urlscan.io logo urlscan.io
SecurityTrails logo

www.xoom.com Open in urlscan Pro
151.101.3.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reestri.comerica-analytics.xoompadala.com/
Effective URL: https://www.xoom.com/
Submission: On December 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 12 domains to perform 50 HTTP transactions. The main IP is 151.101.3.1, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.xoom.com. The Cisco Umbrella rank of the primary domain is 315841.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 29th 2024. Valid for: a year.
This is the only time www.xoom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.139.32 16509 (AMAZON-02)
1 151.101.3.1 54113 (FASTLY)
23 192.229.210.155 15133 (EDGECAST)
9 2600:9000:24f... 16509 (AMAZON-02)
6 99.86.191.237 16509 (AMAZON-02)
2 151.101.129.21 54113 (FASTLY)
2 151.101.131.1 54113 (FASTLY)
1 157.240.229.1 32934 (FACEBOOK)
1 142.251.179.157 15169 (GOOGLE)
1 142.251.167.156 15169 (GOOGLE)
1 44.234.198.184 16509 (AMAZON-02)
1 172.253.115.147 15169 (GOOGLE)
50 12
1    3.33.139.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: aeedc42b70c898c66.awsglobalaccelerator.com
reestri.comerica-analytics.xoompadala.com
1    151.101.3.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.xoom.com
23    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
9    2600:9000:24f4:7000:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
6    99.86.191.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-191-237.iad79.r.cloudfront.net
cdn.segment.com
2    151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    151.101.131.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.xoom.com
1    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    142.251.179.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f157.1e100.net
www.googleadservices.com
1    142.251.167.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net
googleads.g.doubleclick.net
1    44.234.198.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-234-198-184.us-west-2.compute.amazonaws.com
api.segment.io
1    172.253.115.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f147.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
23 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2811
293 KB
9 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3811
15 KB
6 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1935
75 KB
3 xoom.com
www.xoom.com — Cisco Umbrella Rank: 315841
t.xoom.com — Cisco Umbrella Rank: 310486
61 KB
2 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3003
7 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
64 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1510
172 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
21 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
12 KB
1 xoompadala.com
reestri.comerica-analytics.xoompadala.com
418 B
0 cloudfront.net Failed
d1wnclalxop6x4.cloudfront.net Failed
50 12
Domain Requested by
23 www.paypalobjects.com www.xoom.com
www.paypalobjects.com
9 images.ctfassets.net www.xoom.com
6 cdn.segment.com www.paypalobjects.com
cdn.segment.com
2 t.xoom.com www.xoom.com
2 www.paypal.com www.paypalobjects.com
1 www.google.com www.xoom.com
1 api.segment.io cdn.segment.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.paypalobjects.com
1 connect.facebook.net www.paypalobjects.com
1 www.xoom.com
1 reestri.comerica-analytics.xoompadala.com 1 redirects
0 d1wnclalxop6x4.cloudfront.net Failed cdn.segment.com
50 13

This site contains links to these domains. Also see Links.

Domain
help.xoom.com
www.paypal.com
control.kochava.com
Subject Issuer Validity Valid
www.xoom.com
DigiCert SHA2 Extended Validation Server CA		 2024-10-29 -
2025-10-28		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-13 -
2025-06-12		 a year crt.sh
images.ctfassets.net
Amazon RSA 2048 M02		 2024-11-18 -
2025-12-16		 a year crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-04 -
2025-01-02		 3 months crt.sh
*.googleadservices.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2024-11-13 -
2025-12-13		 a year crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.xoom.com/
Frame ID: 54E58BECCCEF7C98EC2E80927EF05328
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Enviar dinero por Internet | Xoom, un servicio de PayPal

Page URL History Show full URLs

  1. http://reestri.comerica-analytics.xoompadala.com/ HTTP 307
    https://reestri.comerica-analytics.xoompadala.com/ HTTP 307
    http://reestri.comerica-analytics.xoompadala.com/ HTTP 301
    https://www.xoom.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

