www.xoom.com Open in urlscan Pro
151.101.195.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xoom.com/
Effective URL:
https://www.xoom.com/
Submission Tags: falconsandbox
Submission: On September 26 via api (September 26th 2024, 8:59:44 pm UTC) from US — Scanned from US

Summary HTTP 50 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 11 domains to perform 50 HTTP transactions. The main IP is 151.101.195.1, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.xoom.com. The Cisco Umbrella rank of the primary domain is 325281.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 22nd 2024. Valid for: a year.

This is the only time www.xoom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1	151.101.195.1 151.101.195.1	54113 (FASTLY) (FASTLY)
27	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
9	2600:9000:24f... 2600:9000:24f0:4200:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
6	13.226.38.199 13.226.38.199	16509 (AMAZON-02) (AMAZON-02)
1	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
1	52.12.47.65 52.12.47.65	16509 (AMAZON-02) (AMAZON-02)
1	142.250.72.100 142.250.72.100	15169 (GOOGLE) (GOOGLE)
50	10

1 151.101.65.21 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

xoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.195.1 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.xoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.xoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:24f0:4200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.12.47.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-47-65.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 3005	307 KB
9	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4284	14 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 2021	72 KB
4	xoom.com 1 redirects xoom.com — Cisco Umbrella Rank: 178918 www.xoom.com — Cisco Umbrella Rank: 325281 t.xoom.com — Cisco Umbrella Rank: 306814	60 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 3337	7 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	64 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1428	172 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 53	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	20 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	10 KB
0	cloudfront.net Failed d1wnclalxop6x4.cloudfront.net Failed
50	11

	Domain	Requested by
23	www.paypalobjects.com	www.xoom.com www.paypalobjects.com
9	images.ctfassets.net	www.xoom.com
6	cdn.segment.com	www.paypalobjects.com cdn.segment.com
2	t.xoom.com	www.xoom.com
2	www.paypal.com	www.paypalobjects.com
1	www.google.com	www.xoom.com
1	api.segment.io	cdn.segment.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.paypalobjects.com
1	connect.facebook.net	www.paypalobjects.com
1	www.xoom.com
1	xoom.com	1 redirects
0	d1wnclalxop6x4.cloudfront.net Failed	cdn.segment.com
50	13

This site contains links to these domains. Also see Links.

Domain
help.xoom.com
www.paypal.com
control.kochava.com

Subject Issuer	Validity	Valid
www.xoom.com DigiCert SHA2 Extended Validation Server CA	`2024-01-22` - `2025-01-25`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-13` - `2025-06-12`	a year	crt.sh
images.ctfassets.net Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.googleadservices.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.xoom.com/
Frame ID: 684E4111C6D3022A8A8B23D6F2357431
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Send Money Online | Xoom, a PayPal Service

Page URL History Show full URLs

https://xoom.com/ HTTP 301
https://www.xoom.com/ Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

50
Requests

96 %
HTTPS

10 %
IPv6

11
Domains

13
Subdomains

10
IPs

1
Countries

492 kB
Transfer

1346 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://help.xoom.com/s/?language=en-US
Title: Help

Search URL Search Domain Scan URL

URL: https://help.xoom.com/s/contactsupport
Title: Help

Search URL Search Domain Scan URL

URL: https://help.xoom.com/s/?language=en_US
Title: Help Center

Search URL Search Domain Scan URL

URL: https://help.xoom.com/?language=en_US
Title: Visit our Help Center

Search URL Search Domain Scan URL

URL: https://help.xoom.com/s/contactsupport?language=en_US
Title: Email Us

Search URL Search Domain Scan URL

URL: https://help.xoom.com/s/article/xoom-basics?language=en_US
Title: How It Works

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/ua/privacy-full
Title: Privacy (USA)

Search URL Search Domain Scan URL

URL: https://control.kochava.com/v1/cpi/click?_rt=App-Xoom-Internal-Android-EN&campaign_id=koxoom-prod----android56b4c695435219dd306befd0bf&network_id=4045&device_id=device_id&site_id=1
Title: Android App on Google Play

Search URL Search Domain Scan URL

URL: https://control.kochava.com/v1/cpi/click?_rt=App-Xoom-Internal-iOS-EN&campaign_id=koxoom-prod----ios56b4c5fb145fab36acfdcb4372&network_id=4045&device_id=device_id&site_id=1
Title: Download on the App Store

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xoom.com/ HTTP 301
https://www.xoom.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xoom.com/
Redirect Chain

https://xoom.com/
https://www.xoom.com/

56 KB
58 KB

255ms
73ms

Document
text/html

151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8106e8e7396a093a4b83789f7ab4aaec0e9a3aea8044e94a26652f95e25b46fc

