app.onboard.xyz Open in urlscan Pro
2600:9000:237d:4800:4:afab:1f00:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app.onboard.xyz/	3 KB 2 KB	615ms 459ms	Document text/html	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 697c633bd39ba8781035548a16a43cf92821bedf7efb9edd8b0546abdf3dd253 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, s-maxage=2 content-encoding gzip content-type text/html date Thu, 01 Feb 2024 14:53:35 GMT etag W/"a52be620b02623174c405cdde97a872e" last-modified Tue, 30 Jan 2024 01:33:01 GMT server AmazonS3 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront) x-amz-cf-id l3uo2xiMQgjr7xIFSMCK4U7SOF5i0cO7kTkiRMFpHYp2i9F5ZL09kw== x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	vendors.cc4f7a7e.js Show response app.onboard.xyz/static/js/	7 MB 2 MB	467ms 466ms	Script application/javascript	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e0bda9134b90f246de60167df2e3e0eca56c04d965f71786ecf6efd48fa22ce7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:36 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Jan 2024 01:33:02 GMT server AmazonS3 etag W/"d0f7cc07e2b7b35223721036af2c2012-2" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control public, max-age=0, s-maxage=2 x-amz-cf-id wCla-Xxgq38pnm3Yrp3wMtc0TfxuyXMJbYyEAnoz_Ht4Qiz6MrmIEQ==
GET H2	200	ui.4920a5f9.js Show response app.onboard.xyz/static/js/	1 MB 489 KB	360ms 360ms	Script application/javascript	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/js/ui.4920a5f9.js Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 937fdc34a520b0d33f85ce1cd8c7f55026531589ee5a17b769c2173b83446474 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:35 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Jan 2024 01:33:02 GMT server AmazonS3 etag W/"2aed24a8df57ce89f6436c6765b4bef4" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control public, max-age=0, s-maxage=2 x-amz-cf-id 0DkxdYhiHKbkoZoMaZAZP_ABxx-y7DD8DypgXywF0I6VUOHMU3M8gw==
GET H2	200	main.4aaebf7d.js Show response app.onboard.xyz/static/js/	229 KB 65 KB	481ms 481ms	Script application/javascript	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/js/main.4aaebf7d.js Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 260ecc9e47312bfab699ab129df6b937d8696ba05a567009746b8b302ebb336e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:36 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Jan 2024 01:33:02 GMT server AmazonS3 etag W/"f0368b470215c76400f20e12a5b974a3" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control public, max-age=0, s-maxage=2 x-amz-cf-id 295C6Z4_VAvNiS8M4E2omRjE4CCsSjdMtONQP4PimejLgdU1Q6qujg==
GET H2	200	ui.5e8a6c1b.css app.onboard.xyz/static/css/	126 KB 22 KB	470ms 470ms	Stylesheet text/css	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ba29aaa38ce85b43e29ae15e4f6ebb666a48189482ede851e9cdf7d1c83795b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:36 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Jan 2024 01:33:02 GMT server AmazonS3 etag W/"1cf728ec30b8e01f2c4ef8983cf62f5f" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control public, max-age=0, s-maxage=2 x-amz-cf-id RLa0caght5wzt4TgZFq0em0bC-QnxVe1K7Jf1O9TgNdfgKvt5MFWng==
GET H2	404	gtm.js www.googletagmanager.com/	0 0	80ms 30ms	Script text/html	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KG9V7LR Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/OrEyJFnNeKqtmce9hF53In2Cf79SQqNo/	108 KB 29 KB	736ms 644ms	Script text/javascript	108.138.32.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/OrEyJFnNeKqtmce9hF53In2Cf79SQqNo/analytics.min.js Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.32.174 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-32-174.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash c0a1c4972e9c720615b23af6386c9939010115b173b34b9a212ecf76e8649c51 Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:37 GMT x-amz-version-id l_y8yDk.Ep6iTF9yU0d7Pzr0Z6PXoPul content-encoding br via 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 18 Jan 2024 00:32:02 GMT server AmazonS3 etag W/"06fedf30acfa7063ba3730f707874901" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 vary Accept-Encoding x-amz-cf-id YOkwxtUatKAEA6FgkAxKREX1rE7XG2pNz6fPa5Cb0YeiinKKl8Lt0w==
