xp.xyz Open in urlscan Pro
18.66.97.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xp.xyz/
Submission: On March 21 via api (March 21st 2024, 3:09:45 pm UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 20 domains to perform 127 HTTP transactions. The main IP is 18.66.97.27, located in United States and belongs to . The main domain is xp.xyz.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 22nd 2023. Valid for: a year.

This is the only time xp.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	18.66.97.27 18.66.97.27	() ()
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	3.161.82.16 3.161.82.16	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
7	2606:4700:10:... 2606:4700:10::6816:146c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	52.216.144.59 52.216.144.59	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6816:156c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	54.82.174.72 54.82.174.72	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	18.66.122.11 18.66.122.11	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:272... 2600:9000:2724:9e00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.237.151.236 44.237.151.236	16509 (AMAZON-02) (AMAZON-02)
2	104.198.23.205 104.198.23.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
127	26

9 18.66.97.27 (United States)

ASN- ()
PTR: server-18-66-97-27.fra56.r.cloudfront.net

xp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-16.fra56.r.cloudfront.net

tk3d.tk3dapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:146c (United States)

ASN13335 (CLOUDFLARENET, US)

widget.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.216.144.59 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

hngr-icons.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:156c (United States)

ASN13335 (CLOUDFLARENET, US)

api.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.82.174.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-174-72.compute-1.amazonaws.com

api.xp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

xpsupport.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.122.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-11.fra60.r.cloudfront.net

cdn.hngr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o133761.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:9e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.151.236 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-151-236.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	xp.xyz xp.xyz api.xp.xyz	2 MB
16	hngr.co cdn.hngr.co	18 MB
12	stripe.com js.stripe.com — Cisco Umbrella Rank: 2499 r.stripe.com — Cisco Umbrella Rank: 4705 m.stripe.com — Cisco Umbrella Rank: 2405	489 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	691 KB
11	privy.com widget.privy.com — Cisco Umbrella Rank: 30355 api.privy.com — Cisco Umbrella Rank: 29711 assets.privy.com — Cisco Umbrella Rank: 53395 events.privy.com — Cisco Umbrella Rank: 55935	253 KB
10	amazonaws.com hngr-icons.s3.amazonaws.com	7 MB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5	84 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3546 ekr.zdassets.com — Cisco Umbrella Rank: 4262	363 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1728	319 B
3	lr-ingest.io cdn.lr-ingest.io — Cisco Umbrella Rank: 28562 r.lr-ingest.io — Cisco Umbrella Rank: 36097	171 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	304 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2673	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 251	70 KB
1	sentry.io o133761.ingest.sentry.io	339 B
1	zendesk.com xpsupport.zendesk.com	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4233	455 B
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168	2 KB
1	tk3dapi.com tk3d.tk3dapi.com — Cisco Umbrella Rank: 104850	25 KB
127	20

	Domain	Requested by
18	api.xp.xyz	xp.xyz
16	cdn.hngr.co	xp.xyz
10	hngr-icons.s3.amazonaws.com	xp.xyz
9	www.google.com	1 redirects widget.privy.com www.gstatic.com www.google.com xp.xyz
9	xp.xyz	xp.xyz
8	www.gstatic.com	www.google.com www.gstatic.com
8	js.stripe.com	xp.xyz js.stripe.com
6	assets.privy.com	widget.privy.com assets.privy.com
6	static.zdassets.com	www.googletagmanager.com static.zdassets.com
4	fonts.googleapis.com	xp.xyz assets.privy.com
3	fonts.gstatic.com	xp.xyz
3	r.stripe.com	js.stripe.com
3	api.privy.com	xp.xyz
3	region1.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	xp.xyz www.googletagmanager.com
2	r.lr-ingest.io	xp.xyz
2	m.stripe.network	js.stripe.com m.stripe.network
2	connect.facebook.net	xp.xyz connect.facebook.net
1	m.stripe.com	m.stripe.network
1	o133761.ingest.sentry.io	xp.xyz
1	xpsupport.zendesk.com	static.zdassets.com
1	events.privy.com	xp.xyz
1	www.google.de	xp.xyz
1	googleads.g.doubleclick.net	1 redirects
1	ekr.zdassets.com	xp.xyz
1	cdn.lr-ingest.io	xp.xyz
1	www.googleadservices.com	www.googletagmanager.com
1	widget.privy.com	www.googletagmanager.com
1	tk3d.tk3dapi.com	xp.xyz
127	29

This site contains links to these domains. Also see Links.

Domain
xpsupport.zendesk.com
t.me
twitter.com
tamperproof.xyz
gocaptain.com
cdn.hngr.co

Subject Issuer	Validity	Valid
xp.xyz Amazon RSA 2048 M01	`2023-06-22` - `2024-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.tk3dapi.com Amazon RSA 2048 M02	`2023-06-04` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
privy.com E1	`2024-03-17` - `2024-06-15`	3 months	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
lr-ingest.io E1	`2024-01-31` - `2024-04-30`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
api.xp.xyz Amazon RSA 2048 M02	`2023-11-08` - `2024-12-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
xpsupport.zendesk.com E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.hngr.co Amazon RSA 2048 M03	`2023-11-03` - `2024-12-01`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-03-06` - `2024-06-06`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
api.logrocket.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://xp.xyz/
Frame ID: F74E41E6697E855C52C4707487D206D4
Requests: 80 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Frame ID: 97D5EF0BAAC8228941063CB9A2F503FF
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=8utg9j4fyatd
Frame ID: 4A31F29588A00313032B7127FCB4DF4D
Requests: 5 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Frame ID: 2717CBED57DE9D8B18D64DFB89655621
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Frame ID: 8F91992CBDCCEF557FC2A33EE9EE881A
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 3862D46D85A674EF3F1B699FEB804E3A
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C70C4CF95211D92578D5DF04BD9C4DF6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XP- Access your favorite shows

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

127
Requests

97 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

26
IPs

3
Countries

30050 kB
Transfer

40594 kB
Size

14
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://xpsupport.zendesk.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://t.me/+-eyZj-pB7qMwZTdh

Search URL Search Domain Scan URL

URL: https://twitter.com/xpticket

Search URL Search Domain Scan URL

URL: https://xpsupport.zendesk.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: http://tamperproof.xyz/
Title: Tamperproof

Search URL Search Domain Scan URL

URL: http://gocaptain.com/
Title: Captain Labs

Search URL Search Domain Scan URL

URL: https://xpsupport.zendesk.com/hc/en-us/requests/new
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://cdn.hngr.co/xptc.pdf
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11351563070/?random=1663545704&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1220636256.1711033779&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&eitems=ChAI8LXvrwYQpsTUmsnNgLQcEh0AAhjJXxq-uW3wezjy_ago6dvTv49gam7g6EivAA&pscrd=IhMI98HoxNGFhQMVMV9BAh2_fghpMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjoPaHR0cHM6Ly94cC54eXov HTTP 302
https://www.google.com/pagead/1p-conversion/11351563070/?random=1663545704&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1220636256.1711033779&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI98HoxNGFhQMVMV9BAh2_fghpMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjoPaHR0cHM6Ly94cC54eXov&is_vtc=1&cid=CAQSGwB7FLtqJG1S7d4SY17TSAqaOVxr4lJYMtU4Cw&eitems=ChAI8LXvrwYQpsTUmsnNgLQcEh0AAhjJX3sRWGlScHQOdFtu5hPPW05rHNyFh-ubPQ&random=1217637812 HTTP 302
https://www.google.de/pagead/1p-conversion/11351563070/?random=1663545704&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1220636256.1711033779&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI98HoxNGFhQMVMV9BAh2_fghpMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjoPaHR0cHM6Ly94cC54eXov&is_vtc=1&cid=CAQSGwB7FLtqJG1S7d4SY17TSAqaOVxr4lJYMtU4Cw&eitems=ChAI8LXvrwYQpsTUmsnNgLQcEh0AAhjJX3sRWGlScHQOdFtu5hPPW05rHNyFh-ubPQ&random=1217637812&ipr=y

127 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xp.xyz/ 3 KB
1 KB 285ms
223ms Document
text/html 18.66.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87c4dece14d5ee3442276564dbfa650251b1ec5864e17f92b943ad2600b5db19

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html
date: Thu, 21 Mar 2024 15:09:39 GMT
etag: W/"779ee2ead6e2c92acbd0d84d1327b9ac"
last-modified: Fri, 15 Mar 2024 21:37:54 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-id: MMMayEqcRFQSYJfs8IEX70smt4pM-DmErNgSWu7HHop7q_ajXGYeGQ==
x-amz-cf-pop: FRA56-P2
x-cache: RefreshHit from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 36ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@400;500;600;700&family=Space+Mono:wght@400;700&display=swap

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc2dd9fb17a446efda2af3332c80f861f9b5d8f313201e452d45fbd8bdd79522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 15:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 15:09:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 15:09:38 GMT

GET
H2 200 dvm.js Show response
tk3d.tk3dapi.com/dvm/v1/lib/stable/ 108 KB
25 KB 33ms
6ms Script
application/javascript 3.161.82.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk3d.tk3dapi.com/dvm/v1/lib/stable/dvm.js
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-16.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f9e1f7d958504bda830cee98f04be515a1ff456440678873a69be15499505b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 00:11:01 GMT
content-encoding: gzip
via: 1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 08:32:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 831518
etag: W/"6ad2a17e44f1642207dc7d8f0f2ae3d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: iPbgYOf6d1I6ZypbVXkTAUN6yLSFiT-3eS82whCXXBEOT5vVf6MuJg==

GET
H2 200 main.e922e45c.js Show response
xp.xyz/static/js/ 5 MB
1 MB 12ms
12ms Script
application/javascript 18.66.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/js/main.e922e45c.js
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 379d3660660e7bcaf7b86d32dba73cc37ebdc669a671a47254d5193f31a41ade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:53:28 GMT
content-encoding: br
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 21:37:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 47771
etag: W/"593f4e10d8ae0977fe7ac40a6ab03f71"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: y6aV752jaRqMcmoEn4zwj6iEF_BFiqhUWhiNlEQDlamDd0PzARiBYw==

GET
H2 200 main.a2419b14.css
xp.xyz/static/css/ 298 KB
41 KB 21ms
21ms Stylesheet
text/css 18.66.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/css/main.a2419b14.css
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36d5e4ce8d4bd1aaa9290210ede0e1126c0a5f0883ece7b03f7066f4ae2fe8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:38 GMT
content-encoding: br
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 21:37:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 10311
etag: W/"b8bd5530811bb09e6d382daaceec536e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: lgc5olc91JBQyroG_sBNp7fFkq4ul9OifQziuAX8VRNdiDqHAv_iJg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
82 KB 49ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d4b52fca9dd5dd10b96a69055c1828e8ab4cd9c52a272aa30dc3f6068702579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 15:09:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
513 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/css/main.a2419b14.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

153771fa4bd1db6b3dbce81e61081312d9ebe1cc8dc80379d0cefabfda339ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 15:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 14:45:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 15:09:38 GMT

GET
H2 200 widget.js Show response
widget.privy.com/assets/ 347 KB
105 KB 51ms
16ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.privy.com/assets/widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae06ad3e13bf65251af2020a972d712551182088d12f5347abe1e7512953593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 vegur, 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding: gzip
x-amz-cf-pop: FRA60-P7
age: 459
x-cache: Hit from cloudfront
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711029796&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=P83mp2zoTN54%2FRh4P5%2BY3QON8xivz3HzIq%2F3snV5v6k%3D
last-modified: Thu, 21 Mar 2024 13:57:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711029796&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=P83mp2zoTN54%2FRh4P5%2BY3QON8xivz3HzIq%2F3snV5v6k%3D"}]}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 867edd3eeede3656-FRA
x-amz-cf-id: mUyzY-aGOH4EcQ3LC8Gk1bMeFSb9CsPrH86pY3oK6vDTGTMJnRXKuA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 345 KB
111 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92dd7032e364aae7b462a1ab8d3cd616ee59eef5e31e61505010fe989814d0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 113555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 15:09:39 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 345 KB
111 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f3ab5c4be0f5d5073133c54827f50042a8192db103667c7038af143d0156850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 113568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 15:09:39 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 45ms
24ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=bca9994f-6c8f-4539-89ac-1a4459127e01

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: CYEYQJYMT4QZ3T8W
age: 32
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: w9Ykh+WtFixOrLFiNzGhpYHZOwk6DKoyxfhtDfVQkoErmToTSi1OHWtlNSPdHtDc+O/3ZoaZyAk=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mC%2BvVGtox2IvOopqLrqS6vtUXmjmR8l7EALYndAzouvvV4m6kFTWDywA23mi9hymxhIoLKSZWpRmpsITLHgUm8cPHauulYK64KTEfQ44jsG77d3QMB7k2wmCfOQcqGZBztPslZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 867edd3eeb98914c-FRA
access-control-allow-headers: *

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11351563070/ 3 KB
2 KB 50ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11351563070/?random=1711033779063&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&bttype=purchase&npa=1&pscdl=noapi&auid=1220636256.1711033779&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

d638ef4be53e0c9cbc3416bcca1d1125065c41a78ff2e9cd79fd13c94cbfc6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1519
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 832 KB
165 KB 72ms
35ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb46f561c2040c5dc2dccb064492f7847ff766e1b24f6b242a3bd8136eee9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Wed, 20 Mar 2024 22:54:16 GMT
server: cloudflare
x-timer: S1710975299.738164,VS0,VE1
etag: W/"33d719ea4b9f0385aef46c107ece438a4eb1d76d1e416794bcf14e962bbe81cb-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fd7skHh%2Blx3f1wqIWF2ozOwseiLzaK%2BOW5It8R%2FfE5rnuSYYhCI4NjbC6lu1lngGvto6CFuBqDQ1716Yt0K5yQL3PQF7g%2BdwPz6zwsOyfdvYhCgIxgfAO5TqLJbyOBFiP0QRMcnsYvmbxiL2C1cI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 867edd403ef85d6d-FRA
x-cache-hits: 1

GET
H2 200 v3 Show response
js.stripe.com/ 607 KB
168 KB 43ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9208d3b15dfda19ba48d0dd78429975637682531aa6aa9c9a0b0c9049a4a081d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 15:09:39 GMT
via: 1.1 varnish
age: 9
x-cache: HIT
content-length: 171656
x-request-id: 6e0b2146-8b0a-425c-a975-f86db8ebdca3
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 20 Mar 2024 20:35:24 GMT
server: Fastly
etag: "83a195e0e9274f07cb20b0fbd92d4b5b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 34ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45je43k0v9130944946za201&_p=1711033778920&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2069379824.1711033779&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1711033779&sct=1&seg=0&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=scroll&_fv=1&_nsi=1&_ss=2&epn.percent_scrolled=90&tfd=686
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:09:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xp.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 15:09:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2766, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: vCztY4AsUZIjXrspJM/bpp7tz70FUt9GBWclPG+3TYeU9LSsHugwRIudXSh7rPVCH61TSp0V2maQemzoVxIywg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK XP+Logo.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/ 32 KB
33 KB 427ms
215ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/XP+Logo.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a588343e33efac9f375d8a1f704e96a77f0397cf1c1e0a0dcdfc2dfbd939b726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: llv.BSceXar4R0IDhgKW0QYlm8qufd.5
Last-Modified: Thu, 06 Jul 2023 19:07:05 GMT
Server: AmazonS3
x-amz-request-id: NXRTC8XKD5E432PM
ETag: "58b1609846f639ce497d9853509536e8"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 32978
x-amz-id-2: S8UAUBd0P9ywhdm9Fr/cd9vsRaQ1YBLTU4lPSbwXpF7dWYStM4vQApe0mBY8Er+UTSvUoCjvQLo=

GET
H/1.1 200
OK XPGrayscale.png
hngr-icons.s3.amazonaws.com/ticketdex/ 4 MB
4 MB 406ms
195ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/XPGrayscale.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 228606fc973e515df5c25fdb162fc458ed708b36998343ed11213dbfef9d39d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: Wa1kR7gihMmH2XUOUbtr86EsfPQyzVYs
Last-Modified: Mon, 25 Sep 2023 17:04:38 GMT
Server: AmazonS3
x-amz-request-id: NXRTRMVKF7JMX2JE
ETag: "8f32fb05b496f91938035446aeb61e42"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3976790
x-amz-id-2: fy6a8X1Ax756tkuOBxNqB3WltHbtWzaPkzDHEjTjJeaGPXVasYTVSSa2OXJApfeb3Egya23wdnU=

GET
H/1.1 200
OK xp_logo_stretched_offwhite_noise+2.png
hngr-icons.s3.amazonaws.com/ticketdex/ 1 MB
1 MB 395ms
182ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/xp_logo_stretched_offwhite_noise+2.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 754b8757b0b21fbbf8665b79b69d06c4fddfaffad4b33be480c0cb92ed639016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: E1MMA3KOTTT.TpGR9Oj6IFxwXt9bEg4d
Last-Modified: Wed, 27 Sep 2023 21:19:37 GMT
Server: AmazonS3
x-amz-request-id: NXRXNHBFAACATN7J
ETag: "2edc93b9d1b603b8b6fa4d12ff43f3ce"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1104802
x-amz-id-2: zWt/CPqY/PlQH+pAjjGjQAZc1eeudnO+5SZEbZ8iFVlolefjTtvpBEn9Idl5Wy8iFqmCNBvPmQ8=

GET
H/1.1 200
OK XP+Ticket+Mockup+Flipped+2.png
hngr-icons.s3.amazonaws.com/ticketdex/ 85 KB
86 KB 405ms
186ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/XP+Ticket+Mockup+Flipped+2.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 25b56ccb76e9fd9c4f51c3a640d62e35ac3bfc203f1877f410f5425836707f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: ZxK4LqnoN1fOANPUYdHihUWknqYUNvJk
Last-Modified: Mon, 25 Sep 2023 17:04:36 GMT
Server: AmazonS3
x-amz-request-id: NXRX87Z40P964SBC
ETag: "14cfb71f4bbcf81d81782073364c184e"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 87405
x-amz-id-2: 0y95gGERGbEYOK0+gmvcHWQx3z9vJmTVKfknW1j8+/cWNfk1LfAjkx9b2xXhsFBhIJ/ov+kA8qk=

GET
H/1.1 200
OK Globe+Icon+1.png
hngr-icons.s3.amazonaws.com/ticketdex/ 67 KB
67 KB 358ms
137ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/Globe+Icon+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c07c6b0d23cf877e90e0a11ca66f62be222e0209896ddadb5dee9b8965be1212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: SEvuWZ.Eew.Hyt69gBy_cUXGIEd3V98R
Last-Modified: Mon, 25 Sep 2023 22:02:15 GMT
Server: AmazonS3
x-amz-request-id: NXRMDY2MKK99D4GD
ETag: "45fe2211a9218d025cb614be7f31276b"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 68462
x-amz-id-2: gL33M874n6m/GcRyBQ8ELX+bGeTOXjZFHA3j7qM5LjjgckhR9DwAHOabenM2VNhVvHD3yNBuA9g=

GET
H/1.1 200
OK Torus+Icon+1.png
hngr-icons.s3.amazonaws.com/ticketdex/ 94 KB
95 KB 705ms
182ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/Torus+Icon+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 55cf313f6b5cfc7b15b38fb6e04f48c09430d5a3073a492155c57925720b2941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: zQNCsjGxdnJQLQw0HtNQwdwrXddC.B4R
Last-Modified: Mon, 25 Sep 2023 22:02:16 GMT
Server: AmazonS3
x-amz-request-id: NXRPR0WXCV9X1RZ9
ETag: "eb36971b678c738032f7054d189f8587"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 96531
x-amz-id-2: KOzDmm+/T02pq54tvcb6JaDuwfHR97aR3WzOrFoz54LDDXBCOLwmpwOTmuJNEzyR8Lbx2V+vmho=

GET
H/1.1 200
OK Telegram+XP+Glow+1.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/ 3 KB
3 KB 115ms
115ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/Telegram+XP+Glow+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d40b07c587acdc51adb1b5f200b3586054d61637fd7d76a45f61bb330eae0eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: p31XdP.rafkI7EDQZDnFdW_xH_F_t4HN
Last-Modified: Wed, 07 Feb 2024 23:15:53 GMT
Server: AmazonS3
x-amz-request-id: NXRTVVNDDTN1QJ4P
ETag: "9d500ca1f4ad9646be8eab3084a56a9c"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3040
x-amz-id-2: wb4UgstXhm2WPQs2WgP0fqSZVXb8mPDCLsEhYrOLCqwrPcTdjiUiyO+fKRw9PofPI8rk6B0QdqI=

GET
H/1.1 200
OK twitter.png
hngr-icons.s3.amazonaws.com/ticketdex/ 10 KB
11 KB 114ms
114ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/twitter.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3c1c1b5b523a4a35824c5ebf0b8f56b003dc1ccbef4e654cc459face31659445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: S1l_74b1EVm2Iv.LdbKLKDsqkIZnjQOQ
Last-Modified: Wed, 23 Aug 2023 18:26:19 GMT
Server: AmazonS3
x-amz-request-id: NXRJ29ZXWX9MYW5K
ETag: "2e55618cc9b9657dbbf571fb662bf071"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10683
x-amz-id-2: FHe+dx1sE9gpOr9VEsDxXsRrj4i9UlMy+wEHrss3CtkOIdrHUYoaqHH85g4E/xmhpm4yEkBFtG4=

GET
H/1.1 200
OK XP+Logo+Footer+1.png
hngr-icons.s3.amazonaws.com/ticketdex/ 1 MB
1 MB 215ms
215ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/XP+Logo+Footer+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f28f3a085b5b313f188dac78cb183da7831fa11d65939b93edd959e8057bebb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:41 GMT
x-amz-version-id: nz2.nd4XjvsVRi1zEtO2frkzNxAIL_UX
Last-Modified: Tue, 26 Sep 2023 17:19:45 GMT
Server: AmazonS3
x-amz-request-id: A0H5NE2KE7XEB3JT
ETag: "90488b1b7206e392382698d79ef20c6f"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1079288
x-amz-id-2: 6m733Qc3WzhmRvRqMBOAhCaPvGVVT7D/bl+rM9MhvMz6UgTbma1r4o3wyGCx09rIA7QnrAd/Q50=

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/ 25 KB
4 KB 360ms
316ms XHR
application/json 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=dd109c2a-c67f-4e09-b346-26057556b5a1&fence=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa405dd6912e09f8fe2bb83d0519d5844e2e623769166b182dae75a1d7524d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ipcountry: DE
date: Thu, 21 Mar 2024 15:09:39 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
x-ippostalcode: 60326
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711033779&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=UyWRsZ64TwKGcxkTlVqfC2QrlGtY6n2GyCbiwAQejPU%3D
x-request-id: d2a4769d-e4cb-4383-8b17-2a9f9721514a
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"baa405dd6912e09f8fe2bb83d0519d58"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711033779&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=UyWRsZ64TwKGcxkTlVqfC2QrlGtY6n2GyCbiwAQejPU%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: DE_HE
cf-ray: 867edd416b5e9241-FRA

GET
H/1.1 200
OK Crowd3+1.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/ 810 KB
810 KB 313ms
162ms Image
image/png 52.216.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/Crowd3+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.a2419b14.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b3820e0459f9097db723db1f155653dbcf7d3a91be374e104db2dc3d67f55c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: xo2Nf4FFdDM5pCOaWoTnGjW6Xthh05Ma
Last-Modified: Tue, 16 Jan 2024 19:20:44 GMT
Server: AmazonS3
x-amz-request-id: NXRN47NS6T8X8WZM
ETag: "ed9ff44b23eada73fafaafcd1d326840"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 829136
x-amz-id-2: frWlKkMWRfJlYGpAcqjqDywipBDuokqqwSYwcuyTuZgPcHf2Eom7Fnh89YjJ5blXTRAisx66Wrc=

GET
H2 200 undefined
xp.xyz/ 3 KB
3 KB 270ms
269ms Image
text/html 18.66.97.27

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xp.xyz/undefined
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-encoding: gzip
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 21:37:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"779ee2ead6e2c92acbd0d84d1327b9ac"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
cache-control: max-age=0
x-amz-cf-id: 9XnZbmZkpGARaqz0D-BLWbd86_99Yku1C-0JnjtHdfneaH0pV3i-YA==

GET
H2 200 RobotoMono-VariableFont_wght.e14e25b7c497634efdfe.ttf
xp.xyz/static/media/ 180 KB
122 KB 10ms
10ms Font
font/ttf 18.66.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/RobotoMono-VariableFont_wght.e14e25b7c497634efdfe.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.a2419b14.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 173a14a0d6085072cb655a381aae7949612c0d76c1e7de780288b74939363fdb

Request headers

Referer: https://xp.xyz/static/css/main.a2419b14.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:53:30 GMT
content-encoding: br
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 21:37:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 47770
etag: W/"336102a48d996db3d945a346b1790b1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: XkMAKqQuLy_TiluCDPL53LDUuqkk4kMBRx18FE-qWFopPiZDMHBxQg==

GET
H2 200 Sequel100Black-55.0fcfc4e507ff03dbd933.ttf
xp.xyz/static/media/ 46 KB
23 KB 20ms
20ms Font
font/ttf 18.66.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/Sequel100Black-55.0fcfc4e507ff03dbd933.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.a2419b14.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92ba422186fcdf423baaae445c3535672f485c5bf9b0a40b4eb6dd4a2222bb2c

Request headers

Referer: https://xp.xyz/static/css/main.a2419b14.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 21:37:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 10312
etag: W/"11de6a60d8bee2493a9cfda767555659"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: OMTMv69JyT040BhNHD3U_m3_YXqoEyoyPk7gd3jb_zvYYFpUhRNAYA==

GET
H2 200 Sequel100Black-65.e4003b0d2f58a56e1166.ttf
xp.xyz/static/media/ 46 KB
23 KB 12ms
12ms Font
font/ttf 18.66.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/Sequel100Black-65.e4003b0d2f58a56e1166.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.a2419b14.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 181fe485ffdfce46542d6d1dd5063b7bc4110deabb3b2ad9026aca860aef2466

Request headers

Referer: https://xp.xyz/static/css/main.a2419b14.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 21:37:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 10312
etag: W/"46e04813fd076dee1d665480f5f6ec08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: mA_lgoaq4j_JngQftsq0xw2xLHO8nOmWhWvqnpOBE9Ep50YUh1noqQ==

GET
H2 200 Sequel100Black-75.0bd2903cf018e606533a.ttf
xp.xyz/static/media/ 46 KB
24 KB 13ms
13ms Font
font/ttf 18.66.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/Sequel100Black-75.0bd2903cf018e606533a.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.a2419b14.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11bd041ab0fc6de3bb51707ba58f50f1a6f7dd273d4506ff5abb91a29377d6fe

Request headers

Referer: https://xp.xyz/static/css/main.a2419b14.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 21:37:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 10312
etag: W/"d2c9891c648ec6cbe808fef09a790c13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: rH6j3BJnCVlwmcbXNk8PeVQxnIPvPlXRmxlznDEcPjgkIn2uCUpjLg==

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/ 25 KB
4 KB 343ms
311ms XHR
application/json 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=dd109c2a-c67f-4e09-b346-26057556b5a1&fence=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa405dd6912e09f8fe2bb83d0519d5844e2e623769166b182dae75a1d7524d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ipcountry: DE
date: Thu, 21 Mar 2024 15:09:39 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
x-ippostalcode: 60326
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711033779&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=UyWRsZ64TwKGcxkTlVqfC2QrlGtY6n2GyCbiwAQejPU%3D
x-request-id: 0889b10d-9a61-4c18-a881-ac2afd34d364
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"baa405dd6912e09f8fe2bb83d0519d58"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711033779&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=UyWRsZ64TwKGcxkTlVqfC2QrlGtY6n2GyCbiwAQejPU%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: DE_HE
cf-ray: 867edd416b599241-FRA

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/ 25 KB
5 KB 333ms
310ms XHR
application/json 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=dd109c2a-c67f-4e09-b346-26057556b5a1&fence=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa405dd6912e09f8fe2bb83d0519d5844e2e623769166b182dae75a1d7524d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ipcountry: DE
date: Thu, 21 Mar 2024 15:09:39 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
x-ippostalcode: 60326
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711033779&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=UyWRsZ64TwKGcxkTlVqfC2QrlGtY6n2GyCbiwAQejPU%3D
x-request-id: 9ad1294c-bc05-4b84-837b-651af4076c73
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"baa405dd6912e09f8fe2bb83d0519d58"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711033779&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=UyWRsZ64TwKGcxkTlVqfC2QrlGtY6n2GyCbiwAQejPU%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: DE_HE
cf-ray: 867edd416b5f9241-FRA

GET
H2 200 bca9994f-6c8f-4539-89ac-1a4459127e01 Show response
ekr.zdassets.com/compose/ 1010 B
1 KB 687ms
665ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/bca9994f-6c8f-4539-89ac-1a4459127e01

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a33bdf27bd8265f22400006e8ad6cf1b6d9e69a5a71cefac52910c57c9a9dda3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 866c7617cf0ae7a2-SEA, 866c7617cf0ae7a2-SEA
x-runtime: 0.014075
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a33bdf27bd8265f22400006e8ad6cf1b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WldZ0yWxZmipE2c0wtGY9J28m%2BuCalikWmMCrFP8CJYQarXc%2F0MHfx5YB1KSK7pe%2FW6GTEDMNiELIiQXz0IAUEypsdHT9sQ6DXRzVjQd%2FPd6ydG6miKKqN8po94kvQHYRAw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 867edd416c4635fe-FRA

OPTIONS
H2 200 performers-by-league
api.xp.xyz/api/stagehand/ Frame 0
0 384ms
108ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 performers-by-league
api.xp.xyz/api/stagehand/ Frame 0
0 390ms
115ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 performers-by-league
api.xp.xyz/api/stagehand/ Frame 0
0 387ms
112ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 performers-by-league
api.xp.xyz/api/stagehand/ Frame 0
0 471ms
196ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 featured-performers
api.xp.xyz/api/stagehand/ Frame 0
0 376ms
101ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/featured-performers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 filters
api.xp.xyz/api/stagehand/ Frame 0
0 376ms
101ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 filters
api.xp.xyz/api/stagehand/ Frame 0
0 392ms
118ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 filters
api.xp.xyz/api/stagehand/ Frame 0
0 388ms
114ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 performers-by-league Show response
api.xp.xyz/api/stagehand/ 10 KB
10 KB 133ms
132ms Fetch
application/json 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

ee5b55310538853b02edaa6782cd28ae71f56745cc2746235b129c3c21a016e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 9870
x-xss-protection: 1; mode=block

POST
H2 200 performers-by-league Show response
api.xp.xyz/api/stagehand/ 11 KB
12 KB 253ms
252ms Fetch
application/json 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

062bcebf195638fbc6d137648e53fb0196750c6b2f48e2005e48e64dac79e8d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 11353
x-xss-protection: 1; mode=block

POST
H2 200 performers-by-league Show response
api.xp.xyz/api/stagehand/ 11 KB
11 KB 184ms
184ms Fetch
application/json 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

3f97ef4a01d01cf5f413e9d0daab3418e27c62966d32bc7edd6679f1216c33db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 10952
x-xss-protection: 1; mode=block

POST
H2 200 performers-by-league Show response
api.xp.xyz/api/stagehand/ 13 KB
13 KB 331ms
331ms Fetch
application/json 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

783cdc4170c89c37145545c2d2dad64afd969d701ee0453a5ebbf116c1765588

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 12888
x-xss-protection: 1; mode=block

POST
H2 200 featured-performers Show response
api.xp.xyz/api/stagehand/ 2 KB
2 KB 200ms
200ms Fetch
application/json 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/featured-performers

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

b471e5d8e0cade87c742d1fb730666ca1f95ec1c896ca15848298873188c1eba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 1738
x-xss-protection: 1; mode=block

POST filters
api.xp.xyz/api/stagehand/ 0
0

POST
H2 200 filters Show response
api.xp.xyz/api/stagehand/ 468 KB
469 KB 415ms
414ms Fetch
application/json 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

83999841b2c4c18a356800bbc0b7b41e4aeea967082f7f080e308355a7b56ae1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 479665
x-xss-protection: 1; mode=block

POST
H2 200 campaigns Show response
api.xp.xyz/api/xp/ 2 KB
3 KB 331ms
330ms Fetch
application/json 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/xp/campaigns

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

c9c15065d3d64c404a86c89dda2b7720f72ae7a755b248435af94cde1f790a5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 2488
x-xss-protection: 1; mode=block

POST
H2 200 filters Show response
api.xp.xyz/api/stagehand/ 468 KB
469 KB 287ms
286ms Fetch
application/json 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

68694fd5cccb36ca2fbe69cbdf15ebcffa76c98a055b9c8c082dd0280ee08411

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 479655
x-xss-protection: 1; mode=block

OPTIONS
H2 200 campaigns
api.xp.xyz/api/xp/ Frame 0
0 470ms
196ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/xp/campaigns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 filters
api.xp.xyz/api/stagehand/ Frame 0
0 379ms
105ms Preflight
text/html 54.82.174.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.174.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-174-72.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45be43k0v9130944946z89172014031za200&_p=1711033778920&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2069379824.1711033779&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711033779&sct=1&seg=1&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=page_view&tfd=828
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:09:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xp.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/11351563070/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11351563070/?random=1663545704&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3...
https://www.google.com/pagead/1p-conversion/11351563070/?random=1663545704&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&d...
https://www.google.de/pagead/1p-conversion/11351563070/?random=1663545704&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dm...

42 B
455 B

43ms
22ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11351563070/?random=1663545704&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1220636256.1711033779&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI98HoxNGFhQMVMV9BAh2_fghpMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjoPaHR0cHM6Ly94cC54eXov&is_vtc=1&cid=CAQSGwB7FLtqJG1S7d4SY17TSAqaOVxr4lJYMtU4Cw&eitems=ChAI8LXvrwYQpsTUmsnNgLQcEh0AAhjJX3sRWGlScHQOdFtu5hPPW05rHNyFh-ubPQ&random=1217637812&ipr=y

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:09:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:09:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11351563070/?random=1663545704&cv=11&fst=1711033779063&bg=ffffff&guid=ON&async=1&gtm=45je43k0v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1220636256.1711033779&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI98HoxNGFhQMVMV9BAh2_fghpMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjoPaHR0cHM6Ly94cC54eXov&is_vtc=1&cid=CAQSGwB7FLtqJG1S7d4SY17TSAqaOVxr4lJYMtU4Cw&eitems=ChAI8LXvrwYQpsTUmsnNgLQcEh0AAhjJX3sRWGlScHQOdFtu5hPPW05rHNyFh-ubPQ&random=1217637812&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-experimental-b78c27602ca7f865097703c10dd5daa3.html Show response
js.stripe.com/v3/ Frame 97D5 391 B
794 B 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c59dc4105a79090dbf6bb6ffb23ce4a4e4f91370352854697b30cbca09ef057f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xp.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 229
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:39 GMT
etag: "b78c27602ca7f865097703c10dd5daa3"
last-modified: Wed, 20 Mar 2024 20:03:29 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-content-type-options: nosniff
x-request-id: ad2dbac9-1574-45d6-bda6-8297ad359620
x-served-by: cache-fra-eddf8230089-FRA

GET
BLOB 200
OK 8db65815-b7de-4d78-b270-94a2a4195cde
https://xp.xyz/ 463 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xp.xyz/8db65815-b7de-4d78-b270-94a2a4195cde
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 499caacbb7472f545a908dfb2442e21d85a8b232b0c27bdaf133ea585703efe7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 473816
Content-Type

GET
H2 200 1514233069351079 Show response
connect.facebook.net/signals/config/ 54 KB
12 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1514233069351079?v=2.9.150&r=stable&domain=xp.xyz&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7eaa46b7de512d0a9f6298991ccdbe939b379fa72a33e8e4b812799f1064a10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 15:09:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=63, mss=1326, tbw=62753, tp=-1, tpl=-1, uplat=65, ullat=0
pragma: public
x-fb-debug: xn0M0fUEjc3+g2LCTDp4O4UXeEc6HWUuGiukm2qdv7IFqD9D3m4S3JDV25KY+uO7MLCzHhhkmZoer0B/q3KVPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97D5 538 KB
131 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 15:09:39 GMT
via: 1.1 varnish
age: 68675
x-cache: HIT
content-length: 133445
x-request-id: 481c8875-cb70-41cb-a31a-5d396fce0b5c
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 20 Mar 2024 20:03:43 GMT
server: Fastly
etag: "9cb06353e7b2685d3858f33bf70c2ea7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20

GET
H2 200 controller-b4471eba573375023fd33301ba150390.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97D5 715 KB
186 KB 10ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-b4471eba573375023fd33301ba150390.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dadeb4b0afe0b9d304f4e636cf2289c8a310c374aaca8335aabb31ae49175e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 15:09:39 GMT
via: 1.1 varnish
age: 68675
x-cache: HIT
content-length: 190113
x-request-id: e6d4c40b-70ad-4bc8-8d7b-bebd5248c4a6
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 20 Mar 2024 20:03:41 GMT
server: Fastly
etag: "f0fb15db00d14a0543d1ca77df4f3bd2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 97D5 474 B
368 B 24ms
10ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 14
x-cache: HIT
content-length: 297
x-request-id: 177c8187-18f5-49cd-a4a9-ef60849769d2
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 20 Mar 2024 20:35:24 GMT
server: Fastly
etag: "643e2e68399a2eef269ef28e02effbd0"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 97D5 474 B
611 B 12ms
9ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 14
x-cache: HIT
content-length: 297
x-request-id: 1b747d81-64c4-4ff9-8c5c-29d7ada0bc71
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 20 Mar 2024 20:35:24 GMT
server: Fastly
etag: "643e2e68399a2eef269ef28e02effbd0"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

60151290f5ef6721dd33ed4e3d70257baf5f49a31c6970cbefcef9a2081f1a45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 15:09:39 GMT

GET
H2 200 755-abe14dc84751c419cb42.js Show response
assets.privy.com/packs/js/ 88 KB
31 KB 37ms
19ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/755-abe14dc84751c419cb42.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9520b2cb671d613ff9f2ae92c8de2305abfc8ad6a24cd7ad5d89203c60aa8432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 5517
x-cache: Hit from cloudfront
content-length: 31062
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710974512&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=URWG%2F%2BTDY8wnJRPJjHyXLOMj%2B%2FTnfuDJmJ6mdqIUrbg%3D
last-modified: Wed, 20 Mar 2024 21:13:45 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710974512&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=URWG%2F%2BTDY8wnJRPJjHyXLOMj%2B%2FTnfuDJmJ6mdqIUrbg%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 867edd440c743656-FRA
x-amz-cf-id: bnPmci2lG7R7exWakDGeJaXeN6e9bIy7uce3OWzVDoKI-LqDyiYpJw==

GET
H2 200 908-000e1ac551df9d63c8a5.js Show response
assets.privy.com/packs/js/ 38 KB
13 KB 43ms
25ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 3939
x-cache: Hit from cloudfront
content-length: 12381
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710975705&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=63962zkFb6nVZpWiRg8%2BDZby6yviFdT3crlewc1Y1zc%3D
last-modified: Wed, 20 Mar 2024 21:13:45 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710975705&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=63962zkFb6nVZpWiRg8%2BDZby6yviFdT3crlewc1Y1zc%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 867edd440c703656-FRA
x-amz-cf-id: yTMEjKm2jrapHbJ_ZrqPxLoiUuzRnI32cvD3Dn1AfudEtZmATTKvCg==

GET
H2 200 864-e97430f5f316998a0c34.js Show response
assets.privy.com/packs/js/ 19 KB
6 KB 40ms
22ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/864-e97430f5f316998a0c34.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b1c975871e139ec3dce8ca5d2cea862edf5572c930da5952c31a0e72a71ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 1320
x-cache: Hit from cloudfront
content-length: 6189
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711032036&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=xaWCx2XVBML8cKNwXVik0QWdRs4w8kOY0HHziu7g484%3D
last-modified: Thu, 21 Mar 2024 13:57:08 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711032036&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=xaWCx2XVBML8cKNwXVik0QWdRs4w8kOY0HHziu7g484%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 867edd440c733656-FRA
x-amz-cf-id: jjnNcvCySyqmI8oXynHlJF-qs2W_NE3A-SGpJmM62Tj6n6xTC_8Jyw==

GET
H2 200 538-58faf0b20e3865c7e8c9.js Show response
assets.privy.com/packs/js/ 108 KB
32 KB 41ms
23ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/538-58faf0b20e3865c7e8c9.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f74af822db7aa4ed1c03da76062e7909ff2aae04d06ed5c15277d938eb7de383

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 3155
x-cache: Hit from cloudfront
content-length: 31874
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710974269&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=jSQZuG65cOrOqr9%2BXA19hq%2BArShcPb87RTw7EjkSw3c%3D
last-modified: Wed, 20 Mar 2024 21:13:45 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710974269&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=jSQZuG65cOrOqr9%2BXA19hq%2BArShcPb87RTw7EjkSw3c%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 867edd440c763656-FRA
x-amz-cf-id: UN2GU5u6-TfcqgsSUCZoJ4M9JdAHbp6Y2uh5t_Ff3i1NAEyQ_XtO-Q==

GET
H2 200 legacy_widget-77347368f315fe42ebe0.chunk.js Show response
assets.privy.com/packs/js/ 114 KB
29 KB 39ms
21ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/legacy_widget-77347368f315fe42ebe0.chunk.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e433db6a5e93d9fd34379bf9d3dee291b8bc60fc0cfebb86dfc66b23270e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 4307
x-cache: Hit from cloudfront
content-length: 29169
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710975359&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ENzav9YieBMtgwjE%2BYRn%2BrqcwUHunzo2Y3NUt%2B33VX0%3D
last-modified: Wed, 20 Mar 2024 21:13:45 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710975359&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ENzav9YieBMtgwjE%2BYRn%2BrqcwUHunzo2Y3NUt%2B33VX0%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 867edd440c6e3656-FRA
x-amz-cf-id: mxr8REVBQGKgW1fEZSqZWzxPzGDiMyl0eACJ3Ihl-ObXGEsq1n0yhw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ 499 KB
199 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xp.xyz/
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 11:05:36 GMT

POST
H2 200 collect Show response
events.privy.com/v2/ 0
435 B 313ms
294ms XHR
text/html 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.privy.com/v2/collect

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711033780&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=eNU%2FvKnaX8TqxW5Ml%2B5Md2kHiiCzGYD%2B%2BG53Gyw323E%3D
x-request-id: d1a35787-11d9-4281-8280-a97ea3cb34be
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711033780&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=eNU%2FvKnaX8TqxW5Ml%2B5Md2kHiiCzGYD%2B%2BG53Gyw323E%3D"}]}
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 867edd448dff9241-FRA

GET
H2 200 widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css
assets.privy.com/assets/ 245 KB
25 KB 19ms
18ms Stylesheet
text/css 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/assets/widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/legacy_widget-77347368f315fe42ebe0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 160
x-cache: Hit from cloudfront
content-length: 25091
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710126300&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=7SDLmcUzl8od963vtFHBOYMFTxx2GUDl7L2YBWt5IB0%3D
last-modified: Mon, 10 Apr 2023 19:08:01 GMT
server: cloudflare
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710126300&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=7SDLmcUzl8od963vtFHBOYMFTxx2GUDl7L2YBWt5IB0%3D"}]}
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 867edd446cc43656-FRA
x-amz-cf-id: fI97fhJV-krJ_pem1Z6RDIuyY3yWS9smCzVvAFRF7ANrzRMP0WKSQw==

GET
H3 200 css
fonts.googleapis.com/ 717 B
370 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 14:49:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 15:09:39 GMT

GET
H3 200 css
fonts.googleapis.com/ 6 KB
809 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cousine:300,400,700%7CLato:400,500,700,undefined

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74551910d6802692f118f05d750ad05b6c9bbba49c3da1f485218c7997a54c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 15:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 15:09:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 15:09:39 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4A31 46 KB
29 KB 30ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=8utg9j4fyatd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f480cc2f8d9a49e75e044213d5dd7eb30d892f38e8eedd16096f7e2f43df6dfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VxxskzYrb7NvQbGq3KE2Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VxxskzYrb7NvQbGq3KE2Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 15:09:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 4A31 55 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=8utg9j4fyatd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 14:32:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 4A31 499 KB
198 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 11:05:36 GMT

GET
H3 200 Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js Show response
www.google.com/js/bg/ Frame 4A31 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=8utg9j4fyatd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7310
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 15:15:12 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4A31 102 B
135 B 19ms
19ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22b2a491c3cf30da29d0bf442586de5731d89475b20e17b55be13f590b9b4952

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=8utg9j4fyatd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 15:09:40 GMT

GET
H2 200 web-widget-main-a5bccfa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 2717 945 KB
279 KB 23ms
22ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=bca9994f-6c8f-4539-89ac-1a4459127e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9211e84cf5db7632d4e91f0cc3a660514dec1c01fb7ec17e381e1c1eb758e4b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: pJqu6tPM.I5Q4GF9AkP_HATOPk8YMrsq
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4AM14ZVA27KW16
age: 61
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: dgPR/2fnJzOCHTBvduq7gV60p59SKCw6s93NPMbTV/PWkO1OS8VSSSATNamlrtp2cAZ9MP1Aj+D1H/ch9RIlmQ==
last-modified: Thu, 07 Mar 2024 14:11:36 GMT
server: cloudflare
etag: W/"9fe3f095722824d79a8e1ee3a3fe18ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XeLhfSxPMbkaKV%2BfGpDoNbDdbLkrpEQm%2BOqS%2FTsAgcUPp3kKMub1B5II3JQ9K29n1tlKZjUnq6bJqnjgN0qhJvYPBIODP9fMPQW0uCoVdC2qX7lYgPkAt2GFR7vEv0RKesLX8iE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867edd45ab1a914c-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:11:35 GMT

GET
H2 200 en-us-json-a5bccfa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 2717 25 KB
6 KB 27ms
27ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: dhdAAISx0HAsdUuTr1X4iN_YhhRufNbT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4E0QHDFQVCFZRZ
age: 193373
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: J6pTzx97V13BDZzyOtfw+GL0v/GSv6WQGAmay6o3tfx20gxuOIn2+E26vl7FPRIbZBI9zH+5UEg=
last-modified: Thu, 07 Mar 2024 14:11:38 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KmU10OYkKCEATvozzIdvckZcAxu5TOhOpc9E1r4fqZDA6qpRwYPTe509XGHecoee%2FhA3EL8ZJBWL35XNI26oObwFFEBZsE9BWdNF%2BFkaOxqLlf4RE0OIiwi%2B6VvkIxYRxcjWCGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867edd468c11914c-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:11:37 GMT

GET
H2 200 config Show response
xpsupport.zendesk.com/embeddable/ Frame 2717 605 B
1 KB 227ms
188ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xpsupport.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7641dd581b49197ec3e16b4ffc870e8bcc65dde3f9566452c729b43a6af14b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-66b4fdb76c-w6rp9
x-cached: MISS
x-request-id: 867edd46c83830e8-FRA
x-runtime: 0.035678
server: cloudflare
etag: W/"7641dd581b49197ec3e16b4ffc870e8b"
vary: Accept, Origin, Accept-Encoding
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0gsLE8fBrfD1PzUGT0b7pYE7N2FDCjgtVrC3EJ3sAtzNsHnsxiJDaElki3IMSYv2Jx%2BzG9II%2FdTOAUzSupZk18ml8iZU3ZC3A%2FCSBeik%2ByclqAGqQS9LIvjpnQIV2aiaMPJG6DtbA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
cf-ray: 867edd46c83830e8-FRA

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8F91 7 KB
1 KB 18ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca5916f5215888b2b8fe116ec0728466b4939793472e9232cddf2ab33267ce17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AanoJdPFSCvAIedmk7pM0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AanoJdPFSCvAIedmk7pM0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 15:09:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 web-widget-chat-sdk-a5bccfa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 2717 202 KB
51 KB 31ms
31ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
x-amz-version-id: wNrB193y1FLyXZRrlHsnHfReGLkkPHfu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C41ZMG673Z0HM26
age: 193373
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: vOo6e55U2i67ZC10VfrG1HwcURdhJVZnQTIB+We4qamd/GLnJkslXsMfDFLTLXK8Ikm7BJfwVjbvSDjF/ijWJQ==
last-modified: Thu, 07 Mar 2024 14:11:36 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2naHy1v%2F0Z%2Bodv0DI0%2BEzIPDGIjbaxoDzIqRuXyvNW6jui5B3dUmu5ky9dvKdvbwXTjYQhzB4L5SQ1%2FLdbMzHwenB7qSHbrR9gQ08mvsD5m%2FPwuNBBoF8gcS7ygh3quiUOU3vk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867edd471caa914c-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:11:35 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 8F91 55 KB
24 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 14:32:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 8F91 499 KB
198 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 11:05:36 GMT

GET
H2 200 XP_Site_Background_Less_Grainy_WEBPv3.webp
cdn.hngr.co/xp/heroes/ 340 KB
341 KB 539ms
484ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/heroes/XP_Site_Background_Less_Grainy_WEBPv3.webp
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9a03f78d4fdbf1c14ebc2771b7a048a83ed1698705a2c16db2afd0fb34f8bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: CHBsnr4tg3asFlJy..L5VAmYgFgJs3B1
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 17:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "c4569fe37bce8adb2152889bcf7f90e0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 348650
x-amz-cf-id: PsnHq3Ec5OBM0hirydRU3sSYYssOcSoOLKYMCa4V_gVo-0rZBowHcA==

GET
H2 200 tswift.jpg
cdn.hngr.co/ticketdex/artists/Taylor%20Swift/ 192 KB
193 KB 34ms
15ms Image
image/jpeg 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/ticketdex/artists/Taylor%20Swift/tswift.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fcb59c1b2732bb975f8bd6bce13b68402952a0f17b12d9f56f16cee9110448d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 18:59:36 GMT
x-amz-version-id: ivbs3tdsefYkcjjB9Jg8B_7j_YCU_9ml
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Sep 2023 21:45:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 72605
etag: "e0273ca3eca6e20bdf76fba5209a30f6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 196550
x-amz-cf-id: ei9xW0F4WrbSBRUt6IgWS0xbi4wygldAtWGI20xFUlYW-fen7KZLhw==

GET
H2 200 993014053_0.jpg
cdn.hngr.co/performers/apple/ 561 KB
562 KB 470ms
452ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/993014053_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b40f6b8d5873db73881656441cc18c4ffa42010a32add6733f0e6d913ba5f32d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: droRorkth2mKNBn_hlHeVYb8wHukFA7k
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:41:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "00a70acc511ccce957548221120d0670"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 574596
x-amz-cf-id: JOsHyONKwu_qlhTuO8QgwcCizT2lZd3biBQWbB5nep1YmqgorQumMQ==

GET
H2 200 ufc.webp
cdn.hngr.co/ticketdex/artists/UFC/ 149 KB
149 KB 501ms
483ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/ticketdex/artists/UFC/ufc.webp
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 001da1ce5207c9ebe4af62fb5f9ef224d98ba2bd9957543195cac1da83bf46c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: xcTiP0Rt7cWgSeGxwRYXciKH8zM2555B
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Wed, 18 Oct 2023 18:40:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "ba19f1f6a759a017eb6db3c938ecff3d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 152128
x-amz-cf-id: j59I_EMxQM_vN5arkTIBaG7uADmgQCGpmT2FGVtJ2f6ZEGvIztJtpw==

GET
H2 200 Kenny_Chesney.jpg
cdn.hngr.co/ticketdex/artists/Kenny%20Chesney/ 394 KB
395 KB 449ms
431ms Image
image/jpeg 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/ticketdex/artists/Kenny%20Chesney/Kenny_Chesney.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26cf3c16397342eaa58df6d157cacc134ce77593f2acaa699c2fff22fd16b1db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: j.LUqDgr_s1onYmFVI57S9zL5Toqsf2Y
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Wed, 08 Nov 2023 15:55:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "0a72c025060580ed862303d319c1a46b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 403598
x-amz-cf-id: wqgBk34whIMC2GS2AMQQum69lZjIHQAjUJj4tkHuXCrZrvpJJckQmQ==

GET
H2 200 829142092_0.jpg
cdn.hngr.co/performers/apple/ 3 MB
3 MB 417ms
400ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/829142092_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31b2d04446fd5c796d194d3ee3813374224f9a1f66c0f31164d4ada352758a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: IQoqheECALwoC.x8n7xx9mxvkeKu5HSb
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:33:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "3391e018c053c9be380e8a35f2f9e175"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 3200700
x-amz-cf-id: sfD6GDwGEBNz4cdT7iu1N7OaeTEuDhDR5Iul4m4m3Kk2svFIYiD07g==

GET
H2 200 14450-dd081922-81a1-401a-9a96-466baa0c9eb0.jpg
cdn.hngr.co/xp/performer-images/ 244 KB
245 KB 23ms
23ms Image
image/jpeg 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/performer-images/14450-dd081922-81a1-401a-9a96-466baa0c9eb0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f559328fc7464c8eba42a44881a16ada9e72d8a11b1598dc0ffa9d4325653e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 18:59:44 GMT
x-amz-version-id: 5VvcvmV6QrmAw2gqPopso7y37eOYdbwj
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 15 Feb 2024 20:22:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 72597
etag: "7c99602496673849fccbf0a4edece02b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 250295
x-amz-cf-id: -vupChFaO04mHiRpUd8oIR0MKfpR2nWJVpT1kWPQFzEJ9XqzGnJciQ==

GET
H2 200 485953_0.jpg
cdn.hngr.co/performers/apple/ 2 MB
2 MB 23ms
23ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/485953_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2991fb5c323d90ecb01e1da10b1e67193af2af30f99eadc8f65df19a21491f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:06:44 GMT
x-amz-version-id: Tp1ovySu0xEFo8IVQXpdJedm0pYyzg7d
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:37:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 43377
etag: "800037939af89d99ce81b0d288748d7a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 2150137
x-amz-cf-id: OuQQk25bHqtlRnWrHiB2juGwIKdRFRz8OUGa8d6d-28VhvMym-pcvw==

GET
H2 200 12576-dd784384-b08d-45cb-9aa6-5c6b0ca80ca0.jpg
cdn.hngr.co/xp/performer-images/ 58 KB
58 KB 26ms
26ms Image
image/jpeg 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/performer-images/12576-dd784384-b08d-45cb-9aa6-5c6b0ca80ca0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a6e42b5f0f0a24733687fdda3750590330295a2737047621a2f6ea9e81d8256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 18:59:44 GMT
x-amz-version-id: dtPtC9CAoNPHK10TFh_6lU7ynfGufi67
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 14:23:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 72597
etag: "3a381a50f6ce5e9614daa3f401fe00c2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 58932
x-amz-cf-id: dNJY4tNN7fLwgq3ktSTIbVXdKc3dWZS8phATWXqqIak1etmn3f3XsA==

GET
H2 200 96353_0.jpg
cdn.hngr.co/performers/apple/ 2 MB
2 MB 391ms
391ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/96353_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b04f320935e6af2fb98db96fedbcf673fc29db197f3af31066fa187fad8ac879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: mC3Stw9adoEfuIDo36ZBcfkU6LHgn66t
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 02 Nov 2023 17:18:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "10c10069965092fed6ccb614f8a51ec0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 1586870
x-amz-cf-id: qxzwLdRgpNqj1Q92S6sDPRAxslsPTcvHcmfwXsHmO1kC51nas8Ho-g==

GET
H2 200 1551033783_0.jpg
cdn.hngr.co/performers/apple/ 357 KB
358 KB 31ms
30ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/1551033783_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a866fb2ad35eaa31575c37a8bd20c1d5493077567e4bbdf892d754498e5e8636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: xw5onHlDeaJdMGptdwSDtW6z4HTjj_pt
date: Thu, 21 Mar 2024 15:09:40 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:33:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 43377
x-amz-server-side-encryption: AES256
etag: "896a186209e43878dce6d2accd59fc84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 366011
x-amz-cf-id: eA0PjoIHsFThrhw107NSFk0tVyjbY6DvyyAogxxc6v8nDUZMF_158Q==

GET
H2 200 3996865_0.jpg
cdn.hngr.co/performers/apple/ 5 MB
5 MB 429ms
429ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/3996865_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 172a8b8e74e952dc54c4b927097ebd03987e8188e4697df51206d663c265e559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: FHpWPjBMXf6O.qcYGHbJHfJcDW.j6Kko
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:35:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "dd397f293869bc8c084d4abbc1f389eb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5506216
x-amz-cf-id: k-C3kuU6X0LFwqd_9zmaJKhM0bKIfJQAv2BtOVQUI15kzxv9f4lkDQ==

GET
H2 200 271256_0.jpg
cdn.hngr.co/performers/apple/ 1 MB
1 MB 452ms
452ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/271256_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 400482eecc81a1b6f6f45c03efea336730e798916f63f5a6aa82b542293b2c8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: e71slgTOfghBekQRhanGyMpc9iRuQaE5
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:33:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "b95c5869a29a59a9009755a0cf647d76"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 1094104
x-amz-cf-id: Ht-a9ScCHSQV2hD8EpFcvyfLUU6510XY8gmU5x58RCV1Thq_4Fzbmg==

GET
H2 200 1436413980_0.jpg
cdn.hngr.co/performers/apple/ 1 MB
1 MB 44ms
43ms Image
binary/octet-stream 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/1436413980_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f8bcc2025d2c56f2bf8e91b0026b850aa3eaf4807d983daa86dfd226609f4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 4PjkF3l3QT3f2qO1n2S2anARR5.FCu.c
date: Thu, 21 Mar 2024 15:09:40 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Thu, 02 Nov 2023 17:11:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 10311
x-amz-server-side-encryption: AES256
etag: "5ec57c647098a8cd5750c28209d930fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 1344975
x-amz-cf-id: aLf-MJdBi5fh27dkHsPq0XF1LynGCdQgyUayEoYiI4UisqzJa4QNgw==

GET
H2 200 30974-a6618c10-7ad2-4fa2-bdb2-e9b157989abd.56
cdn.hngr.co/xp/performer-images/ 445 KB
446 KB 474ms
474ms Image
image/png 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/performer-images/30974-a6618c10-7ad2-4fa2-bdb2-e9b157989abd.56
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b3d24380c9b647264df975af1abdaee51a6823761d7e1a627f62b89a6fbdddd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 6PARAmQi0SxV9SlS0HGxxItA_wAX_Ef4
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2024 17:57:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "4f096e7687e0a3e52aa0aef95f1e1aca"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 455686
x-amz-cf-id: oDqP6JawdMiob3AEFOlD_ZLcyESD3-rz1pHgKy0Phg6DYXUxld9DVQ==

GET
H2 200 14819-85d8d988-7e81-46aa-931d-f5a5006b21cb.jpg
cdn.hngr.co/xp/performer-images/ 768 KB
770 KB 535ms
535ms Image
image/jpeg 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/performer-images/14819-85d8d988-7e81-46aa-931d-f5a5006b21cb.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa7c5ffa27b46017a62670d98b2b2afe177192d85a41080e7b4d81670595e0d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:41 GMT
x-amz-version-id: QIr1LZ8s4RcTwawG5LBTnT4OyOHepCYr
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Mon, 18 Dec 2023 22:04:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "37739912884910307066efe39563abb9"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 786837
x-amz-cf-id: 9At0o5y-sB31zV35njotR3EbFZt6WEhjqlutmJvWsiQtOhLZ5bwpNw==

GET
H2 200 Sequel100Black-85.b6e03c89c405e3d2409a.ttf
xp.xyz/static/media/ 46 KB
24 KB 11ms
10ms Font
font/ttf 18.66.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/Sequel100Black-85.b6e03c89c405e3d2409a.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.a2419b14.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.27 , United States, ASN (),
Reverse DNS: server-18-66-97-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 938c4c5f11cc2bc38dba9a06da56853e654dccc7f35e33cb1b1cd9aa1ee8ebbf

Request headers

Referer: https://xp.xyz/static/css/main.a2419b14.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:17:49 GMT
content-encoding: gzip
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 21:37:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 10312
etag: W/"31a9c9aa3bcd926ba76919938549cd33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: _e2Tt491NbVSDJPvRJ2E56bqk_V8JOjGAwnnlS8AQMNu4edXeu87nQ==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 8F91 21 KB
15 KB 130ms
130ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55ecd0b3de844955cd4dcb2666ac94f331d66029daedad6e5f4c347e4a6a5d58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 15:09:40 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 97D5 0
271 B 541ms
178ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 21 Mar 2024 15:09:41 GMT
x-stripe-server-envoy-start-time-us: 1711033781015606
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1711033781014790
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 97D5 0
273 B 539ms
177ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 21 Mar 2024 15:09:41 GMT
x-stripe-server-envoy-start-time-us: 1711033781015530
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1711033781014683
access-control-allow-credentials: true
content-length: 0

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8F91 600 B
624 B 10ms
8ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 18:30:13 GMT
x-content-type-options: nosniff
age: 247167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 18:30:13 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8F91 530 B
554 B 11ms
9ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:17:32 GMT
x-content-type-options: nosniff
age: 244328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 19:17:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8F91 665 B
689 B 11ms
10ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:42:02 GMT
x-content-type-options: nosniff
age: 12458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 28 Mar 2024 11:42:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8F91 15 KB
15 KB 117ms
11ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 243441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8F91 15 KB
15 KB 121ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 17:34:06 GMT
x-content-type-options: nosniff
age: 250534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 17:34:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8F91 15 KB
16 KB 115ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:28:00 GMT
x-content-type-options: nosniff
age: 2500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 14:28:00 GMT

GET
H3 200 Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js Show response
www.google.com/js/bg/ Frame 8F91 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7310
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 15:15:12 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 8F91 22 KB
22 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA7XIj1Sbdh5DaYhOIUbGou95icm5EYJMhtsV2_-l6ZV12Ia4OjNTNKhKAtB6tyOsS1UojXT_7ONiWRYa5T0har-PonwNlovNaxmJMLeBLE3Sy1lCwZhNc-6hSbYESgrDjgMZuMl5c2LYlScjI1MCGUdLKcenFTSPbbNMhdE2DReqNdxM1ca7p-5ygrULuarMNLK7y5V2BdQwdNW5ZhErDkJF1eoCQ&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

844c6793b46102dd564d835f04ae58d91733e6aee44faa5cdabcb87ec6625be3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 15:09:40 GMT

POST
H2 200 / Show response
o133761.ingest.sentry.io/api/4505557805563904/envelope/ 41 B
339 B 71ms
20ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o133761.ingest.sentry.io/api/4505557805563904/envelope/?sentry_key=6bb349aba87347d6b4af354ce446661e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.49.0

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

dfd2181f4f223e0b11b46bee00c5ad816dd0da508c23290213c6c9b9ff1a8e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 15:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 3862 200 B
957 B 10ms
9ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xp.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1265447
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:41 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 704778
x-content-type-options: nosniff
x-request-id: 64f73050-3ed5-4ac9-a7f2-b2e3768257da
x-served-by: cache-fra-eddf8230089-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3862 526 B
473 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 15:09:41 GMT
via: 1.1 varnish
age: 1328306
x-cache: HIT
content-length: 315
x-request-id: 87886789-0627-42b8-94c3-ad94e80cad7f
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 673410

GET
H2 200 inner.html Show response
m.stripe.network/ Frame C70C 930 B
2 KB 33ms
8ms Document
text/html 2600:9000:2724:9e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:9e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:09:07 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
x-amz-cf-id: 5uo7rwWYpeQKDOYAZiftRiTf9SVtlXuX8TZ4_getfemEBd6AHlqyXw==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame C70C 87 KB
14 KB 8ms
8ms Script
text/javascript 2600:9000:2724:9e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:9e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:08:57 GMT
content-encoding: br
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 45
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA56-P12
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: NkdKt1KP8ouiLPET-vN4HjPE3wrcLb0bTzV0sLmfZtegqo33YHDbtQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame C70C 156 B
667 B 554ms
179ms XHR
application/json 44.237.151.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.151.236 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-151-236.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

019d4db119b5020a730bc42f729d6b3f16a0751bd5f87ce9d23b75e09e4ea9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 21 Mar 2024 15:09:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1711033782011421
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1711033782011111
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 web-widget-chat-incoming-message-notification-a5bccfa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 2717 236 B
837 B 19ms
19ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:41 GMT
x-amz-version-id: zVFnmZy8rSdETnvnvJk7Bz5hqSP6yYx1
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4E0V0R1R8G3J2H
age: 193373
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Otk1lykWW2uI7pxajMaBoTzupOVaZlGHx7emmBOiUHI5z0s1axaZM8vxQE5IozZ/SJDJfeGukGU=
last-modified: Thu, 07 Mar 2024 14:11:36 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFHMuKnwGDw5u3Fs9RhZ9U5pFGxId5ds6GOO1LDphku0FpdvHdmrUNBAPSt%2BBS%2FnbDIZ6rCzL%2F%2FPbGNoqY7dx%2BTv2Jbs1DhS3mBf92SICkYURN1GSUFY14xwzY8618hSHAv6Kgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867edd4fadd3914c-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:11:35 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 2717 19 KB
20 KB 19ms
18ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Mar 2024 15:09:41 GMT
x-amz-version-id: Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KH5VE2Z70ZGQ75A2
age: 680981
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified: Wed, 29 Nov 2023 08:06:43 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUqjdm4VkAK%2FIrNvZ4I0E%2F%2F1mGG43QgB9TbuvZ83ypkyLOdvdxZymyGPCGUeF%2FVkHCSA7vBeuCXBBUirOIjkaLgeuCPyqkiefwS383x8BOM6CvrpDxe8fGDaQjFo4y4oJ5ILf7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867edd4fcdf6914c-FRA
access-control-allow-headers: *
expires: Thu, 28 Nov 2024 08:06:42 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 97D5 0
273 B 176ms
176ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 21 Mar 2024 15:09:42 GMT
x-stripe-server-envoy-start-time-us: 1711033782485172
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1711033782484531
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 204 i
r.lr-ingest.io/ Frame 0
0 643ms
116ms Preflight 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-29c06e69-aed2-4151-8c25-94fafe45b7d5&t=d5d2df6d-16d2-45fc-a367-bcc72c5f1453&s=0&rs=0%2Cu&u=b252d8a9-086a-432c-a792-d5bc64e0a88a&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Thu, 21 Mar 2024 15:09:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.lr-ingest.io/ 6 KB
6 KB 1181ms
488ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-29c06e69-aed2-4151-8c25-94fafe45b7d5&t=d5d2df6d-16d2-45fc-a367-bcc72c5f1453&s=0&rs=0%2Cu&u=b252d8a9-086a-432c-a792-d5bc64e0a88a&is=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.e922e45c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

f05ccfe88420175dc603d9b4702139773d1d2142a27144f72aa9c2378b089a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://xp.xyz/
X-LogRocket-Relay-Version: 2023.12.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:09:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"1734-YpqfunMGwLF9wmdZptRq1pfazfw"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 5940

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45be43k0v9130944946za200&_p=1711033778920&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2069379824.1711033779&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1711033779&sct=1&seg=1&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=scroll&epn.percent_scrolled=90&_et=68&tfd=5828
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:09:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xp.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.xp.xyz
URL: https://api.xp.xyz/api/stagehand/filters

Domain: api.xp.xyz
URL: https://api.xp.xyz/api/stagehand/filters

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:36:25	Name: _GRECAPTCHA Value: 09AH1nMHLKx9hV4JZ7f4EbKkeyYcQ3AqZfUnIn7lsu1Isd4abx0n-pGreFxSbOCcBeMbIcMWnojAVjX7BNKk_-Vf0
.xp.xyz/	1970-01-20 21:26:49	Name: _gcl_au Value: 1.1.1220636256.1711033779
.xp.xyz/	1970-01-21 04:53:13	Name: _ga Value: GA1.1.2069379824.1711033779
.xp.xyz/	1970-01-21 04:53:13	Name: _ga_FNW94WS062 Value: GS1.1.1711033779.1.1.1711033779.0.0.0
xp.xyz/	1970-01-20 19:18:40	Name: _lr_tabs_-ivunb2%2Fhngr Value: {%22sessionID%22:0%2C%22recordingID%22:%225-29c06e69-aed2-4151-8c25-94fafe45b7d5%22%2C%22webViewID%22:null%2C%22lastActivity%22:1711033779449}
xp.xyz/	1970-01-20 19:18:40	Name: _lr_hb_-ivunb2%2Fhngr Value: {%22heartbeat%22:1711033779450}
xp.xyz/	1969-12-31 23:59:59	Name: _lr_uf_-ivunb2 Value: 902b44f2-d4b0-4b7a-846d-51a57bc254f5
.doubleclick.net/	1970-01-20 19:17:14	Name: test_cookie Value: CheckForPermission
.xp.xyz/	1970-01-21 04:02:49	Name: _privy_AF7240E62E5BB1F64E2D0FA3 Value: %7B%22uuid%22%3A%22dd109c2a-c67f-4e09-b346-26057556b5a1%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22DE%22%2C%22region_code%22%3A%22DE_HE%22%2C%22postal_code%22%3A%2260326%22%7D
widget-mediator.zopim.com/	1970-01-20 19:27:18	Name: AWSALBCORS Value: kqEBAOQZ018HBDTofn7TuCN7CkYGgYBLKdJ0tDqE+z9egKKNJFdUmtQ+d6TnPolKlTeld4pvsL8/Ak2LuaAAtv3L+/iLA/CZFdPVU3Q39oYG9Gzr1rRYd5FL29Th
.xp.xyz/	1970-01-21 04:02:49	Name: __zlcmid Value: 1KtmaMzpY7NwcvA
m.stripe.com/	1970-01-21 04:53:13	Name: m Value: 5665ee24-ac05-4124-b5ac-ff380c8fedec0c08b9
.xp.xyz/	1970-01-21 04:02:49	Name: __stripe_mid Value: 38dffdfa-ac2e-4148-8d64-755fa061f25ea7ebb3
.xp.xyz/	1970-01-20 19:17:15	Name: __stripe_sid Value: 9220bc06-51ed-4943-84eb-c0036aa4792a7b4469