Security Headers

Name	Value
Content-Security-Policy	style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://.dev.paypalinc.com/ https://.ctfassets.net/ 'unsafe-inline' 'self' https://.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://.dev.paypalinc.com/ 'nonce-3486153867a846cfc6391ae9df81f4e7' 'self' https://.googleadservices.com/ https://.gstatic.com/ https://.s-xoom.com/ https://.segment.com/ https://www.googletagmanager.com/ https://.online-metrix.net/ https://connect.facebook.net/ https://.google-analytics.com/ https://.cardinalcommerce.com/ https://.mxpnl.com/ https://.google.com/ https://bat.bing.com/ https://.ctfassets.net/ https://iesnare.com/ https://.braintreegateway.com/ https://.googleapis.com/ https://.doubleclick.net/ https://.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/ https://www.datadoghq-browser-agent.com/; form-action paypal://remittance/link-paypal-account https://.xoom.com/ https://.paypal.com/; frame-src ; img-src 'self' data: https:; connect-src https://.xoom.com/ 'self' https://.google-analytics.com/ https://.mixpanel.com/ https://.cardinalcommerce.com/ https://.google.com/ https://.cloudfront.net/ https://.braintreegateway.com/ https://.googleapis.com/ wss://.xoom.com/ https://.doubleclick.net/ https://www.facebook.com/ https://.segment.io/ https://.segment.com/ https://.paypal.com/ https://.s-xoom.com/ https://.online-metrix.net/ https://.braintree-api.com/ https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/ https://browser-intake-datadoghq.com/; worker-src 'self'; object-src https://.cardinalcommerce.com/ https://.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://.salesforce.com/ https://.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://.dev.paypalinc.com/ https://fonts.gstatic.com/ https://.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 469
cache-control: no-cache, no-store
content-language: en-US
content-length: 57583
content-security-policy: style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ https://*.ctfassets.net/ 'unsafe-inline' 'self' https://*.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ 'nonce-3486153867a846cfc6391ae9df81f4e7' 'self' https://*.googleadservices.com/ https://*.gstatic.com/ https://*.s-xoom.com/ https://*.segment.com/ https://www.googletagmanager.com/ https://*.online-metrix.net/ https://connect.facebook.net/ https://*.google-analytics.com/ https://*.cardinalcommerce.com/ https://*.mxpnl.com/ https://*.google.com/ https://bat.bing.com/ https://*.ctfassets.net/ https://iesnare.com/ https://*.braintreegateway.com/ https://*.googleapis.com/ https://*.doubleclick.net/ https://*.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://*.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/ https://www.datadoghq-browser-agent.com/; form-action * paypal://remittance/link-paypal-account https://*.xoom.com/ https://*.paypal.com/; frame-src *; img-src 'self' data: https:; connect-src https://*.xoom.com/ 'self' https://*.google-analytics.com/ https://*.mixpanel.com/ https://*.cardinalcommerce.com/ https://*.google.com/ https://*.cloudfront.net/ https://*.braintreegateway.com/ https://*.googleapis.com/ wss://*.xoom.com/ https://*.doubleclick.net/ https://www.facebook.com/ https://*.segment.io/ https://*.segment.com/ https://*.paypal.com/ https://*.s-xoom.com/ https://*.online-metrix.net/ https://*.braintree-api.com/ https://www.paypalobjects.com/ https://*.preview.dev.paypalinc.com/ https://browser-intake-datadoghq.com/; worker-src 'self'; object-src https://*.cardinalcommerce.com/ https://*.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://*.salesforce.com/ https://*.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://*.dev.paypalinc.com/ https://fonts.gstatic.com/ https://*.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
content-type: text/html;charset=UTF-8
cross-origin-opener-policy: same-origin
date: Thu, 26 Sep 2024 20:59:38 GMT
etag: "0722f524bd88baa7ee4e11f56a553f345"
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 13, 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 148
x-frame-options: SAMEORIGIN
x-served-by: cache-bur-kbur8200045-BUR, cache-lax-kwhp1940139-LAX
x-timer: S1727384378.392636,VS0,VE2
x-ua-compatible: IE=edge
x-xoom-requestid: 38e2d124-1b60-4199-834d-b8edcf8761d7
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
cache-control: max-age=86400
content-length: 0
date: Thu, 26 Sep 2024 20:59:38 GMT
location: https://www.xoom.com/
retry-after: 0
server: Varnish
strict-transport-security: max-age=300
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-bur-kbur8200119-BUR
x-timer: S1727384378.137341,VS0,VE1

GET
H2 200 legacy-supplement.css
www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/ 51 KB
10 KB 449ms
73ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/legacy-supplement.css

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5590) /

Resource Hash

074b0f0354335c4268d16ba85c367f3ba68535702e2c72433b4d29efd93a2b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 7256ea50812b4
content-encoding: gzip
etag: W/"660b2e0d-cd65"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:38 GMT
traceparent: 00-00000000000000000007256ea50812b4-021d71ef0cb17536-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:38 GMT
content-type: text/css
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 9823
server: ECAcc (lac/5590)

GET
H2 200 demeter.css
www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/ 224 KB
32 KB 450ms
75ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/demeter.css

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559F) /

Resource Hash

a04976c86c083c18d12c018a3e0f4f6a8add87f02d7795270e1470012bc02c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 54d481c87fffd
content-encoding: gzip
etag: W/"660b2e0d-37e38"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:38 GMT
traceparent: 00-000000000000000000054d481c87fffd-77f50b27309b19b5-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:38 GMT
content-type: text/css
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 33107
server: ECAcc (lac/559F)

GET
H2 200 xoom-analytics-init.js Show response
www.paypalobjects.com/xoom/siteContent/26.7.0/js/ 11 KB
4 KB 449ms
74ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/siteContent/26.7.0/js/xoom-analytics-init.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559C) /

Resource Hash

30705d0c7038a3a557b93bae7c602992514c79389f7791f171c97165f912a248

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 44b889b3ecb59
content-encoding: gzip
etag: W/"66a02316-2ccb"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:38 GMT
traceparent: 00-000000000000000000044b889b3ecb59-ced95b0b8af001ad-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:38 GMT
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 21:39:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4064
server: ECAcc (lac/559C)

GET
H2 200 logo.XX.Xoom.en.svg
images.ctfassets.net/fyvbo1b1kt27/hwLSpROb0zYQH5AQFogBP/8433f14cb034605e584fd2beabb750d6/ 7 KB
3 KB 517ms
141ms Image
image/svg+xml 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/hwLSpROb0zYQH5AQFogBP/8433f14cb034605e584fd2beabb750d6/logo.XX.Xoom.en.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 47b4a1619f90b4aab0405251da00908eec2642ea4d524fb0c7559c6b9deb5aef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"1dfbd8a05d8494f6b72649ae4df44c09"
age: 53107
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: UR8sZJ7tbDj3FE00AuyfJDnUdgZ7N_KgvVIzpe-7ymslHHiLZLW5pQ==
date: Thu, 26 Sep 2024 06:14:32 GMT
content-type: image/svg+xml
last-modified: Tue, 13 Oct 2020 16:57:56 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 paypal-checkout.svg
images.ctfassets.net/fyvbo1b1kt27/u9PkG4dAF1zNefeFGrnkZ/981fa2683c57e9012d99048b58ec67f0/ 3 KB
2 KB 502ms
135ms Image
image/svg+xml 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/u9PkG4dAF1zNefeFGrnkZ/981fa2683c57e9012d99048b58ec67f0/paypal-checkout.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a880301cf73bf1d06118a53e77d83b9042871a905f4e1f3129583f269da58344