GET H2	200	settings Show response cdn.segment.com/v1/projects/OrEyJFnNeKqtmce9hF53In2Cf79SQqNo/	609 B 1 KB	82ms 33ms	Fetch application/json	108.138.32.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/OrEyJFnNeKqtmce9hF53In2Cf79SQqNo/settings Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/OrEyJFnNeKqtmce9hF53In2Cf79SQqNo/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.32.174 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-32-174.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 1c8350c8964f0549808e8fdade5bb023a49224c68c27768fb8dfe7bda2a0f5de Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id b46cq32MhZdHAioswi.Tn52XnRbVro5g date Thu, 01 Feb 2024 13:57:33 GMT via 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 age 3363 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 609 last-modified Tue, 06 Jun 2023 07:31:31 GMT server AmazonS3 etag "ba516e044e287d93cd93c91d224322cd" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 vary Accept-Encoding accept-ranges bytes x-amz-cf-id mC2KnKNkmaMdBy_5DKlxSFFRukI9SD2V9NeXwgmFPJ7yjcBKb-mfpg==
GET H2	200	ajs-destination.bundle.13362ca512563a10e34d.js Show response cdn.segment.com/analytics-next/bundles/	9 KB 3 KB	24ms 24ms	Script application/javascript	108.138.32.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/OrEyJFnNeKqtmce9hF53In2Cf79SQqNo/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.32.174 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-32-174.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5 Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 15 Nov 2023 20:48:28 GMT x-amz-version-id p6tk_itArJhm1.zmwaH5aXhODx_TUmzt content-encoding br via 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 age 6717909 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 15 Nov 2023 20:12:01 GMT server AmazonS3 etag W/"0dec480089dae7da1834489f95aca4e7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id n1_pIdwU1FX5rqxm9Qd4r4M0cPZwvBYwsByVnWN5gFfuUbNpIXLB_w==
GET H2	200	schemaFilter.bundle.f63551a29dc1697f71b6.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	24ms 24ms	Script application/javascript	108.138.32.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/OrEyJFnNeKqtmce9hF53In2Cf79SQqNo/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.32.174 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-32-174.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83 Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 03 Oct 2023 01:37:17 GMT x-amz-version-id Q83vlLXgyWB6DuTGnFxHLMCEzu8jknn5 content-encoding br via 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 age 10502180 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 03 Oct 2023 01:26:38 GMT server AmazonS3 etag W/"2a359f6227308e4ee31623f9381ae1d7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id gtNODTdpZ_k3lP7SkHoR8qx1fwNQAUpKIyO6-2AKRSxeYstSi50nXA==
POST H2	200	p Show response api.segment.io/v1/	21 B 174 B	594ms 193ms	Fetch application/json	35.163.144.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/OrEyJFnNeKqtmce9hF53In2Cf79SQqNo/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-163-144-222.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://app.onboard.xyz date Thu, 01 Feb 2024 14:53:37 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET H3	200	213.da790c7f.chunk.js Show response app.onboard.xyz/static/js/	18 KB 6 KB	366ms 365ms	Script application/javascript	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/js/213.da790c7f.chunk.js Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/main.4aaebf7d.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 004ef6cc72ed180f095b294e09438afdf00422aaf647423f8defc8fa19ef22d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:37 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Jan 2024 01:33:01 GMT server AmazonS3 etag W/"28143733bc503fd380ceae30af7d4b10" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control public, max-age=0, s-maxage=2 x-amz-cf-id NKoQlHA_AMha5l-0Sh3FZdwMdYJS4zI-YkGey8_f6f4wen2GRSsZ-A==
GET H2	200	/ Show response api.country.is/	60 B 521 B	284ms 201ms	Fetch application/json	2606:4700:20::ac43:4bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.country.is/ Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98c9f06c7d484c8202b1fa9d2bb454660791e5dbb55afe323529f6c576b88f67 Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:37 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3c-FrHrkIMyKSXCwlgzgU3QVZdNGhU" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pYD5Gb9cv%2FxqFgGdtokQKKWmX0f7Bjtp%2FNzLvkbrUBS5BqcYsOJjayPj%2FLIjbLIsBlDmObef8ZIjxD6mtswyCCex4KZhzjnAkWH60uL%2FVlDcHH5ay0ZzNCmk3yG2aA%2BlTg%2Fqh7m%2B4nhIY42"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache cf-ray 84eb0665ba1a5d3c-FRA