50
Requests

96 %
HTTPS

8 %
IPv6

12
Domains

13
Subdomains

12
IPs

1
Countries

487 kB
Transfer

1359 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reestri.comerica-analytics.xoompadala.com/ HTTP 307
    https://reestri.comerica-analytics.xoompadala.com/ HTTP 307
    http://reestri.comerica-analytics.xoompadala.com/ HTTP 301
    https://www.xoom.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xoom.com/
Redirect Chain
  • http://reestri.comerica-analytics.xoompadala.com/
  • https://reestri.comerica-analytics.xoompadala.com/
  • http://reestri.comerica-analytics.xoompadala.com/
  • https://www.xoom.com/
58 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39eff96f78080293771564fdb4f12775ab61701faa69ddb0880872c928e7da3d
Security Headers
Name Value
Content-Security-Policy style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ https://*.ctfassets.net/ 'unsafe-inline' 'self' https://*.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ 'nonce-36f3dc72c0234320c30aac27dc1ec59f' 'self' https://*.googleadservices.com/ https://*.gstatic.com/ https://*.s-xoom.com/ https://*.segment.com/ https://www.googletagmanager.com/ https://*.online-metrix.net/ https://connect.facebook.net/ https://*.google-analytics.com/ https://*.cardinalcommerce.com/ https://*.mxpnl.com/ https://*.google.com/ https://bat.bing.com/ https://*.ctfassets.net/ https://iesnare.com/ https://*.braintreegateway.com/ https://*.googleapis.com/ https://*.doubleclick.net/ https://*.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://*.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/ https://www.datadoghq-browser-agent.com/; form-action * paypal://remittance/link-paypal-account https://*.xoom.com/ https://*.paypal.com/; frame-src *; img-src 'self' data: https:; connect-src https://*.xoom.com/ 'self' https://*.google-analytics.com/ https://*.mixpanel.com/ https://*.cardinalcommerce.com/ https://*.google.com/ https://*.cloudfront.net/ https://*.braintreegateway.com/ https://*.googleapis.com/ wss://*.xoom.com/ https://*.doubleclick.net/ https://www.facebook.com/ https://*.segment.io/ https://*.segment.com/ https://*.paypal.com/ https://*.s-xoom.com/ https://*.online-metrix.net/ https://*.braintree-api.com/ https://www.paypalobjects.com/ https://*.preview.dev.paypalinc.com/ https://browser-intake-datadoghq.com/; worker-src 'self'; object-src https://*.cardinalcommerce.com/ https://*.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://*.salesforce.com/ https://*.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ https://fonts.gstatic.com/ https://*.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
95
cache-control
no-cache, no-store
content-language
es-ES
content-length
59008
content-security-policy
style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ https://*.ctfassets.net/ 'unsafe-inline' 'self' https://*.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ 'nonce-36f3dc72c0234320c30aac27dc1ec59f' 'self' https://*.googleadservices.com/ https://*.gstatic.com/ https://*.s-xoom.com/ https://*.segment.com/ https://www.googletagmanager.com/ https://*.online-metrix.net/ https://connect.facebook.net/ https://*.google-analytics.com/ https://*.cardinalcommerce.com/ https://*.mxpnl.com/ https://*.google.com/ https://bat.bing.com/ https://*.ctfassets.net/ https://iesnare.com/ https://*.braintreegateway.com/ https://*.googleapis.com/ https://*.doubleclick.net/ https://*.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://*.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/ https://www.datadoghq-browser-agent.com/; form-action * paypal://remittance/link-paypal-account https://*.xoom.com/ https://*.paypal.com/; frame-src *; img-src 'self' data: https:; connect-src https://*.xoom.com/ 'self' https://*.google-analytics.com/ https://*.mixpanel.com/ https://*.cardinalcommerce.com/ https://*.google.com/ https://*.cloudfront.net/ https://*.braintreegateway.com/ https://*.googleapis.com/ wss://*.xoom.com/ https://*.doubleclick.net/ https://www.facebook.com/ https://*.segment.io/ https://*.segment.com/ https://*.paypal.com/ https://*.s-xoom.com/ https://*.online-metrix.net/ https://*.braintree-api.com/ https://www.paypalobjects.com/ https://*.preview.dev.paypalinc.com/ https://browser-intake-datadoghq.com/; worker-src 'self'; object-src https://*.cardinalcommerce.com/ https://*.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://*.salesforce.com/ https://*.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ https://fonts.gstatic.com/ https://*.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
content-type
text/html;charset=UTF-8
cross-origin-opener-policy
same-origin
date
Thu, 26 Dec 2024 11:44:14 GMT
etag
"0ff84148984c589b62027bbeadbd5a42a"
strict-transport-security
max-age=15768000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1, 2
x-content-type-options
nosniff
x-envoy-upstream-service-time
163
x-frame-options
SAMEORIGIN
x-served-by
cache-dfw-kdal2120083-DFW, cache-mia-kmia1760049-MIA
x-timer
S1735213454.298833,VS0,VE1
x-ua-compatible
IE=edge
x-xoom-requestid
576b3db3-28fb-4c0d-96d6-9c9c1a4392bf
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
62
Content-Security-Policy
script-src 'self'
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Dec 2024 11:44:14 GMT
Expires
-1
Location
https://www.xoom.com/
Pragma
no-cache
Vary
Accept
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
legacy-supplement.css
www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/legacy-supplement.css
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/87A2) /
Resource Hash
074b0f0354335c4268d16ba85c367f3ba68535702e2c72433b4d29efd93a2b34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
7c8f7f5d24d29
content-encoding
br
etag
W/"6734e734-cd65"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-00000000000000000007c8f7f5d24d29-35067a264662d8d4-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
9220
server
ECAcc (mid/87A2)
demeter.css
www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/ 		224 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/demeter.css
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/876F) /
Resource Hash
a04976c86c083c18d12c018a3e0f4f6a8add87f02d7795270e1470012bc02c21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
90daebdf3f83d
content-encoding
br
etag
W/"6734e734-37e38"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-000000000000000000090daebdf3f83d-758d5fd338bc998f-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
28730
server
ECAcc (mid/876F)
xoom-analytics-init.js
www.paypalobjects.com/xoom/siteContent/26.9.0/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/siteContent/26.9.0/js/xoom-analytics-init.js
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8728) /
Resource Hash
6e3ea61c126ec38cdbc177f04cb2c0551e93bd1209f43c2af4ebd2ff2d9bdbe5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
d8f19b48a65ff
content-encoding
br
etag
W/"67128a44-2ce3"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000d8f19b48a65ff-e502045a11da730b-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:18:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
4055
server
ECAcc (mid/8728)
logo.XX.Xoom.es.svg
images.ctfassets.net/fyvbo1b1kt27/5KJyjMkOM8CQKSA48OIKK8/15f627128903edc48687190612b28cd5/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/5KJyjMkOM8CQKSA48OIKK8/15f627128903edc48687190612b28cd5/logo.XX.Xoom.es.svg
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
8f78affdfb3d76746343d4dd84da45651bb58ddb75d71bd6da70c4ba75ca5932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"8856c4418af4b1a434f35fad85cbba1b"
age
10122
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
hmEs1I5ZyvHRv3oVBBFrhIVjZyT5JKqWMIkaDglrBRuU0cYtJKUCMQ==
date
Thu, 26 Dec 2024 09:29:23 GMT
content-type
image/svg+xml
last-modified
Thu, 13 Sep 2018 17:44:13 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
vary
Accept-Encoding
paypal-checkout.svg
images.ctfassets.net/fyvbo1b1kt27/u9PkG4dAF1zNefeFGrnkZ/981fa2683c57e9012d99048b58ec67f0/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/u9PkG4dAF1zNefeFGrnkZ/981fa2683c57e9012d99048b58ec67f0/paypal-checkout.svg
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a880301cf73bf1d06118a53e77d83b9042871a905f4e1f3129583f269da58344

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"7b6a4ccdfdcd43853fa63d53ac093cfd"
age
17491
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
t3AcHKVWRKzhnccj1Iz4-Idky4dGfK8MgQvgt9qIMRz6P48Adonnnw==
date
Thu, 26 Dec 2024 06:52:44 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 18:35:10 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
vary
Accept-Encoding
speed.svg
images.ctfassets.net/fyvbo1b1kt27/6SPQ3iSxkySLljwpxIF95z/9c31d27985b73e27852579cd4282063c/ 		1 KB
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/6SPQ3iSxkySLljwpxIF95z/9c31d27985b73e27852579cd4282063c/speed.svg
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c221774c375e3d59ce7287866803d7c9bc2b328d4393f4c71493b44afc2e6f07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"58e28223c8ce6f8005cb8e5ea40bf3c3"
age
13248
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
Qy6PFquBiM12UNhBL2nv-HtMCDW3a1zLTotcJ1T6kkP0Pdbh59gyrQ==
date
Thu, 26 Dec 2024 08:03:27 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 18:37:04 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
vary
Accept-Encoding
digital-wallet.svg
images.ctfassets.net/fyvbo1b1kt27/6IG967Ol1Cfifavm9KaQH9/7ad4845563393a41139bcb1aa70aa634/ 		1 KB
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/6IG967Ol1Cfifavm9KaQH9/7ad4845563393a41139bcb1aa70aa634/digital-wallet.svg
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
bdca3c0b9a9106bdb5c753f3a88add197fa5ab4dec850fa6734ddb364ad1968a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"d398267bcf24fa7c65548c6b42359a52"
age
10164
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
ZEhWqYkK7VriLQaOfTlgjQKovaXAufow6zAkOycfhaaCkxcVRDsZwA==
date
Thu, 26 Dec 2024 08:54:51 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 21:32:04 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
vary
Accept-Encoding
track-payments.svg
images.ctfassets.net/fyvbo1b1kt27/5ZGLd65aHS2CwSsACSE6us/dafd045deab99c9d0af7efa63e960022/ 		901 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/5ZGLd65aHS2CwSsACSE6us/dafd045deab99c9d0af7efa63e960022/track-payments.svg
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5f050141e493b03a497c390e2d8c3cabda526074bf0d6cbeac54e8a5ae2d28d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
etag
"33405eaecd9621ff1d69dd1b8db3e604"
age
17578
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
901
x-amz-cf-id
tqOjAIuYMuKdDKISwP5v-roE_saTFwt68L_djqGvAkcyvSroN9x42g==
date
Thu, 26 Dec 2024 06:53:39 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 21:24:19 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
vary
Accept-Encoding
send-receive.svg
images.ctfassets.net/fyvbo1b1kt27/5vrAmhBzMmV4EhthNvyn6I/30960d4b4f88982eb6bf0d28d65df1b4/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/5vrAmhBzMmV4EhthNvyn6I/30960d4b4f88982eb6bf0d28d65df1b4/send-receive.svg
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
55503c79eaae7f0dcab3896539f322e1945176ac68203c8de469ef694a2ed3b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"370b958e302aa234cdf82e24893a3430"
age
8099
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
OYE-v_x7dE7K7Hzo6oHNZjm1bW0Fh24dE8CRHvb4wkX0MIPsE4nNbg==
date
Thu, 26 Dec 2024 09:29:16 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 21:27:20 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
vary
Accept-Encoding
phone.png
images.ctfassets.net/fyvbo1b1kt27/6MhvaMup9eqmg0Kam2ucGU/87cf947def59e575ef6c0d06b31f142d/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/6MhvaMup9eqmg0Kam2ucGU/87cf947def59e575ef6c0d06b31f142d/phone.png
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
7cbcaf9e3caeb0712df47b5d4079b6c1e08e3d91e158f7e7385aceea03c30669

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
etag
"62190dadc3e38382bea28c5cd1835068"
age
11346
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
1334
x-amz-cf-id
cHU1tG-zR2pkmEcpTCsB2LyMcgFZ7HSqhzrDiH2bOrBqjjTJLLt8JA==
date
Thu, 26 Dec 2024 08:38:52 GMT
content-type
image/png
last-modified
Fri, 03 Nov 2023 19:10:11 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
vary
Accept-Encoding
trust.png
images.ctfassets.net/fyvbo1b1kt27/6fRyOoviMg4eaO4wCI4KWu/19df74c64ec317e06cdc947b5a11bfd8/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/6fRyOoviMg4eaO4wCI4KWu/19df74c64ec317e06cdc947b5a11bfd8/trust.png
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b85663035e42dc9e414c7be13ad1d00fb5873e3e7ded788e04c055aafd624682

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
etag
"f9e054c632b94927bca775ad1b7d4849"
age
12275
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
2430
x-amz-cf-id
J52_UVF1ik9rR-NjJ7IMwN1C237A2p9mUQvOwp9PELKT3uB_-QKk_w==
date
Thu, 26 Dec 2024 08:19:40 GMT
content-type
image/png
last-modified
Fri, 03 Nov 2023 18:43:24 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
security.svg
images.ctfassets.net/fyvbo1b1kt27/6jT23CEffOsOQusmgAAWiS/fb2733aad54ec9102d0db9bc7ec8a66b/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fyvbo1b1kt27/6jT23CEffOsOQusmgAAWiS/fb2733aad54ec9102d0db9bc7ec8a66b/security.svg
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:7000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
6dc5f6b047b22a18f9697a9004fb915baa046f98b867896c70ad1d4c62530dbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
max-age=31536000
etag
"1473f2c3f116163c915c91ec444bbc55"
age
14183
via
1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
836
x-amz-cf-id
Wf2aqw9dXAeMzeJGXSXcaHJdeXddDBry7JlrFeftA6vr3E2gKr3_ag==
date
Thu, 26 Dec 2024 07:47:52 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 18:42:52 GMT
server
Contentful Images API
x-amz-cf-pop
IAD55-P3
vary
Accept-Encoding
ncs.js
www.paypalobjects.com/ncs/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ncs/ncs.js
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/870A) /
Resource Hash
69b92089af852f9c3722996d434f36badfea677d48eadd5fbad962ea552235a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
0810df2feef3a
content-encoding
br
etag
"67378b7b-3b53"
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-00000000000000000000810df2feef3a-216597debaa3c855-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 17:57:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
3620
server
ECAcc (mid/870A)
common.js
www.paypalobjects.com/xoom/xvx/3.8.0/js/ 		169 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/js/common.js
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8781) /
Resource Hash
4a13a8a11686c3a93095b7690c2afb9adf37cff00a6499126fbab7052f067cde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
db0fb09407714
content-encoding
br
etag
W/"6734e734-2a532"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000db0fb09407714-8c66ed0cd3c266a4-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
52474
server
ECAcc (mid/8781)
header.js
www.paypalobjects.com/xoom/xvx/3.8.0/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/js/header.js
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8731) /
Resource Hash
91042cc61b24f4f5fecb7712ca0b4c9e0a67886b7d713457e6165589cf0ab758
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
0449b3005919f
content-encoding
br
etag
W/"6734e734-142f"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-00000000000000000000449b3005919f-8883bd3b16e348e7-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
1805
server
ECAcc (mid/8731)
main.js
www.paypalobjects.com/xoom/xvx/3.8.0/js/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/js/main.js
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8721) /
Resource Hash
38ae2e18d752fc224004ea76e3f4965cad029f8b4600279266e90bebae7b5732
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
f1d78c878aaf7
content-encoding
br
etag
W/"6734e734-879e"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000f1d78c878aaf7-ea94cfd7b22fcca6-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
10267
server
ECAcc (mid/8721)
xoom-xvx-init.js
www.paypalobjects.com/xoom/siteContent/26.9.0/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/siteContent/26.9.0/js/xoom-xvx-init.js
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8782) /
Resource Hash
d565897ad03c72b50634e6ab28c7d01d481ba7bdc6d9e14d8e78f578b93ebe90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
522750663ab62
content-encoding
br
etag
W/"67128a44-db88"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000522750663ab62-b47f575ac8965b15-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:18:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
21199
server
ECAcc (mid/8782)
navbar.js
www.paypalobjects.com/xoom/xvx/3.8.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/js/navbar.js
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8795) /
Resource Hash
6a43efd86dfa04094dddf99f76a411b0c1613556410cf8fd4b4c09d2771ce2cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
e7b79cf0aefc4
content-encoding
br
etag
W/"6734e734-10f5"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000e7b79cf0aefc4-07e950b70476d3e9-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
1958
server
ECAcc (mid/8795)
analytics.min.js
cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/ 		106 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.9.0/js/xoom-analytics-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cc36044f683227d8a95178ae4606cab12a5462c1b1b57d6f4bfb24d6d4bf5a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
gtk7hRoopAZB8BaWxTvWuP29uE0.Gfkb
etag
W/"389c4f0bc560e779390f6e99d12979e0"
age
28
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
4ybHX-BHSGYzFg8ZMG642ZMMtLfAYRh0noApRLfQMo5sTx2DVd0AUQ==
date
Thu, 26 Dec 2024 11:43:51 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 19:11:36 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
fe746a6172d1111267a3.svg
www.paypalobjects.com/xoom/xvx/3.8.0/images/ 		202 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/images/fe746a6172d1111267a3.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/demeter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/874A) /
Resource Hash
fe92a6173cf3561e51ae2fc7cd4839fcd30c9b77f76cf8efa5bddec08d303d14
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/demeter.css

Response headers

paypal-debug-id
d4755e48b3ac8
content-encoding
br
etag
W/"6734e734-ca"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000d4755e48b3ac8-4e0f151b36cec952-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
150
server
ECAcc (mid/874A)
2186b59b1607224c16eb.png
www.paypalobjects.com/xoom/xvx/3.8.0/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/images/2186b59b1607224c16eb.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/legacy-supplement.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8741) /
Resource Hash
004518367b7fca116cec42218658e8432fd124460bb57d47b44948ed89352737
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/legacy-supplement.css

Response headers

paypal-debug-id
2071c450bc5e3
etag
"6734e734-791"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-00000000000000000002071c450bc5e3-4527fa189706d6a5-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges
bytes
access-control-allow-origin
*
content-length
1937
server
ECAcc (mid/8741)
1fdf0fb9b39b778a08d7.png
www.paypalobjects.com/xoom/xvx/3.8.0/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/xoom/xvx/3.8.0/images/1fdf0fb9b39b778a08d7.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/legacy-supplement.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/871F) /
Resource Hash
acd9b512fa356580dd8b1c054966eaa35159067492d7c1503016f2425c7eac6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/legacy-supplement.css

Response headers

paypal-debug-id
f516a4b551b37
etag
"6734e734-7c8"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000f516a4b551b37-29d357ba2b47d1cc-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 17:51:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges
bytes
access-control-allow-origin
*
content-length
1992
server
ECAcc (mid/871F)
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/demeter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/871F) /
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.xoom.com
Referer
https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/demeter.css

Response headers

paypal-debug-id
6dc09d53f6fb5
etag
"60271cda-6318"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-00000000000000000006dc09d53f6fb5-b26895ce31411d8a-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/font-woff2
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
25368
server
ECAcc (mid/871F)
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/demeter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/870E) /
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.xoom.com
Referer
https://www.paypalobjects.com/xoom/xvx/3.8.0/styles/themes/demeter/demeter.css

Response headers

paypal-debug-id
bb174f285b644
etag
"60271cda-484c"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000bb174f285b644-c559c3d6bb4fc232-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/font-woff2
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
18508
server
ECAcc (mid/870E)
mapping.js
www.paypalobjects.com/ncs/xoom/ 		281 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ncs/xoom/mapping.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/871C) /
Resource Hash
6f0ce8ce5fd38e4a6b6cf4a6647c4fc1ebc731890e45265c57a73400de4bc1e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
534f4d7886a24
content-encoding
br
etag
W/"63dd70ed-119"
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000534f4d7886a24-333ddfd827f513d7-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Fri, 03 Feb 2023 20:39:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
content-length
122
server
ECAcc (mid/871C)
getBanner
www.paypal.com/myaccount/privacy/cookieprefs/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=es-ES&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=xoom&tenantData={%22cookiePrefsString%22:%22cookie_prefs%22}
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c10546675a4679b055971dcf71f1c94e4d6bd1abe4861fd4c3da11e2568e698
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+ip5k8oaxXmOQVbvNUpp+CwJjgZRM9e7DQwEdxYPetrWU2gB' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.xoom.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f491276a09f1f
content-encoding
gzip
etag
W/"4634-2dlZfxitcMQ3YKNdngRB/TZndiE"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f491276a09f1f-983c0b629bb13a96-01
server-timing
"traceparent;desc="00-0000000000000000000f491276a09f1f-47909c80d368e597-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-dfw-kdal2120124-DFW, cache-mia-kmia1760079-MIA, cache-mia-kmia1760079-MIA
x-cache-hits
0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+ip5k8oaxXmOQVbvNUpp+CwJjgZRM9e7DQwEdxYPetrWU2gB' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1735213455.170180,VS0,VE175
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
https://www.xoom.com
x-xss-protection
1; mode=block
getBanner
www.paypal.com/myaccount/privacy/cookieprefs/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=es-ES&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=xoom&tenantData={%22cookiePrefsString%22:%22cookie_prefs%22}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-dtCbU/w7tsBIll6G7YGnHAkU8cGYKIUpy4YN9KBKWTgTRg2s' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
GET
Origin
https://www.xoom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
none
access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin, Content-Type, Accept, X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
https://www.xoom.com
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-dtCbU/w7tsBIll6G7YGnHAkU8cGYKIUpy4YN9KBKWTgTRg2s' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/plain; charset=utf-8
date
Thu, 26 Dec 2024 11:44:15 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f491276f8e905
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f491276f8e905-35ef1af03a2ca3bc-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f491276f8e905-054d37373885e38e-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
cache-dfw-kdal2120042-DFW, cache-mia-kmia1760066-MIA, cache-mia-kmia1760066-MIA
x-timer
S1735213455.930165,VS0,VE146
x-xss-protection
1; mode=block
pa_xoom.js
www.paypalobjects.com/pa/js/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/pa_xoom.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.9.0/js/xoom-analytics-init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8730) /
Resource Hash
8c43b09a994b73222ca370bfe79867a93dcaf9b8ca5f765f6135837087221b2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
a932b9655e9a5
content-encoding
br
etag
"67652fe1-101d9"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000a932b9655e9a5-8d8d6bc8f4b1847e-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Fri, 20 Dec 2024 08:50:41 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
23103
server
ECAcc (mid/8730)
mktgtagmanager_xoom.js
www.paypalobjects.com/martech/tm/xoom/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/martech/tm/xoom/mktgtagmanager_xoom.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa_xoom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/878A) /
Resource Hash
3a25cc4d660d682270bd3ec96c223dab54f66a16249c66943d78b317ec4acccf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.xoom.com
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
a85f7c67a9527
content-encoding
br
etag
W/"67043568-3eaa"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000a85f7c67a9527-97e9e155f4bb0eee-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Mon, 07 Oct 2024 19:24:24 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
6272
server
ECAcc (mid/878A)
ts
t.xoom.com/ 		42 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.xoom.com/ts?v=1.9.5&t=1735213454795&g=600&page=xoom%3A&pgrp=xoom%3A&comp=xoom&tenant_name=xoom&residence_country_code=US&send_currency_code=USD&language=es&mgaff=untracked&fingerprint_id=116cd816-9883-494d-c902-ac27dc1ec59f&event_name=xoom_path_shown&platform_type=web&event_source=web&platform=web&experience=XOOM&product=xoom&event_props=residence_country_code%2C%20send_currency_code%2C%20receive_country_code%2C%20language%2C%20mgaff%2C%20fingerprint_id%2C%20event_name%2C%20xoom_id%2C%20xoom_user_id%2C%20platform_type%2C%20device%2C%20event_source%2C%20platform%2C%20experience%2C%20product%2C%20event_props&e=im&pt=Enviar%20dinero%20por%20Internet%20%7C%20Xoom%2C%20un%20servicio%20de%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
aa8c273b3d38e
correlation-id
aa8c273b3d38e
expires
Thu, 26 Dec 2024 11:44:15 GMT
traceparent
00-0000000000000000000aa8c273b3d38e-301228a01c91fa7a-01
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000aa8c273b3d38e-118cbb15952ad5c3-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
image/gif
x-served-by
cache-dfw-kdfw8210151-DFW, cache-mia-kmia1760060-MIA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1735213455.060297,VS0,VE75
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
mktconf.js
www.paypalobjects.com/martech/tm/xoom/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/martech/tm/xoom/mktconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/mktgtagmanager_xoom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8783) /
Resource Hash
fdc8deebf06fb977298ea2dae0d916397aa82aefbaebe252f6235d6d0e1d60fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.xoom.com
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
f05bf1ec802e0
content-encoding
br
etag
W/"6705ad9c-15d0"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-0000000000000000000f05bf1ec802e0-d83d775b9af48dc2-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 22:09:32 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
2022
server
ECAcc (mid/8783)
fbevents.js
www.paypalobjects.com/martech/tm/xoom/3pjs/meta/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/martech/tm/xoom/3pjs/meta/fbevents.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/mktgtagmanager_xoom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8779) /
Resource Hash
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.xoom.com
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
3fd4ca52d16dd
content-encoding
br
etag
W/"66f1ab0e-15ea3"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-00000000000000000003fd4ca52d16dd-4bcb1bb2ef91e90f-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 17:53:18 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
18183
server
ECAcc (mid/8779)
gtag.js
www.paypalobjects.com/martech/tm/xoom/3pjs/gtag/ 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/martech/tm/xoom/3pjs/gtag/gtag.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/mktgtagmanager_xoom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8788) /
Resource Hash
676665dfeba01a56a18671c739893a423d368725284730aaf051800eec6627f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.xoom.com
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
99eab2056c131
content-encoding
br
etag
"66f1ab0e-13bc6+gzip+br"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:14 GMT
traceparent
00-000000000000000000099eab2056c131-e9e9c9a99c41126e-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:14 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 17:53:18 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
31864
server
ECAcc (mid/8788)
236564939871335
connect.facebook.net/signals/config/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/236564939871335?v=2.9.4&r=stable
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/3pjs/meta/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
d676a3280e9ebca1dbcd00a99440df8a759d28c5c85a86d6d7bcbc2a21b01ec8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-O0nJxnNf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-O0nJxnNf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4529, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
V0PRa6rqMPUOILEp4ET21C02Qv+aH2OmT38CdKfnnEGVXh5pjRns9ELuKTywyLZNCFTn0+O/JDBbRUKHyNY7jQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
12536
x-xss-protection
0
origin-agent-cluster
?1
conversion_async.js
www.googleadservices.com/pagead/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/3pjs/gtag/gtag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f157.1e100.net
Software
cafe /
Resource Hash
1467343f63cc98647d59c1ff575fe51349be70fe08d456cbab385a1378fb4062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

content-encoding
br
etag
386282949569220296
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 11:44:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
21869
x-xss-protection
0
server
cafe
settings
cdn.segment.com/v1/projects/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533fe76b58d93cae28fff1ef10a57d68f43db5327425e8d7c9ea768a75d64ce3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
d8lrMYeiasBCu0IONUkhtq3_MzIV0EW1
etag
W/"c62ccb590579e639ec1cc48b44b6f247"
age
8710
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
mrG0MTE2zIJEZbAc5VaLClBAq8bJ6hTzCeCKfiKV3tevVOcVRw-Jxg==
date
Thu, 26 Dec 2024 09:19:06 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 19:11:37 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 798fb06c416f07d7eaba25e2728dc5ac.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id
1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
age
22019929
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
SavZ6z2pHToHo8D2lGfmpmwEPHCeK71HvP3_19tpLBvB-kmFFioBsg==
date
Mon, 15 Apr 2024 15:05:27 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 12 Apr 2024 21:39:45 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/986779018/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986779018/?random=1735213455267&cv=9&fst=1735213455267&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.xoom.com%2F&tiba=Enviar%20dinero%20por%20Internet%20%7C%20Xoom%2C%20un%20servicio%20de%20PayPal&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
9b63611fb3af4422343a297e896a97fb64ba407fb575730e49f6a8beb6c58dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2209
date
Thu, 26 Dec 2024 11:44:15 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id
6p7m0DymtVd2iHKfdr7k4GM1yYafy1xS
age
22309292
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
GURXtbVmypOzgOq9GQEFjfkmi0csQdZmnEwMdijhGm_nItoq7i0sCQ==
date
Fri, 12 Apr 2024 06:42:44 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 12 Apr 2024 03:48:56 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
ts
t.xoom.com/ 		42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.xoom.com/ts?v=1.9.5&t=1735213455370&g=600&page=main%3Aprivacy%3Apolicy%3Accpa&pgrp=main%3Aprivacy%3Apolicy&comp=xoom&tenant_name=xoom&residence_country_code=US&send_currency_code=USD&language=es&mgaff=untracked&fingerprint_id=116cd816-9883-494d-c902-ac27dc1ec59f&platform_type=web&event_source=web&platform=web&experience=XOOM&product=xoom&event_props=residence_country_code%2C%20send_currency_code%2C%20receive_country_code%2C%20language%2C%20mgaff%2C%20fingerprint_id%2C%20event_name%2C%20xoom_id%2C%20xoom_user_id%2C%20platform_type%2C%20device%2C%20event_source%2C%20platform%2C%20experience%2C%20product%2C%20event_props%2C%20link_name%2C%20simplified_path&displaypage=xoom%3A&ppage=privacy_banner&bannertype=cookiebanner&ccpg=US&flag=ccpa&bannerversion=v4&bannersource=ConsentNodeServ&eligibility_reason=true&cookie_disabled=false&tenant_code=xoom&event_name=xoom_cookie_banner_shown&e=ac
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
1df2e366e79f1
correlation-id
1df2e366e79f1
expires
Thu, 26 Dec 2024 11:44:15 GMT
traceparent
00-00000000000000000001df2e366e79f1-c138c2967b280144-01
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-00000000000000000001df2e366e79f1-89b78f7a19435e65-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
image/gif
x-served-by
cache-dfw-kdfw8210110-DFW, cache-mia-kmia1760060-MIA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1735213455.387027,VS0,VE70
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/873F) /
Resource Hash
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.xoom.com
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
d3a24e6db26d0
etag
"6298f2c0-6b41"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:15 GMT
traceparent
00-0000000000000000000d3a24e6db26d0-5250236fd4d2ab26-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
application/font-woff2
last-modified
Thu, 02 Jun 2022 17:26:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
27457
server
ECAcc (mid/873F)
visual-tagger.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3999ddde00a86aa8cac52ba54aa3cbf69ccd2ff81a1ecbf5d179eeee6ac835c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"1e6ed20ae1ef59e0a54725d717b8454f"
x-amz-version-id
6kecub0KoooxflkDQIdyX0LrCPZRXuaM
age
1217053
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
4gY478zybBbbCfHehbkHAUbsumdU5x3h1S-BOLS1eo-VelkESAECzQ==
date
Thu, 12 Dec 2024 09:40:03 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:20:17 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
15523
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
p
api.segment.io/v1/ 		21 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.234.198.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-234-198-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.xoom.com/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.xoom.com
content-length
21
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
application/json
vary
Origin
/
www.google.com/pagead/1p-user-list/986779018/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/986779018/?random=1735213455267&cv=9&fst=1735210800000&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.xoom.com%2F&tiba=Enviar%20dinero%20por%20Internet%20%7C%20Xoom%2C%20un%20servicio%20de%20PayPal&hn=www.googleadservices.com&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dS9KbhsAqHxBI_DEE3EinMaOEWr_dWA&random=2541341438&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.xoom.com
URL: https://www.xoom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 26 Dec 2024 11:44:15 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"c467a63b2e7c3a99be423ace649014d8"
x-amz-version-id
JPDEPREw8gYM0wgzX9n.pVdsRblNlmAD
age
1138166
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
0aY5DZY9n2rdEI7dDGp-s-XlETcfJdI8WRAJvNdCVRkqPQ1TKH2oAQ==
date
Fri, 13 Dec 2024 07:34:50 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:20:15 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
21911
x-amz-cf-pop
IAD79-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
instrumentation-spec-rftgd379dm-OJMMvuVf7U.json
d1wnclalxop6x4.cloudfront.net/ 		0
0
instrumentation-spec-rftgd379dm-OJMMvuVf7U.json
d1wnclalxop6x4.cloudfront.net/ 		0
0
Popups.js
www.paypalobjects.com/xoom/siteContent/26.9.0/js/xoom/ui/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/siteContent/26.9.0/js/xoom/ui/Popups.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.9.0/js/xoom-xvx-init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8782) /
Resource Hash
289516803d8198f82f0b871d128f713afc051cbb7770744d2c0840855463a7f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
fa3f18cc3736d
content-encoding
br
etag
W/"67128a45-1f89"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:15 GMT
traceparent
00-0000000000000000000fa3f18cc3736d-81fd556012821ceb-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:18:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
3508
server
ECAcc (mid/8782)
favicon.ico
www.paypalobjects.com/xoom/siteContent/26.9.0/img/ocb/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/xoom/siteContent/26.9.0/img/ocb/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8789) /
Resource Hash
b99bf48ca34878fccb74fb4cfa117bf1fb0ed928dec78f259cdb3791caa85bb0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xoom.com/

Response headers

paypal-debug-id
8d45b8c49b4de
content-encoding
br
etag
W/"67128a2e-3aee"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 12:44:15 GMT
traceparent
00-00000000000000000008d45b8c49b4de-ecfc0731951edf0d-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Dec 2024 11:44:15 GMT
content-type
image/x-icon
last-modified
Fri, 18 Oct 2024 16:17:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
2223
server
ECAcc (mid/8789)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d1wnclalxop6x4.cloudfront.net
URL
https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json
Domain
d1wnclalxop6x4.cloudfront.net
URL
https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| xoom object| analytics object| cookiePrefsValue function| triggerncs function| cookieFilter function| triggerCookieFilter function| manageCookiePreferences object| webpackChunkxoom_visual_experience function| XVXZepto object| Velocity number| _zid function| $ function| Zepto function| head boolean| tappy function| $$$ object| productCountries object| cookiemapping object| PAYPAL object| fpti string| fptiserverurl object| _ifpti object| mktconf function| fbq function| _fbq object| gDataLayer function| gtag object| google_tag_manager object| google_tag_data object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| cssElement function| bindGdprEvents function| hideGdprBanner function| showGdprBanner object| visual-taggerDeps function| visual-taggerLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate object| core function| visual-taggerIntegration function| Tracktor

13 Cookies

Domain/Path Name / Value
.xoom.com/ Name: _gcl_au
Value: 1.1.1840414550.1735213455
.xoom.com/ Name: ts
Value: vreXpYrS%3D1766749455%26vteXpYrS%3D1735215255%26vr%3D02c816fe194647e4d0663732f576e8e7%26vt%3D02c816fe194647e4d0663732f576e8e6
.xoom.com/ Name: ts_c
Value: vr%3D02c816fe194647e4d0663732f576e8e7%26vt%3D02c816fe194647e4d0663732f576e8e6
.paypal.com/ Name: enforce_policy
Value: ccpa
.paypal.com/ Name: LANG
Value: en_US%3BUS
.paypal.com/ Name: tsrce
Value: privacynodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTczNTIxMzQ1NTI5NyIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/ Name: nsid
Value: s%3AOHr33Z36TT_WcdbjT7HffWWeP_msWPX_.wpsX3FQjkljc9K1iSgJSsT0RjJubHtAXWHhkpbdX5nc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1766749455%26vteXpYrS%3D1735215255%26vr%3D02c8176b1940ad1274811c65f1232dfb%26vt%3D02c8176b1940ad1274811c65f1232dfa%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D02c8176b1940ad1274811c65f1232dfb%26vt%3D02c8176b1940ad1274811c65f1232dfa
.xoom.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.xoom.com/ Name: ajs_anonymous_id
Value: 1f89c041-05d7-4122-82ee-2505e5d094aa
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ https://*.ctfassets.net/ 'unsafe-inline' 'self' https://*.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ 'nonce-36f3dc72c0234320c30aac27dc1ec59f' 'self' https://*.googleadservices.com/ https://*.gstatic.com/ https://*.s-xoom.com/ https://*.segment.com/ https://www.googletagmanager.com/ https://*.online-metrix.net/ https://connect.facebook.net/ https://*.google-analytics.com/ https://*.cardinalcommerce.com/ https://*.mxpnl.com/ https://*.google.com/ https://bat.bing.com/ https://*.ctfassets.net/ https://iesnare.com/ https://*.braintreegateway.com/ https://*.googleapis.com/ https://*.doubleclick.net/ https://*.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://*.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/ https://www.datadoghq-browser-agent.com/; form-action * paypal://remittance/link-paypal-account https://*.xoom.com/ https://*.paypal.com/; frame-src *; img-src 'self' data: https:; connect-src https://*.xoom.com/ 'self' https://*.google-analytics.com/ https://*.mixpanel.com/ https://*.cardinalcommerce.com/ https://*.google.com/ https://*.cloudfront.net/ https://*.braintreegateway.com/ https://*.googleapis.com/ wss://*.xoom.com/ https://*.doubleclick.net/ https://www.facebook.com/ https://*.segment.io/ https://*.segment.com/ https://*.paypal.com/ https://*.s-xoom.com/ https://*.online-metrix.net/ https://*.braintree-api.com/ https://www.paypalobjects.com/ https://*.preview.dev.paypalinc.com/ https://browser-intake-datadoghq.com/; worker-src 'self'; object-src https://*.cardinalcommerce.com/ https://*.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://*.salesforce.com/ https://*.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ https://fonts.gstatic.com/ https://*.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
cdn.segment.com
connect.facebook.net
d1wnclalxop6x4.cloudfront.net
googleads.g.doubleclick.net
images.ctfassets.net
reestri.comerica-analytics.xoompadala.com
t.xoom.com
www.google.com
www.googleadservices.com
www.paypal.com
www.paypalobjects.com
www.xoom.com
d1wnclalxop6x4.cloudfront.net
142.251.167.156
142.251.179.157
151.101.129.21
151.101.131.1
151.101.3.1
157.240.229.1
172.253.115.147
192.229.210.155
2600:9000:24f4:7000:12:94b3:c380:93a1
3.33.139.32
44.234.198.184
99.86.191.237
004518367b7fca116cec42218658e8432fd124460bb57d47b44948ed89352737
074b0f0354335c4268d16ba85c367f3ba68535702e2c72433b4d29efd93a2b34
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1467343f63cc98647d59c1ff575fe51349be70fe08d456cbab385a1378fb4062
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
289516803d8198f82f0b871d128f713afc051cbb7770744d2c0840855463a7f1
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
38ae2e18d752fc224004ea76e3f4965cad029f8b4600279266e90bebae7b5732
3999ddde00a86aa8cac52ba54aa3cbf69ccd2ff81a1ecbf5d179eeee6ac835c1
39eff96f78080293771564fdb4f12775ab61701faa69ddb0880872c928e7da3d
3a25cc4d660d682270bd3ec96c223dab54f66a16249c66943d78b317ec4acccf
4a13a8a11686c3a93095b7690c2afb9adf37cff00a6499126fbab7052f067cde
533fe76b58d93cae28fff1ef10a57d68f43db5327425e8d7c9ea768a75d64ce3
55503c79eaae7f0dcab3896539f322e1945176ac68203c8de469ef694a2ed3b6
5f050141e493b03a497c390e2d8c3cabda526074bf0d6cbeac54e8a5ae2d28d7
676665dfeba01a56a18671c739893a423d368725284730aaf051800eec6627f4
69b92089af852f9c3722996d434f36badfea677d48eadd5fbad962ea552235a2
6a43efd86dfa04094dddf99f76a411b0c1613556410cf8fd4b4c09d2771ce2cc
6c10546675a4679b055971dcf71f1c94e4d6bd1abe4861fd4c3da11e2568e698
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6dc5f6b047b22a18f9697a9004fb915baa046f98b867896c70ad1d4c62530dbd
6e3ea61c126ec38cdbc177f04cb2c0551e93bd1209f43c2af4ebd2ff2d9bdbe5
6f0ce8ce5fd38e4a6b6cf4a6647c4fc1ebc731890e45265c57a73400de4bc1e0
7cbcaf9e3caeb0712df47b5d4079b6c1e08e3d91e158f7e7385aceea03c30669
7cc36044f683227d8a95178ae4606cab12a5462c1b1b57d6f4bfb24d6d4bf5a9
8c43b09a994b73222ca370bfe79867a93dcaf9b8ca5f765f6135837087221b2b
8f78affdfb3d76746343d4dd84da45651bb58ddb75d71bd6da70c4ba75ca5932
91042cc61b24f4f5fecb7712ca0b4c9e0a67886b7d713457e6165589cf0ab758
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9b63611fb3af4422343a297e896a97fb64ba407fb575730e49f6a8beb6c58dd2
a04976c86c083c18d12c018a3e0f4f6a8add87f02d7795270e1470012bc02c21
a880301cf73bf1d06118a53e77d83b9042871a905f4e1f3129583f269da58344
acd9b512fa356580dd8b1c054966eaa35159067492d7c1503016f2425c7eac6d
b85663035e42dc9e414c7be13ad1d00fb5873e3e7ded788e04c055aafd624682
b99bf48ca34878fccb74fb4cfa117bf1fb0ed928dec78f259cdb3791caa85bb0
bdca3c0b9a9106bdb5c753f3a88add197fa5ab4dec850fa6734ddb364ad1968a
c221774c375e3d59ce7287866803d7c9bc2b328d4393f4c71493b44afc2e6f07
d565897ad03c72b50634e6ab28c7d01d481ba7bdc6d9e14d8e78f578b93ebe90
d676a3280e9ebca1dbcd00a99440df8a759d28c5c85a86d6d7bcbc2a21b01ec8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
fdc8deebf06fb977298ea2dae0d916397aa82aefbaebe252f6235d6d0e1d60fc
fe92a6173cf3561e51ae2fc7cd4839fcd30c9b77f76cf8efa5bddec08d303d14