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"7b6a4ccdfdcd43853fa63d53ac093cfd"
age: 53334
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: JEv6AJ0p9arjnlxlLrM2oZNCbbtxUwtCV38TFyCJpl42yffuLTMOdw==
date: Thu, 26 Sep 2024 06:10:45 GMT
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 18:35:10 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 speed.svg
images.ctfassets.net/fyvbo1b1kt27/6SPQ3iSxkySLljwpxIF95z/9c31d27985b73e27852579cd4282063c/ 1 KB
997 B 134ms
134ms Image
image/svg+xml 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/6SPQ3iSxkySLljwpxIF95z/9c31d27985b73e27852579cd4282063c/speed.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c221774c375e3d59ce7287866803d7c9bc2b328d4393f4c71493b44afc2e6f07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"58e28223c8ce6f8005cb8e5ea40bf3c3"
age: 47746
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: WXXdR0xqbqX-4Enzb503dtNGtDJeszINwn4VWriWCIgkr_YOOICaaQ==
date: Thu, 26 Sep 2024 09:25:51 GMT
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 18:37:04 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 digital-wallet.svg
images.ctfassets.net/fyvbo1b1kt27/6IG967Ol1Cfifavm9KaQH9/7ad4845563393a41139bcb1aa70aa634/ 1 KB
883 B 135ms
135ms Image
image/svg+xml 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/6IG967Ol1Cfifavm9KaQH9/7ad4845563393a41139bcb1aa70aa634/digital-wallet.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: bdca3c0b9a9106bdb5c753f3a88add197fa5ab4dec850fa6734ddb364ad1968a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"d398267bcf24fa7c65548c6b42359a52"
age: 36320
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: Il0c2raxsZCVNowaBbZel-v9W7Mk2ENyyPBuNeXJWspmg1uZ_OFqWg==
date: Thu, 26 Sep 2024 10:54:46 GMT
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 21:32:04 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 track-payments.svg
images.ctfassets.net/fyvbo1b1kt27/5ZGLd65aHS2CwSsACSE6us/dafd045deab99c9d0af7efa63e960022/ 901 B
1 KB 144ms
142ms Image
image/svg+xml 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/5ZGLd65aHS2CwSsACSE6us/dafd045deab99c9d0af7efa63e960022/track-payments.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 5f050141e493b03a497c390e2d8c3cabda526074bf0d6cbeac54e8a5ae2d28d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
etag: "33405eaecd9621ff1d69dd1b8db3e604"
age: 53160
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 901
x-amz-cf-id: O9M6A4qP4nV3Rm29y14LJQn_2hjryOcsyEbHKGCPGOdiLp9EdOEkyQ==
date: Thu, 26 Sep 2024 06:13:40 GMT
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 21:24:19 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 send-receive.svg
images.ctfassets.net/fyvbo1b1kt27/5vrAmhBzMmV4EhthNvyn6I/30960d4b4f88982eb6bf0d28d65df1b4/ 2 KB
1 KB 140ms
138ms Image
image/svg+xml 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/5vrAmhBzMmV4EhthNvyn6I/30960d4b4f88982eb6bf0d28d65df1b4/send-receive.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 55503c79eaae7f0dcab3896539f322e1945176ac68203c8de469ef694a2ed3b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: W/"370b958e302aa234cdf82e24893a3430"
age: 36765
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: 8hPuCKUSBu05QS0EH9rGCGebcIsVsJrEcEAAYvycxDnE8qlXUFYKjQ==
date: Thu, 26 Sep 2024 10:49:15 GMT
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 21:27:20 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 phone.png
images.ctfassets.net/fyvbo1b1kt27/6MhvaMup9eqmg0Kam2ucGU/87cf947def59e575ef6c0d06b31f142d/ 1 KB
2 KB 148ms
146ms Image
image/png 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/6MhvaMup9eqmg0Kam2ucGU/87cf947def59e575ef6c0d06b31f142d/phone.png
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 7cbcaf9e3caeb0712df47b5d4079b6c1e08e3d91e158f7e7385aceea03c30669

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
etag: "62190dadc3e38382bea28c5cd1835068"
age: 53160
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 1334
x-amz-cf-id: RLfEqzgJ_fhXS7fgKaOx8fuDK7ME63ksvUGedb8TI1toQd6Tr4FCzg==
date: Thu, 26 Sep 2024 06:13:40 GMT
content-type: image/png
last-modified: Fri, 03 Nov 2023 19:10:11 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 trust.png
images.ctfassets.net/fyvbo1b1kt27/6fRyOoviMg4eaO4wCI4KWu/19df74c64ec317e06cdc947b5a11bfd8/ 2 KB
3 KB 139ms
138ms Image
image/png 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/6fRyOoviMg4eaO4wCI4KWu/19df74c64ec317e06cdc947b5a11bfd8/trust.png
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b85663035e42dc9e414c7be13ad1d00fb5873e3e7ded788e04c055aafd624682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
etag: "f9e054c632b94927bca775ad1b7d4849"
age: 47889
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 2430
x-amz-cf-id: jHAnngRzL8LQSew-lAspLv-ztHddTL_DKWbsl4iT_yHajFxsMUqNyg==
date: Thu, 26 Sep 2024 09:25:52 GMT
content-type: image/png
last-modified: Fri, 03 Nov 2023 18:43:24 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 security.svg
images.ctfassets.net/fyvbo1b1kt27/6jT23CEffOsOQusmgAAWiS/fb2733aad54ec9102d0db9bc7ec8a66b/ 836 B
1 KB 148ms
147ms Image
image/svg+xml 2600:9000:24f0:4200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/6jT23CEffOsOQusmgAAWiS/fb2733aad54ec9102d0db9bc7ec8a66b/security.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:4200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6dc5f6b047b22a18f9697a9004fb915baa046f98b867896c70ad1d4c62530dbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: max-age=31536000
etag: "1473f2c3f116163c915c91ec444bbc55"
age: 35820
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 836
x-amz-cf-id: VAzC5fxrqOVMT0HuukFI8_V6tjzfFyxxUc3MmtzLDH0yBKVfiJqqbg==
date: Thu, 26 Sep 2024 11:02:42 GMT
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 18:42:52 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
vary: Accept-Encoding

GET
H2 200 ncs.js Show response
www.paypalobjects.com/ncs/ 15 KB
4 KB 148ms
145ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ncs/ncs.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55CA) /

Resource Hash

4673c229c2c1d356b98c232c599afdb44c85e7279c63c3ef962b4ba677378ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: e49181b331517
content-encoding: gzip
etag: W/"65f9e1ac-3a48"
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000e49181b331517-51c9f980c2941b51-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 19:04:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
content-length: 3913
server: ECAcc (lac/55CA)

GET
H2 200 common.js Show response
www.paypalobjects.com/xoom/xvx/3.7.0/js/ 169 KB
54 KB 76ms
73ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/js/common.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559E) /

Resource Hash

dd132d244f6dfbc52f1a4abaceb03b33ccb85ce8ac2657068f3f683e60c0a67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 521dc43e0afc9
content-encoding: gzip
etag: W/"660b2e0d-2a518"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000521dc43e0afc9-32a56fca57f8dd5a-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54905
server: ECAcc (lac/559E)

GET
H2 200 header.js Show response
www.paypalobjects.com/xoom/xvx/3.7.0/js/ 5 KB
2 KB 81ms
79ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/js/header.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55CE) /

Resource Hash

73ef0cae8c362afc4c908f4fbd5090e279abc208c9558e6a4dc34fb76087a02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: f8e2694efcd69
content-encoding: gzip
etag: W/"660b2e0d-142d"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000f8e2694efcd69-981f45a7573d6f8c-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1906
server: ECAcc (lac/55CE)

GET
H2 200 main.js Show response
www.paypalobjects.com/xoom/xvx/3.7.0/js/ 34 KB
11 KB 81ms
79ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/js/main.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55C2) /

Resource Hash

38ae2e18d752fc224004ea76e3f4965cad029f8b4600279266e90bebae7b5732

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 669b525f3ccab
content-encoding: gzip
etag: W/"660b2e0d-879e"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000669b525f3ccab-c5553a8c2a059d3b-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10689
server: ECAcc (lac/55C2)

GET
H2 200 xoom-xvx-init.js Show response
www.paypalobjects.com/xoom/siteContent/26.7.0/js/ 55 KB
20 KB 82ms
79ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/siteContent/26.7.0/js/xoom-xvx-init.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559E) /

Resource Hash

d565897ad03c72b50634e6ab28c7d01d481ba7bdc6d9e14d8e78f578b93ebe90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 35dc012c954ad
content-encoding: gzip
etag: W/"66a02316-db88"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-000000000000000000035dc012c954ad-c3bd821d3b639d06-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 21:39:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20664
server: ECAcc (lac/559E)

GET
H2 200 navbar.js Show response
www.paypalobjects.com/xoom/xvx/3.7.0/js/ 4 KB
2 KB 82ms
80ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/js/navbar.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559F) /

Resource Hash

6a43efd86dfa04094dddf99f76a411b0c1613556410cf8fd4b4c09d2771ce2cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 2a7c2ea7b628b
content-encoding: gzip
etag: W/"660b2e0d-10f5"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-00000000000000000002a7c2ea7b628b-e8dff66e46f6bd33-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 2063
server: ECAcc (lac/559F)

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/ 103 KB
28 KB 469ms
158ms Script
text/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.7.0/js/xoom-analytics-init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2f2589ab5ce2e3e544b1c2af7771c7f9116c832785d61dbc5fdf2c409bfe013

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: .64L.nkDkNeiFObBPOVvazQ5jogfDhco
etag: W/"1a1d5ab35607c8d2a0489ebe05de7787"
age: 45
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: vvfX8Cfo2LLkdemaZhguOt4xJp4dT4sLzImY5lInQQDl08AD4iG62g==
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jul 2024 20:11:01 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fe746a6172d1111267a3.svg
www.paypalobjects.com/xoom/xvx/3.7.0/images/ 202 B
304 B 139ms
139ms Image
image/svg+xml 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/images/fe746a6172d1111267a3.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/demeter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55D2) /

Resource Hash

fe92a6173cf3561e51ae2fc7cd4839fcd30c9b77f76cf8efa5bddec08d303d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/demeter.css

Response headers

paypal-debug-id: 864849da12391
content-encoding: gzip
etag: W/"660b2e0d-ca"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000864849da12391-ac0e01db04cbeb81-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: image/svg+xml
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 170
server: ECAcc (lac/55D2)

GET
H2 200 2186b59b1607224c16eb.png
www.paypalobjects.com/xoom/xvx/3.7.0/images/ 2 KB
2 KB 139ms
138ms Image
image/png 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/images/2186b59b1607224c16eb.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/legacy-supplement.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55B9) /

Resource Hash

004518367b7fca116cec42218658e8432fd124460bb57d47b44948ed89352737

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/legacy-supplement.css

Response headers

paypal-debug-id: 474e8a69a40a7
etag: "660b2e0d-791"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000474e8a69a40a7-03268564a3ec2edd-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: image/png
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1937
server: ECAcc (lac/55B9)

GET
H2 200 1fdf0fb9b39b778a08d7.png
www.paypalobjects.com/xoom/xvx/3.7.0/images/ 2 KB
2 KB 138ms
137ms Image
image/png 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/xoom/xvx/3.7.0/images/1fdf0fb9b39b778a08d7.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/legacy-supplement.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55E1) /

Resource Hash

acd9b512fa356580dd8b1c054966eaa35159067492d7c1503016f2425c7eac6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/legacy-supplement.css

Response headers

paypal-debug-id: a00c10773bcf8
etag: "660b2e0d-7c8"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000a00c10773bcf8-3875fa70284f6c7d-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: image/png
last-modified: Mon, 01 Apr 2024 21:58:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1992
server: ECAcc (lac/55E1)

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 285ms
72ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/demeter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55CC) /

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.xoom.com
Referer: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/demeter.css

Response headers

paypal-debug-id: 3cc0c927d8324
etag: "60271cda-6318"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-00000000000000000003cc0c927d8324-0bde160d59919613-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/font-woff2
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25368
server: ECAcc (lac/55CC)

GET
H2 200 PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 287ms
74ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/demeter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55C5) /

Resource Hash

2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.xoom.com
Referer: https://www.paypalobjects.com/xoom/xvx/3.7.0/styles/themes/demeter/demeter.css

Response headers

paypal-debug-id: 8d17be83bf392
etag: "60271cda-484c"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-00000000000000000008d17be83bf392-38002127be799ce7-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/font-woff2
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18508
server: ECAcc (lac/55C5)

OPTIONS
H2 200 getBanner
www.paypal.com/myaccount/privacy/cookieprefs/ 0
0 413ms
181ms Preflight
text/plain 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=en-US&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=xoom&tenantData={%22cookiePrefsString%22:%22cookie_prefs%22}

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/558B) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-iUs26TNCDU6TEOE/G1uGpbzmuwC9wWVR+7nysoT4UcpiyMYr' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type
Access-Control-Request-Method: GET
Origin: https://www.xoom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-origin, Content-Type, Accept, X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: https://www.xoom.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 2
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-iUs26TNCDU6TEOE/G1uGpbzmuwC9wWVR+7nysoT4UcpiyMYr' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/plain; charset=utf-8
date: Thu, 26 Sep 2024 20:59:39 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: 079264573a070
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: ECAcc (lac/558B)
server-timing: traceparent;desc="00-0000000000000000000079264573a070-19b954f9a962110f-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000079264573a070-75606d0e1ddf8099-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 mapping.js Show response
www.paypalobjects.com/ncs/xoom/ 281 B
299 B 73ms
73ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ncs/xoom/mapping.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55C7) /

Resource Hash

6f0ce8ce5fd38e4a6b6cf4a6647c4fc1ebc731890e45265c57a73400de4bc1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: da714737391aa
content-encoding: gzip
etag: W/"63dd70ed-119"
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000da714737391aa-8076440701718bbe-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 20:39:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
content-length: 154
server: ECAcc (lac/55C7)

GET
H2 200 getBanner Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 18 KB
7 KB 178ms
178ms XHR
application/json 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55DF) /

Resource Hash

a466cc11d403636b5220160fb659a154e407a3b23ee2c35ee587953236707fcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2TZm1W693bZ1xerWf30uUupZi7K3l0JaoW8ADOfVhhAiynq1' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 02377715215b1
content-encoding: gzip
etag: W/"4615-851pvtwlbKFiOHYZlvmVZzrfsVw"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-000000000000000000002377715215b1-dbd87b58abb3e104-01
server-timing: traceparent;desc="00-000000000000000000002377715215b1-f44ff056b2e5d0ac-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2TZm1W693bZ1xerWf30uUupZi7K3l0JaoW8ADOfVhhAiynq1' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin: https://www.xoom.com
x-xss-protection: 1; mode=block
server: ECAcc (lac/55DF)

GET
H2 200 pa_xoom.js Show response
www.paypalobjects.com/pa/js/ 65 KB
24 KB 74ms
72ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/pa_xoom.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.7.0/js/xoom-analytics-init.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5587) /

Resource Hash

7ed9de06c1fc83e455528b89ad8e468c8a05825307746200483cb8c1029d9c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: f439ffdeebcb7
content-encoding: gzip
etag: "66f59697-10238+gzip"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000f439ffdeebcb7-1066dfc99adcf2ec-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 17:15:03 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 24063
server: ECAcc (lac/5587)

GET
H2 200 mktgtagmanager_xoom.js Show response
www.paypalobjects.com/martech/tm/xoom/ 16 KB
7 KB 126ms
126ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/xoom/mktgtagmanager_xoom.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5583) /

Resource Hash

044095beb71368bbe0175c817a9a7644d882aaef3002bb4f66281ec1ccb06fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.xoom.com
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: bbfe928d5286b
content-encoding: gzip
etag: "66f1ab0e-3e24+gzip"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000bbfe928d5286b-b16fa0c5adeea570-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 17:53:18 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 6470
server: ECAcc (lac/5583)

GET
H2 200 ts
t.xoom.com/ 42 B
704 B 152ms
122ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.xoom.com/ts?v=1.9.1&t=1727384379276&g=600&page=xoom%3A&pgrp=xoom%3A&comp=xoom&tenant_name=xoom&residence_country_code=US&send_currency_code=USD&language=en_US&mgaff=untracked&fingerprint_id=d5b0dab8-6888-4b06-cb1e-1ae9df81f4e7&event_name=xoom_path_shown&platform_type=web&event_source=web&platform=web&experience=XOOM&product=xoom&event_props=residence_country_code%2C%20send_currency_code%2C%20receive_country_code%2C%20language%2C%20mgaff%2C%20fingerprint_id%2C%20event_name%2C%20xoom_id%2C%20xoom_user_id%2C%20platform_type%2C%20device%2C%20event_source%2C%20platform%2C%20experience%2C%20product%2C%20event_props&e=im&pt=Send%20Money%20Online%20%7C%20Xoom%2C%20a%20PayPal%20Service&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55D1) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
paypal-debug-id: 1bc9363838f8d
pragma: no-cache
correlation-id: 1bc9363838f8d
expires: Thu, 26 Sep 2024 20:59:39 GMT
server-timing: traceparent;desc="00-00000000000000000001bc9363838f8d-34ee3a1c9873c793-01", content-encoding;desc="", x-cdn;desc="edgecast"
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
traceparent: 00-00000000000000000001bc9363838f8d-1c6983e8b05a536b-01
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: image/gif
vary: Accept-Encoding
server: ECAcc (lac/55D1)

GET
H2 200 mktconf.js Show response
www.paypalobjects.com/martech/tm/xoom/ 5 KB
2 KB 73ms
73ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/xoom/mktconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/mktgtagmanager_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55F3) /

Resource Hash

8e227aeb00a7e14f10dac1aa61896f5282dd0e48efdebe3e83e1d8f0b5299e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.xoom.com
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 9b3e53e3a576a
content-encoding: gzip
etag: "66f1ab0e-15d1+gzip"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-00000000000000000009b3e53e3a576a-d766931b43e339c3-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 17:53:18 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 2169
server: ECAcc (lac/55F3)

GET
H2 200 fbevents.js Show response
www.paypalobjects.com/martech/tm/xoom/3pjs/meta/ 88 KB
23 KB 74ms
73ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/xoom/3pjs/meta/fbevents.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/mktgtagmanager_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55D0) /

Resource Hash

f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.xoom.com
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: c33ce001a1de9
content-encoding: gzip
etag: "66f1ab0e-15ea3+gzip"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000c33ce001a1de9-5baa80674d4580bd-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 17:53:18 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 23450
server: ECAcc (lac/55D0)

GET
H2 200 gtag.js Show response
www.paypalobjects.com/martech/tm/xoom/3pjs/gtag/ 79 KB
30 KB 76ms
75ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/xoom/3pjs/gtag/gtag.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/mktgtagmanager_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55CC) /

Resource Hash

676665dfeba01a56a18671c739893a423d368725284730aaf051800eec6627f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.xoom.com
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 68a78f7ffc1ca
content-encoding: gzip
etag: "66f1ab0e-13bc6+gzip"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-000000000000000000068a78f7ffc1ca-f4953f58606865d7-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 17:53:18 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 31076
server: ECAcc (lac/55CC)

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/ 8 KB
2 KB 408ms
135ms Fetch
application/json 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f27f2a6bdc3e00863466f55076920cb736ff66a6b70f0330d8c78b8b07809cec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: KAw2evP.0XgLTxoWU46BBTZjLJP.IsQJ
etag: W/"968bbc49a8e9bbaa57596a32e6c2ca42"
age: 6068
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: -i7Q-bIdk2ZmGGQp0Yxs2hp6PMpZIJ2qNanlzru7D_XhbtiT5kvKtA==
date: Thu, 26 Sep 2024 19:19:43 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 25 Jul 2024 18:59:29 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 2160675030875735 Show response
connect.facebook.net/signals/config/ 35 KB
10 KB 278ms
137ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2160675030875735?v=2.9.4&r=stable

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/3pjs/meta/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

6f2dd4e729e98441c74720c3b3e6fe4c21f90bc4375be9e01e9b0882bd9139ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8193, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 4ZUMNJYEFxS9K/20SV2ZgmKml/lgLkgYwHhEuUFnos77+QZvt35CkCVMb2p8RvRaWJA7cMYgbkrTR5hGoYMyrw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 10249
x-xss-protection: 0

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 56 KB
20 KB 319ms
163ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/xoom/3pjs/gtag/gtag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

509666e9a89868dcf3726ac352ec4cf979c876074fd29f33db4910cccc60be25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

content-encoding: br
etag: 6558362713863801455
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 20:59:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 20676
x-xss-protection: 0
server: cafe

GET
H2 200 ts
t.xoom.com/ 42 B
543 B 102ms
101ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.xoom.com/ts?v=1.9.1&t=1727384379748&g=600&page=main%3Aprivacy%3Apolicy%3Accpa&pgrp=main%3Aprivacy%3Apolicy&comp=xoom&tenant_name=xoom&residence_country_code=US&send_currency_code=USD&language=en_US&mgaff=untracked&fingerprint_id=d5b0dab8-6888-4b06-cb1e-1ae9df81f4e7&platform_type=web&event_source=web&platform=web&experience=XOOM&product=xoom&event_props=residence_country_code%2C%20send_currency_code%2C%20receive_country_code%2C%20language%2C%20mgaff%2C%20fingerprint_id%2C%20event_name%2C%20xoom_id%2C%20xoom_user_id%2C%20platform_type%2C%20device%2C%20event_source%2C%20platform%2C%20experience%2C%20product%2C%20event_props%2C%20link_name%2C%20simplified_path&displaypage=xoom%3A&ppage=privacy_banner&bannertype=cookiebanner&ccpg=US&flag=ccpa&bannerversion=v4&bannersource=ConsentNodeServ&eligibility_reason=true&cookie_disabled=false&tenant_code=xoom&event_name=xoom_cookie_banner_shown&e=ac

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55D7) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
paypal-debug-id: 1ee5fb35d631f
pragma: no-cache
correlation-id: 1ee5fb35d631f
expires: Thu, 26 Sep 2024 20:59:39 GMT
server-timing: traceparent;desc="00-00000000000000000001ee5fb35d631f-8202e8f3556780c0-01", content-encoding;desc="", x-cdn;desc="edgecast"
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
traceparent: 00-00000000000000000001ee5fb35d631f-8fa56bce0f9577e4-01
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: image/gif
vary: Accept-Encoding
server: ECAcc (lac/55D7)

GET
H2 200 PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 73ms
73ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5584) /

Resource Hash

9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.xoom.com
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: eb4dc15a105d7
etag: "6298f2c0-6b41"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:39 GMT
traceparent: 00-0000000000000000000eb4dc15a105d7-cb0bc3d4af95d34e-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:39 GMT
content-type: application/font-woff2
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27457
server: ECAcc (lac/5584)

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 139ms
138ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: GiR62Ux0OW4CfaeO_9tu7jJVzc8iU6.K
age: 720208
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: fqHO7geTesZoSmxxi69qkjfRqsbyufbz3iIaAH1XkNhMN_X55h6wnw==
date: Wed, 18 Sep 2024 12:56:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 21:59:48 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986779018/ 4 KB
2 KB 427ms
157ms Script
text/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986779018/?random=1727384379939&cv=9&fst=1727384379939&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.xoom.com%2F&tiba=Send%20Money%20Online%20%7C%20Xoom%2C%20a%20PayPal%20Service&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

868a87f170751e36a5c765b3681caaf0ce2019ac7eaeb634bf37e63e49c0b975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2290
date: Thu, 26 Sep 2024 20:59:40 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 137ms
137ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: IKXrUoItkKbxZQ20ut9b8FhMghJH_Xd7
age: 6161663
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: N3pkqBBXlUPe_2oh2V022gM9xiqroVk1egh8oEK5eEroLQQIY-2Upw==
date: Wed, 17 Jul 2024 13:25:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 16 Jul 2024 17:27:04 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 visual-tagger.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 45 KB
16 KB 157ms
157ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "22f964b449ca210bdea17404f4624ac9"
x-amz-version-id: qmZFsz842SHoO_NwxPlu5hkQ_C5x302s
age: 16570683
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: As5Y08TM2sQj8JoxE4a_AJ4FeZAvpgUIxWtaBnZQvMrjkx_OKIPeug==
date: Tue, 19 Mar 2024 02:01:38 GMT
content-type: application/javascript
last-modified: Fri, 08 Mar 2024 07:35:29 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15523
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
172 B 308ms
101ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.xoom.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.xoom.com
content-length: 21
date: Thu, 26 Sep 2024 20:59:40 GMT
content-type: application/json
vary: Origin

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 160ms
160ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "befb217271e2e926c7d898f1c85f6cb7"
x-amz-version-id: HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
age: 16325326
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: MKJFzSGfaaJHolHarjgPOalN82XXPwIsuLnONxiD2yvzC3Io0AGfiw==
date: Thu, 21 Mar 2024 22:10:55 GMT
content-type: application/javascript
last-modified: Fri, 08 Mar 2024 07:35:27 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22177
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 /
www.google.com/pagead/1p-user-list/986779018/ 42 B
64 B 437ms
161ms Image
image/gif 142.250.72.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986779018/?random=1727384379939&cv=9&fst=1727380800000&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.xoom.com%2F&tiba=Send%20Money%20Online%20%7C%20Xoom%2C%20a%20PayPal%20Service&hn=www.googleadservices.com&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfhee_5IJ-MxcwUTpGIuSc3SGlO0_jTg&random=3532514969&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 20:59:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

OPTIONS instrumentation-spec-rftgd379dm-OJMMvuVf7U.json
d1wnclalxop6x4.cloudfront.net/ 0
0

GET instrumentation-spec-rftgd379dm-OJMMvuVf7U.json
d1wnclalxop6x4.cloudfront.net/ 0
0

GET
H2 200 Popups.js Show response
www.paypalobjects.com/xoom/siteContent/26.7.0/js/xoom/ui/ 8 KB
4 KB 72ms
72ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/siteContent/26.7.0/js/xoom/ui/Popups.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.7.0/js/xoom-xvx-init.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55E0) /

Resource Hash

289516803d8198f82f0b871d128f713afc051cbb7770744d2c0840855463a7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 09f60562d39e0
content-encoding: gzip
etag: W/"66a02317-1f89"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:40 GMT
traceparent: 00-000000000000000000009f60562d39e0-3e27da6bb5810d72-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:40 GMT
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 21:39:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3459
server: ECAcc (lac/55E0)

GET
H2 200 favicon.ico
www.paypalobjects.com/xoom/siteContent/26.7.0/img/ocb/ 15 KB
2 KB 73ms
73ms Other
image/x-icon 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/siteContent/26.7.0/img/ocb/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55B5) /

Resource Hash

b99bf48ca34878fccb74fb4cfa117bf1fb0ed928dec78f259cdb3791caa85bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.xoom.com/

Response headers

paypal-debug-id: 6ecbb32db34fe
content-encoding: gzip
etag: W/"66a0231f-3aee"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 21:59:40 GMT
traceparent: 00-00000000000000000006ecbb32db34fe-f020003ccbde7e06-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Sep 2024 20:59:40 GMT
content-type: image/x-icon
last-modified: Tue, 23 Jul 2024 21:39:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2177
server: ECAcc (lac/55B5)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d1wnclalxop6x4.cloudfront.net
URL: https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json

Domain: d1wnclalxop6x4.cloudfront.net
URL: https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xoom.com/	1970-01-21 09:25:44	Name: ts Value: vreXpYrS%3D1821992379%26vteXpYrS%3D1727386179%26vr%3D3021dff11920a8900053ec52fe0e56d8%26vt%3D3021dff11920a8900053ec52fe0e56d7
.xoom.com/	1970-01-21 09:25:44	Name: ts_c Value: vr%3D3021dff11920a8900053ec52fe0e56d8%26vt%3D3021dff11920a8900053ec52fe0e56d7
.xoom.com/	1970-01-21 01:59:20	Name: _gcl_au Value: 1.1.675165336.1727384380
.paypal.com/	1970-01-21 08:35:20	Name: enforce_policy Value: ccpa
.paypal.com/	1970-01-20 23:50:15	Name: LANG Value: en_US%3BUS
.paypal.com/	1970-01-20 23:54:03	Name: tsrce Value: privacynodeweb
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTcyNzM4NDM3OTY4NyIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3Au3ARH3o4uzRsBzpRJgGVepWXM0-AeYLy.3qE2hYwxqtl72IPCe94lr1AaoWSjQW4UHx3Prq%2BPuh0
.paypal.com/	1970-01-20 23:49:46	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-21 09:25:44	Name: ts Value: vreXpYrS%3D1821992379%26vteXpYrS%3D1727386179%26vr%3D3021e0df1920aa3090461f09fe01be2d%26vt%3D3021e0df1920aa3090461f09fe01be2c%26vtyp%3Dnew
.paypal.com/	1970-01-21 09:25:44	Name: ts_c Value: vr%3D3021e0df1920aa3090461f09fe01be2d%26vt%3D3021e0df1920aa3090461f09fe01be2c
.xoom.com/	1970-01-21 08:35:20	Name: cookie_prefs Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.xoom.com/	1970-01-21 08:35:20	Name: ajs_anonymous_id Value: 57c6b206-1db7-41df-9b2c-517170fdec68
.doubleclick.net/	1970-01-20 23:49:45	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://.dev.paypalinc.com/ https://.ctfassets.net/ 'unsafe-inline' 'self' https://.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://.dev.paypalinc.com/ 'nonce-3486153867a846cfc6391ae9df81f4e7' 'self' https://.googleadservices.com/ https://.gstatic.com/ https://.s-xoom.com/ https://.segment.com/ https://www.googletagmanager.com/ https://.online-metrix.net/ https://connect.facebook.net/ https://.google-analytics.com/ https://.cardinalcommerce.com/ https://.mxpnl.com/ https://.google.com/ https://bat.bing.com/ https://.ctfassets.net/ https://iesnare.com/ https://.braintreegateway.com/ https://.googleapis.com/ https://.doubleclick.net/ https://.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/ https://www.datadoghq-browser-agent.com/; form-action paypal://remittance/link-paypal-account https://.xoom.com/ https://.paypal.com/; frame-src ; img-src 'self' data: https:; connect-src https://.xoom.com/ 'self' https://.google-analytics.com/ https://.mixpanel.com/ https://.cardinalcommerce.com/ https://.google.com/ https://.cloudfront.net/ https://.braintreegateway.com/ https://.googleapis.com/ wss://.xoom.com/ https://.doubleclick.net/ https://www.facebook.com/ https://.segment.io/ https://.segment.com/ https://.paypal.com/ https://.s-xoom.com/ https://.online-metrix.net/ https://.braintree-api.com/ https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/ https://browser-intake-datadoghq.com/; worker-src 'self'; object-src https://.cardinalcommerce.com/ https://.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://.salesforce.com/ https://.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://.dev.paypalinc.com/ https://fonts.gstatic.com/ https://.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
cdn.segment.com
connect.facebook.net
d1wnclalxop6x4.cloudfront.net
googleads.g.doubleclick.net
images.ctfassets.net
t.xoom.com
www.google.com
www.googleadservices.com
www.paypal.com
www.paypalobjects.com
www.xoom.com
xoom.com
d1wnclalxop6x4.cloudfront.net
13.226.38.199
142.250.72.100
142.251.35.162
142.251.40.130
151.101.195.1
151.101.65.21
157.240.241.1
192.229.210.155
2600:9000:24f0:4200:12:94b3:c380:93a1
52.12.47.65
004518367b7fca116cec42218658e8432fd124460bb57d47b44948ed89352737
044095beb71368bbe0175c817a9a7644d882aaef3002bb4f66281ec1ccb06fdc
074b0f0354335c4268d16ba85c367f3ba68535702e2c72433b4d29efd93a2b34
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
289516803d8198f82f0b871d128f713afc051cbb7770744d2c0840855463a7f1
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
30705d0c7038a3a557b93bae7c602992514c79389f7791f171c97165f912a248
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
38ae2e18d752fc224004ea76e3f4965cad029f8b4600279266e90bebae7b5732
4673c229c2c1d356b98c232c599afdb44c85e7279c63c3ef962b4ba677378ba9
47b4a1619f90b4aab0405251da00908eec2642ea4d524fb0c7559c6b9deb5aef
509666e9a89868dcf3726ac352ec4cf979c876074fd29f33db4910cccc60be25
55503c79eaae7f0dcab3896539f322e1945176ac68203c8de469ef694a2ed3b6
5f050141e493b03a497c390e2d8c3cabda526074bf0d6cbeac54e8a5ae2d28d7
676665dfeba01a56a18671c739893a423d368725284730aaf051800eec6627f4
6a43efd86dfa04094dddf99f76a411b0c1613556410cf8fd4b4c09d2771ce2cc
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6dc5f6b047b22a18f9697a9004fb915baa046f98b867896c70ad1d4c62530dbd
6f0ce8ce5fd38e4a6b6cf4a6647c4fc1ebc731890e45265c57a73400de4bc1e0
6f2dd4e729e98441c74720c3b3e6fe4c21f90bc4375be9e01e9b0882bd9139ce
73ef0cae8c362afc4c908f4fbd5090e279abc208c9558e6a4dc34fb76087a02a
7cbcaf9e3caeb0712df47b5d4079b6c1e08e3d91e158f7e7385aceea03c30669
7ed9de06c1fc83e455528b89ad8e468c8a05825307746200483cb8c1029d9c05
8106e8e7396a093a4b83789f7ab4aaec0e9a3aea8044e94a26652f95e25b46fc
868a87f170751e36a5c765b3681caaf0ce2019ac7eaeb634bf37e63e49c0b975
8e227aeb00a7e14f10dac1aa61896f5282dd0e48efdebe3e83e1d8f0b5299e13
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
a04976c86c083c18d12c018a3e0f4f6a8add87f02d7795270e1470012bc02c21
a2f2589ab5ce2e3e544b1c2af7771c7f9116c832785d61dbc5fdf2c409bfe013
a466cc11d403636b5220160fb659a154e407a3b23ee2c35ee587953236707fcd
a880301cf73bf1d06118a53e77d83b9042871a905f4e1f3129583f269da58344
acd9b512fa356580dd8b1c054966eaa35159067492d7c1503016f2425c7eac6d
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b85663035e42dc9e414c7be13ad1d00fb5873e3e7ded788e04c055aafd624682
b99bf48ca34878fccb74fb4cfa117bf1fb0ed928dec78f259cdb3791caa85bb0
bdca3c0b9a9106bdb5c753f3a88add197fa5ab4dec850fa6734ddb364ad1968a
c221774c375e3d59ce7287866803d7c9bc2b328d4393f4c71493b44afc2e6f07
d565897ad03c72b50634e6ab28c7d01d481ba7bdc6d9e14d8e78f578b93ebe90
dd132d244f6dfbc52f1a4abaceb03b33ccb85ce8ac2657068f3f683e60c0a67e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f27f2a6bdc3e00863466f55076920cb736ff66a6b70f0330d8c78b8b07809cec
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae
fe92a6173cf3561e51ae2fc7cd4839fcd30c9b77f76cf8efa5bddec08d303d14

www.xoom.com Open in urlscan Pro 151.101.195.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

10 %IPv6

11 Domains

13 Subdomains

10 IPs

1 Countries

492 kBTransfer

1346 kBSize

14 Cookies

9 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xoom.com Open in urlscan Pro
151.101.195.1 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

10 %
IPv6

11
Domains

13
Subdomains

10
IPs

1
Countries

492 kB
Transfer

1346 kB
Size

14
Cookies

50 HTTP transactions
0 data transactions