSAQAAaXqkAxlD5B0dfAOOCkOwXcZ050BL9Z6NEfypkIoxWyXzIKbgVLq1+3Z5AdtGu71egRrB6Pv8kVIQaFHhV5gKsPBMrPY2RZvHwJa+UHZI6X7YCGokDOQY838JJ9qOsBctPUjvIlLGs6iqb4oyBS7/yjO8xdJj3zCoPpCNHca3bVxexjkJ1AmccVNf1AaZ82UNsWtS/UmOAfzFkRlNYZlCAhhjHNBbxnT/ZU3RY49M6L1UtRDJRdtWOdI+9U0W4DXxMRsBM/ahMD/x3XSP1FYC5F6g0SUyEzqbQfGFQPpEt4QzpgkNSajxge96z1k+oPvTtQ0g1YSFb6gTqh72BpROdp7UY1c2srb2ZeoLi5OqpZA8AfkWiuvcKwLc
.xero.com/ Name: bm_sz
Value: 6AC09490FFF31B9B4A459A654B1574D9~YAAQN0DbF0gtCOeSAQAAaXqkAxkkVDrU/T1cs4Nw3U35LOxJ+8dEu70Z2hcPEc78j53wTd0110risPNxJZNzr9TSfqVbGubYi59NhVJ+t6JjeESzGb+syvjMpm/m1y5a948FAWNqV74uFLAGYOJuv/dYOZMirJjRL2A7rvTde+Us/NhJnyAEiG63xreEl2uYP7aTLIYgMoBNXcuQj3JXezfJmm7L9U3Q6mJSOXgACC8NvmV4jeqYJdGpwEJ1jilPDDx+P8gczq3O0PJhJR/ORGccdrs9GdZm5rCWN2qt9MhpcZ85okMrsS8eOc7KfRWHU5sAtn6fQYTBNINAZtjkoeyP3gejDnjp6B5gA3/I0KMMwJf4hiU5WRbLKoAgP9k1vRCdjYeeMbRXQ/DQjg==~3752262~4534835
.xero.com/ Name: _abck
Value: 6F2F1F7A64821CA3E035CE74541F4FA2~0~YAAQN0DbF4ItCOeSAQAAM3ykAwx6+P57ChFvRfEovKThdoqfd6mIxPJWZJyFvOClQpPRBd5UxKM43fxifxyrleigKyLkZVPnug5dWdOnxheefg2xQ5Ajho+TjNzTVdYfX58wyaiuHY2XdpmIjUq7O84R6Esw3i1MQGh/JXvrLidb8oTrA6/h2jIUgJi2T1Pnv1Q/yW5Bt87LZaZeksy5Gtsr1iF8yd+b2e+uYc5pQ/64D6nkhx8EzkeJUFa8bdn0ktTCQ5OakXmqeCL3wJaewqiL1C+AVjDnHoXj2JxVFEGgGmHc4Nld7z7Xwr8tkPSsEJOZlmjexlNYJq/Gx25qCbUiIhUt6gt8F2yOqcHVXdpM4fRZpNEwe6IXh3Sc4a/aVYT7gEP1Cz8sjQJ4smUSZLaSfaP4uw9Vx9SKsL0x6GRru6V+f3mRAT7/jAiR/wLU+OELbeYX~-1~||0||~1730936531
.xero.com/ Name: bm_sv
Value: 9EDC23FA6A322536022D067774B06E46~YAAQybQuF1rp+uySAQAAc3+kAxkGW+r1tjetW/pYI82ESn/HI1vt+7bJbwIMgG/n84vSqVdvcH1Xa1uLAQ7Lcu2FeQngFjZ1FHb665BE9+rwLoJbflU081pqKojateR/2AsmOY7ur2x8PbI8G07sSnQPf8KF7pWoGHYk6F8BSLMJheiPq6Xn3iFoOyZeaWWByZt6GPnUbf9A874R6bgurV0dP9LgpyyTlsbyzcFr52FqQIgJ+M8u8ORKdEPaiQ==~1

1 Console Messages

Source Level URL
Text
rendering warning URL: https://go.xero.com/app/!tW742/invoicing/view/d9ed70f0-b8b5-40e7-ad47-4cf2a6984db7
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0E60294010000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin