urlscan.io logo urlscan.io
SecurityTrails logo

app.xavelend.com Open in urlscan Pro
2620:0:890::100  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.xavelend.com/
Submission: On October 02 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is app.xavelend.com.
TLS certificate: Issued by WR3 on September 26th 2024. Valid for: 3 months.
This is the only time app.xavelend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2620:0:890::100 54113 (FASTLY)
1 2404:6800:400... 15169 (GOOGLE)
11 199.36.158.100 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.198.3 15169 (GOOGLE)
2 107.21.53.115 14618 (AMAZON-AES)
20 7
3    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
app.xavelend.com
1    2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
app.xavelend.com
1    2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)
ipapi.co
2    142.250.198.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f3.1e100.net
fonts.gstatic.com
2    107.21.53.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-53-115.compute-1.amazonaws.com
avalanche-mainnet.infura.io
Apex Domain
Subdomains		 Transfer
14 xavelend.com
app.xavelend.com
1 MB
2 infura.io
avalanche-mainnet.infura.io — Cisco Umbrella Rank: 766601
2 KB
2 gstatic.com
fonts.gstatic.com
57 KB
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 17393
560 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
20 5
Domain Requested by
14 app.xavelend.com app.xavelend.com
2 avalanche-mainnet.infura.io app.xavelend.com
2 fonts.gstatic.com fonts.googleapis.com
1 ipapi.co app.xavelend.com
1 fonts.googleapis.com app.xavelend.com
20 5

This site contains no links.

Subject Issuer Validity Valid
www.forestlawnyyc.com
WR3		 2024-09-26 -
2024-12-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
ipapi.co
WE1		 2024-09-02 -
2024-12-01		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.infura.io
Amazon RSA 2048 M02		 2023-11-29 -
2024-12-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.xavelend.com/
Frame ID: 81929668642A36BF2C90E581D313356D
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lend

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

7
IPs

2
Countries

1554 kB
Transfer

7682 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.xavelend.com/ 		2 KB
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://app.xavelend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b74d212b1b74311fa255fab57cd4ecad67365cfecdf73dc80066dfd591ae6c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
527
content-type
text/html; charset=utf-8
date
Wed, 02 Oct 2024 17:36:53 GMT
etag
"dbbc1466c4e9d10f4bf88ab4a5bdb001aca220f8ba3a49406b881fd1162fb059-br"
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-tyo11944-TYO
x-timer
S1727890613.225906,VS0,VE110
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&family=Work+Sans:wght@400;500;600&display=swap
Requested by
Host: app.xavelend.com
URL: https://app.xavelend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b34505bba0b2da052bf43bee949030274a2562a30fd110a086a2c80872504e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 02 Oct 2024 17:36:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 17:36:53 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 02 Oct 2024 17:36:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.13e05b6d.js
app.xavelend.com/static/js/ 		7 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.xavelend.com/static/js/main.13e05b6d.js
Requested by
Host: app.xavelend.com
URL: https://app.xavelend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bc13e82225a0a4947433557e3d79cc85d7edaaf2cef96dd80a0aee3e3739a5ca
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"cf72d057aeaebde12cf9604c299b670f58a37eb44039f5567baf5ca6a04ba2d8-br"
x-timer
S1727890613.344642,VS0,VE331
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
content-length
1400046
date
Wed, 02 Oct 2024 17:36:53 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11944-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
main.f0649840.css
app.xavelend.com/static/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.xavelend.com/static/css/main.f0649840.css
Requested by
Host: app.xavelend.com
URL: https://app.xavelend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2cc684b24290a58b24e13788ea2d80271aa1823f0f2877c870c844c0a5afb733
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"1669eb0e6b24c89f8b1997d4d690c2950a3841fe86a54ed57f2ce4b69c56acff-br"
x-timer
S1727890613.344700,VS0,VE117
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
content-length
2046
date
Wed, 02 Oct 2024 17:36:53 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11944-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
background.47cc693534117027f6f5df26c6cec716.svg
app.xavelend.com/static/media/ 		13 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/background.47cc693534117027f6f5df26c6cec716.svg
Requested by
Host: app.xavelend.com
URL: https://app.xavelend.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dad4cc2a577e8a58ec5fadd320972f8bb5558bde0f61855f44dd2e89a5d28e0c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"6b2c7a51b413b6cf76fc908be970824c429aa36409b70e69e8bf5da2fabdc1d7-br"
x-timer
S1727890614.206451,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
2034
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
country
ipapi.co/ 		2 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/country
Requested by
Host: app.xavelend.com
URL: https://app.xavelend.com/static/js/main.13e05b6d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569ec6135d377e8ac326be2be2fd4cd8f3538fc3c23f33a89e81a4ed83671b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://app.xavelend.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JyO8zVNxkqyBfD5UDG%2FEK5tqseahp%2B9hBPcBZ0BT6hxitPI8qvNHokxsjhRhcT5dRD3s6qVVtKeXpEsMfPhad2h4PaQp1JwxF4hAyAXEMIDovYBWkh6MGJDIIjf6nDFRacDsfVBt"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
allow
HEAD, POST, GET, OPTIONS, OPTIONS
cf-ray
8cc675137be6e380-NRT
referrer-policy
same-origin
access-control-allow-origin
https://app.xavelend.com
content-length
2
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
text/plain; charset=utf-8
vary
Host, origin
server
cloudflare
x-frame-options
DENY
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&family=Work+Sans:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.xavelend.com
Referer
https://fonts.googleapis.com/

Response headers

age
542097
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 11:01:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 11:01:57 GMT
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50668
x-xss-protection
0
server
sffe
logoWarning.5ae2d30c010a1080fef3283b552562f1.svg
app.xavelend.com/static/media/ 		231 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/logoWarning.5ae2d30c010a1080fef3283b552562f1.svg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8471c7fc1ab8ec0a3083440785934874adb8e886536c2e76a06d246defa05e39
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"c7eb0adb296a6a430bb512485241505c6100325a9c0bb176ca4bacaedec30761-br"
x-timer
S1727890614.328851,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
157
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
62660a768fa04566b2794d82f99cf601
avalanche-mainnet.infura.io/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avalanche-mainnet.infura.io/v3/62660a768fa04566b2794d82f99cf601
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.53.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-53-115.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.xavelend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://app.xavelend.com
access-control-max-age
86400
content-length
0
date
Wed, 02 Oct 2024 17:36:54 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
closeIcon.b62be505484cc3a3bd3982918ff8f9ac.svg
app.xavelend.com/static/media/ 		247 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/closeIcon.b62be505484cc3a3bd3982918ff8f9ac.svg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6177f735ed65fca60e2bc0522d18fc12a18263781c6a3bf2efd72721e9769fa
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"834b0b741b351123a7bd93c155096e59299ead31b79c131dae91e0c21ae3b3b3-br"
x-timer
S1727890614.329446,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
165
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
xaveLogo.ed8a2b954a4bfb0992cd5af40a2cf8f6.svg
app.xavelend.com/static/media/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/xaveLogo.ed8a2b954a4bfb0992cd5af40a2cf8f6.svg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a358c89eebc6a80d20a1f824767d211696676e63f7c377b87d888d80fffd3c87
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"55fad836df50b58ef7e4495cd8760019081f056bcd818a0a984025ae30d7dba6-br"
x-timer
S1727890614.329421,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
1390
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
xave.bcd248e028675b84206faf74f75cba97.svg
app.xavelend.com/static/media/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/xave.bcd248e028675b84206faf74f75cba97.svg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bb1ee38e0394c33f5d8b028e9cdb20e3ff3e63dd9540a536232b8ba71ed0739
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"a11c09e204de3091730b19305cd784e08222e1a9687d6227fbf18497b883ba8f-br"
x-timer
S1727890614.329966,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
1070
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
bgBottomLeft.03b9009210a593a5d3426e41fead6736.svg
app.xavelend.com/static/media/ 		13 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/bgBottomLeft.03b9009210a593a5d3426e41fead6736.svg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ebee2880cc4f41b1a1a62cd526b9d9b9ed37f85735f704aaaed617f65951f10
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"771ed555ca9a4c3d129bf677c730cfca65a0d207dae44dbbcb07eb8a4d251c48-br"
x-timer
S1727890614.329940,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
2193
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
bgBottomRight.cc9b13954c48ce042a11ad9d841edae1.svg
app.xavelend.com/static/media/ 		13 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/bgBottomRight.cc9b13954c48ce042a11ad9d841edae1.svg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
feeb8cde3d160f4fc450b47878193ee2658a6a5bd8a60ea3bf71fb965e4cf4bf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"31117e83a672663e21319c533029657d25c8d7af7e4f358f11c1c219ecee674a-br"
x-timer
S1727890614.329937,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
2217
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
62660a768fa04566b2794d82f99cf601
avalanche-mainnet.infura.io/v3/ 		19 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://avalanche-mainnet.infura.io/v3/62660a768fa04566b2794d82f99cf601
Requested by
Host: app.xavelend.com
URL: https://app.xavelend.com/static/js/main.13e05b6d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.53.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-53-115.compute-1.amazonaws.com
Software
/
Resource Hash
9049ed6eba623406d9cd4d9b44a1c5835531eafdd84270599bf7fc83f23b7417

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://app.xavelend.com/

Response headers

access-control-allow-origin
https://app.xavelend.com
content-length
1655
content-encoding
gzip
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
application/json
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&family=Work+Sans:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.xavelend.com
Referer
https://fonts.googleapis.com/

Response headers

age
540260
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 11:32:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 11:32:34 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
favicon.ico
app.xavelend.com/ 		15 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.xavelend.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6c35fa05aded452b6253b5f1d8d9cafed2bf8c7dbe7a9838804ade035371801
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
content-encoding
br
etag
"61210a75d9abbcb5c182dca1787e3e2261e4fbc0460be067fd375612f8c41f08-br"
x-timer
S1727890614.355629,VS0,VE91
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
content-length
5951
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/x-icon
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
favicon.ico
app.xavelend.com/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://app.xavelend.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6c35fa05aded452b6253b5f1d8d9cafed2bf8c7dbe7a9838804ade035371801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

cache-control
max-age=3600
content-encoding
br
etag
"61210a75d9abbcb5c182dca1787e3e2261e4fbc0460be067fd375612f8c41f08-br"
x-timer
S1727890614.355629,VS0,VE91
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
content-length
5951
date
Wed, 02 Oct 2024 17:36:54 GMT
content-type
image/x-icon
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba51ba267f726b6cd7238a9987e71389b279e99985a82128d55f2f45e3ebf704

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
vchf.ede0f70898819b2c428e.png
app.xavelend.com/static/media/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/vchf.ede0f70898819b2c428e.png
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd9969d79326a887325d5f5257c3e045adc582311361f2997e5df58308913c7d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
etag
"efadc6d154d1bfbcc1b855aaa2bd0a306719a6dd2e6f717473d63d4a145aa5f7"
x-timer
S1727890615.089313,VS0,VE2
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
51049
date
Wed, 02 Oct 2024 17:36:55 GMT
content-type
image/png
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
veur.8847508952e83d3ec671.png
app.xavelend.com/static/media/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.xavelend.com/static/media/veur.8847508952e83d3ec671.png
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e5dccaa07da6809e1cd3cccc0daca678e523ebf3ff13d701ca93aed5a0dcd0a4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.xavelend.com/markets

Response headers

strict-transport-security
max-age=31556926
cache-control
max-age=3600
etag
"9c80dd398c1e93da806d84b8d604636c5b2616a438313da69957b9bccf19e449"
x-timer
S1727890615.089544,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
55639
date
Wed, 02 Oct 2024 17:36:55 GMT
content-type
image/png
last-modified
Wed, 20 Mar 2024 07:16:37 GMT
x-served-by
cache-tyo11955-TYO
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab0e6cc69b3571cb992f1ce919c9f7a8478d660c4bc67ad6aa76372aa754bbd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		981 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c82346269467e8d0d2b673082d1ea968c321b66ab01e15f2f97db4a6eb7c86f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		648 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cddba428a029844888b59bae59c6400ee684b0d51dfc490a4374eef6bb63ea16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkxave_lending_market_ui function| clearImmediate function| setImmediate object| __SENTRY__ object| __REACT_INTL_CONTEXT__ object| _ethers object| regeneratorRuntime function| _ object| __APOLLO_CLIENT__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.xavelend.com
avalanche-mainnet.infura.io
fonts.googleapis.com
fonts.gstatic.com
ipapi.co
107.21.53.115
142.250.198.3
199.36.158.100
2404:6800:4004:818::200a
2606:4700:20::681a:92c
2620:0:890::100
1b34505bba0b2da052bf43bee949030274a2562a30fd110a086a2c80872504e0
1bb1ee38e0394c33f5d8b028e9cdb20e3ff3e63dd9540a536232b8ba71ed0739
2c82346269467e8d0d2b673082d1ea968c321b66ab01e15f2f97db4a6eb7c86f
2cc684b24290a58b24e13788ea2d80271aa1823f0f2877c870c844c0a5afb733
569ec6135d377e8ac326be2be2fd4cd8f3538fc3c23f33a89e81a4ed83671b7e
5ebee2880cc4f41b1a1a62cd526b9d9b9ed37f85735f704aaaed617f65951f10
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
8471c7fc1ab8ec0a3083440785934874adb8e886536c2e76a06d246defa05e39
9049ed6eba623406d9cd4d9b44a1c5835531eafdd84270599bf7fc83f23b7417
a358c89eebc6a80d20a1f824767d211696676e63f7c377b87d888d80fffd3c87
a6177f735ed65fca60e2bc0522d18fc12a18263781c6a3bf2efd72721e9769fa
ab0e6cc69b3571cb992f1ce919c9f7a8478d660c4bc67ad6aa76372aa754bbd4
b74d212b1b74311fa255fab57cd4ecad67365cfecdf73dc80066dfd591ae6c2e
ba51ba267f726b6cd7238a9987e71389b279e99985a82128d55f2f45e3ebf704
bc13e82225a0a4947433557e3d79cc85d7edaaf2cef96dd80a0aee3e3739a5ca
cddba428a029844888b59bae59c6400ee684b0d51dfc490a4374eef6bb63ea16
dad4cc2a577e8a58ec5fadd320972f8bb5558bde0f61855f44dd2e89a5d28e0c
dd9969d79326a887325d5f5257c3e045adc582311361f2997e5df58308913c7d
e5dccaa07da6809e1cd3cccc0daca678e523ebf3ff13d701ca93aed5a0dcd0a4
e6c35fa05aded452b6253b5f1d8d9cafed2bf8c7dbe7a9838804ade035371801
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
feeb8cde3d160f4fc450b47878193ee2658a6a5bd8a60ea3bf71fb965e4cf4bf