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://xp.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1514233069351079?v=2.9.150&r=stable&domain=xp.xyz&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://xp.xyz/ Message: Access to fetch at 'https://api.xp.xyz/api/stagehand/filters' from origin 'https://xp.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.xp.xyz/api/stagehand/filters Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://xp.xyz/ Message: Access to fetch at 'https://api.xp.xyz/api/stagehand/filters' from origin 'https://xp.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.xp.xyz/api/stagehand/filters Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://xp.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xp.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xp.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.privy.com
api.xp.xyz
assets.privy.com
cdn.hngr.co
cdn.lr-ingest.io
connect.facebook.net
ekr.zdassets.com
events.privy.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hngr-icons.s3.amazonaws.com
js.stripe.com
m.stripe.com
m.stripe.network
o133761.ingest.sentry.io
r.lr-ingest.io
r.stripe.com
region1.google-analytics.com
static.zdassets.com
tk3d.tk3dapi.com
widget.privy.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
xp.xyz
xpsupport.zendesk.com
api.xp.xyz
104.16.51.111
104.18.72.113
104.198.23.205
151.101.64.176
172.217.23.98
18.66.122.11
18.66.97.27
2001:4860:4802:32::36
2600:9000:2724:9e00:19:7d10:bd80:93a1
2606:4700:10::6816:146c
2606:4700:10::6816:156c
2a00:1450:4001:803::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3121::3
3.161.82.16
34.120.195.249
44.237.151.236
52.216.144.59
54.186.23.98
54.82.174.72
001da1ce5207c9ebe4af62fb5f9ef224d98ba2bd9957543195cac1da83bf46c6
019d4db119b5020a730bc42f729d6b3f16a0751bd5f87ce9d23b75e09e4ea9f1
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
062bcebf195638fbc6d137648e53fb0196750c6b2f48e2005e48e64dac79e8d2
0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce
11bd041ab0fc6de3bb51707ba58f50f1a6f7dd273d4506ff5abb91a29377d6fe
153771fa4bd1db6b3dbce81e61081312d9ebe1cc8dc80379d0cefabfda339ac9
172a8b8e74e952dc54c4b927097ebd03987e8188e4697df51206d663c265e559
173a14a0d6085072cb655a381aae7949612c0d76c1e7de780288b74939363fdb
1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6
181fe485ffdfce46542d6d1dd5063b7bc4110deabb3b2ad9026aca860aef2466
228606fc973e515df5c25fdb162fc458ed708b36998343ed11213dbfef9d39d3
22b2a491c3cf30da29d0bf442586de5731d89475b20e17b55be13f590b9b4952
25b56ccb76e9fd9c4f51c3a640d62e35ac3bfc203f1877f410f5425836707f7b
26cf3c16397342eaa58df6d157cacc134ce77593f2acaa699c2fff22fd16b1db
2991fb5c323d90ecb01e1da10b1e67193af2af30f99eadc8f65df19a21491f5f
2fcb59c1b2732bb975f8bd6bce13b68402952a0f17b12d9f56f16cee9110448d
31b2d04446fd5c796d194d3ee3813374224f9a1f66c0f31164d4ada352758a22
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
36d5e4ce8d4bd1aaa9290210ede0e1126c0a5f0883ece7b03f7066f4ae2fe8cc
379d3660660e7bcaf7b86d32dba73cc37ebdc669a671a47254d5193f31a41ade
3c1c1b5b523a4a35824c5ebf0b8f56b003dc1ccbef4e654cc459face31659445
3d4b52fca9dd5dd10b96a69055c1828e8ab4cd9c52a272aa30dc3f6068702579
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f97ef4a01d01cf5f413e9d0daab3418e27c62966d32bc7edd6679f1216c33db
400482eecc81a1b6f6f45c03efea336730e798916f63f5a6aa82b542293b2c8e
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
499caacbb7472f545a908dfb2442e21d85a8b232b0c27bdaf133ea585703efe7
4a6e42b5f0f0a24733687fdda3750590330295a2737047621a2f6ea9e81d8256
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4
55cf313f6b5cfc7b15b38fb6e04f48c09430d5a3073a492155c57925720b2941
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
55ecd0b3de844955cd4dcb2666ac94f331d66029daedad6e5f4c347e4a6a5d58
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3d24380c9b647264df975af1abdaee51a6823761d7e1a627f62b89a6fbdddd
60151290f5ef6721dd33ed4e3d70257baf5f49a31c6970cbefcef9a2081f1a45
68694fd5cccb36ca2fbe69cbdf15ebcffa76c98a055b9c8c082dd0280ee08411
6f3ab5c4be0f5d5073133c54827f50042a8192db103667c7038af143d0156850
6f8bcc2025d2c56f2bf8e91b0026b850aa3eaf4807d983daa86dfd226609f4fe
6f9e1f7d958504bda830cee98f04be515a1ff456440678873a69be15499505b2
74551910d6802692f118f05d750ad05b6c9bbba49c3da1f485218c7997a54c25
754b8757b0b21fbbf8665b79b69d06c4fddfaffad4b33be480c0cb92ed639016
7641dd581b49197ec3e16b4ffc870e8bcc65dde3f9566452c729b43a6af14b7f
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
783cdc4170c89c37145545c2d2dad64afd969d701ee0453a5ebbf116c1765588
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d
83999841b2c4c18a356800bbc0b7b41e4aeea967082f7f080e308355a7b56ae1
844c6793b46102dd564d835f04ae58d91733e6aee44faa5cdabcb87ec6625be3
87c4dece14d5ee3442276564dbfa650251b1ec5864e17f92b943ad2600b5db19
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
9208d3b15dfda19ba48d0dd78429975637682531aa6aa9c9a0b0c9049a4a081d
9211e84cf5db7632d4e91f0cc3a660514dec1c01fb7ec17e381e1c1eb758e4b4
92ba422186fcdf423baaae445c3535672f485c5bf9b0a40b4eb6dd4a2222bb2c
92dd7032e364aae7b462a1ab8d3cd616ee59eef5e31e61505010fe989814d0e4
938c4c5f11cc2bc38dba9a06da56853e654dccc7f35e33cb1b1cd9aa1ee8ebbf
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9520b2cb671d613ff9f2ae92c8de2305abfc8ad6a24cd7ad5d89203c60aa8432
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
9ae06ad3e13bf65251af2020a972d712551182088d12f5347abe1e7512953593
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a33bdf27bd8265f22400006e8ad6cf1b6d9e69a5a71cefac52910c57c9a9dda3
a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a588343e33efac9f375d8a1f704e96a77f0397cf1c1e0a0dcdfc2dfbd939b726
a7e433db6a5e93d9fd34379bf9d3dee291b8bc60fc0cfebb86dfc66b23270e5f
a7eaa46b7de512d0a9f6298991ccdbe939b379fa72a33e8e4b812799f1064a10
a866fb2ad35eaa31575c37a8bd20c1d5493077567e4bbdf892d754498e5e8636
b04f320935e6af2fb98db96fedbcf673fc29db197f3af31066fa187fad8ac879
b3820e0459f9097db723db1f155653dbcf7d3a91be374e104db2dc3d67f55c4d
b40f6b8d5873db73881656441cc18c4ffa42010a32add6733f0e6d913ba5f32d
b471e5d8e0cade87c742d1fb730666ca1f95ec1c896ca15848298873188c1eba
b9a03f78d4fdbf1c14ebc2771b7a048a83ed1698705a2c16db2afd0fb34f8bba
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
baa405dd6912e09f8fe2bb83d0519d5844e2e623769166b182dae75a1d7524d9
bc2dd9fb17a446efda2af3332c80f861f9b5d8f313201e452d45fbd8bdd79522
c07c6b0d23cf877e90e0a11ca66f62be222e0209896ddadb5dee9b8965be1212
c59dc4105a79090dbf6bb6ffb23ce4a4e4f91370352854697b30cbca09ef057f
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9b1c975871e139ec3dce8ca5d2cea862edf5572c930da5952c31a0e72a71ba2
c9c15065d3d64c404a86c89dda2b7720f72ae7a755b248435af94cde1f790a5b
ca5916f5215888b2b8fe116ec0728466b4939793472e9232cddf2ab33267ce17
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d40b07c587acdc51adb1b5f200b3586054d61637fd7d76a45f61bb330eae0eef
d638ef4be53e0c9cbc3416bcca1d1125065c41a78ff2e9cd79fd13c94cbfc6ae
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
dadeb4b0afe0b9d304f4e636cf2289c8a310c374aaca8335aabb31ae49175e2c
dfd2181f4f223e0b11b46bee00c5ad816dd0da508c23290213c6c9b9ff1a8e2c
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5b55310538853b02edaa6782cd28ae71f56745cc2746235b129c3c21a016e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb46f561c2040c5dc2dccb064492f7847ff766e1b24f6b242a3bd8136eee9f2
f05ccfe88420175dc603d9b4702139773d1d2142a27144f72aa9c2378b089a7d
f28f3a085b5b313f188dac78cb183da7831fa11d65939b93edd959e8057bebb1
f480cc2f8d9a49e75e044213d5dd7eb30d892f38e8eedd16096f7e2f43df6dfe
f559328fc7464c8eba42a44881a16ada9e72d8a11b1598dc0ffa9d4325653e88
f74af822db7aa4ed1c03da76062e7909ff2aae04d06ed5c15277d938eb7de383
fa7c5ffa27b46017a62670d98b2b2afe177192d85a41080e7b4d81670595e0d8

xp.xyz Open in urlscan Pro 18.66.97.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

97 %HTTPS

50 %IPv6

20 Domains

29 Subdomains

26 IPs

3 Countries

30050 kBTransfer

40594 kBSize

14 Cookies

8 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xp.xyz Open in urlscan Pro
18.66.97.27 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

97 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

26
IPs

3
Countries

30050 kB
Transfer

40594 kB
Size

14
Cookies

127 HTTP transactions
0 data transactions