GET H2	200	0x0000000000000000000000000000000000000000.png crypto-assets.nestcoin.com/bsc/	16 KB 16 KB	856ms 703ms	Image image/png	2606:4700:3034::6815:178d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-assets.nestcoin.com/bsc/0x0000000000000000000000000000000000000000.png Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:178d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ceadd0447350643dd0828120b3768ffad23c857d3e127a730217a3a1a03dbcc Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:38 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 1YP0A7KAGR6HB8HG alt-svc h3=":443"; ma=86400 content-length 16072 x-amz-id-2 zfkwhRbOKStRpBA8aatn8pzgtDiIpxL3ttEhbiR368z3zdicrJi7eyTaZG8a2ZCytHe6to7+WyI= last-modified Tue, 12 Jul 2022 19:41:52 GMT server cloudflare etag "b685ee1d30b1839ccad4ff935dfabb80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D12bXlZwL8Wmrl54P45HzhAsN0EQ5daWMO2rpj6pRSG44M7jBcnnZdASEz%2FduXCsQdW6IY8jo6U%2BGLI0XeN9ZUIUkUZiz8KKM1RHi4r8uSnc42ipDcDJY20jjBgvo3PgZbO8Z5m3zuyANQ3AyBVfERyQK26H6q5wtg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 84eb0666387063e5-LHR
GET H3	200	config Show response app.onboard.xyz/api/direct-accounts/deposits/	4 KB 4 KB	685ms 685ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/api/direct-accounts/deposits/config Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.25.2 / Resource Hash 32c99acb2f5c7f0d4134747bb6f99e6aa51702b4dd3f7f872761f621e953b2fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Thu, 01 Feb 2024 14:53:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) server nginx/1.25.2 x-amz-cf-pop MUC50-P2 x-frame-options SAMEORIGIN x-cache Miss from cloudfront content-type application/json cache-control no-store, max-age=0 alt-svc h3=":443"; ma=86400 x-amz-cf-id ZzMmkvHR33v3z7JcsCHDfNTB7oBhu9alZWM1nwNRIHZGk_WG2U0-zg== x-xss-protection 1; mode=block expires Wed, 31 Jan 2024 14:53:38 GMT
GET H3	200	configs Show response app.onboard.xyz/api/asset-manager/	43 KB 6 KB	711ms 711ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/api/asset-manager/configs Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.25.2 / Resource Hash 365875d3eb201c7fd2cbfd3cdb6303093091edef3e3c0f0224fd41e5ac9b1f4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 server nginx/1.25.2 etag W/"ac85-mPmipGrLxkLctDuqBSLm4HHZniQ" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, max-age=0 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization x-amz-cf-id 2MiqN0QgRsNUIv-DtA-OFUbBKTurWVUTS12xkMvi4K8HIeuLCwUjMQ== expires Wed, 31 Jan 2024 14:53:38 GMT
GET H3	200	currencies Show response app.onboard.xyz/bridge-api/	258 B 982 B	657ms 657ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/bridge-api/currencies?countryCode=NG Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a9edfa57593db98ee941267dd8b4a6999b976fb806940e71b147d8c527609108 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ x-auth-token accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:38 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy require-corp x-dns-prefetch-control off x-cache Miss from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 content-length 258 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"102-cD9/ZmNgYSchH6xo49ipWUtQ1i8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-amz-cf-id e8jIDPVrx364_VksekUR3Vs0qS9bhjn6UBy8K9nfeLZkUDu20f5QBQ==
GET H3	200	EuclidCircularA-Regular-UCHKM67C.b703f3f2c78ff33a7b35.woff app.onboard.xyz/static/media/	49 KB 50 KB	459ms 458ms	Font font/woff	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/media/EuclidCircularA-Regular-UCHKM67C.b703f3f2c78ff33a7b35.woff Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 533f4f4163c3bb2f724adb2838a99e474f36b159297584eedddb1976e550db0f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Origin https://app.onboard.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:37 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 50468 last-modified Tue, 30 Jan 2024 01:33:02 GMT server AmazonS3 etag "0e7e50d37dd46a3c84f9ecd4c5f8d098" x-frame-options SAMEORIGIN content-type font/woff cache-control public, max-age=0, s-maxage=2 accept-ranges bytes x-amz-cf-id gOVBjD8lvjdXnPwveUmccBEPJxi3lE55bVGWKunU--ookBeFmT2_IQ==
GET H3	200	EuclidCircularA-SemiBold-E33NNXOI.bee5e762c1ad70ecd4b8.woff app.onboard.xyz/static/media/	49 KB 50 KB	463ms 463ms	Font font/woff	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/media/EuclidCircularA-SemiBold-E33NNXOI.bee5e762c1ad70ecd4b8.woff Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 023eef3e818b214eafb175d5474f37e46ecaefc4f6690646787714af443647e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Origin https://app.onboard.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:37 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 50648 last-modified Tue, 30 Jan 2024 01:33:02 GMT server AmazonS3 etag "a4fe469e78e3322354ce2c782ff77e99" x-frame-options SAMEORIGIN content-type font/woff cache-control public, max-age=0, s-maxage=2 accept-ranges bytes x-amz-cf-id gpS5ivYbFTQdmdPX0LETLCb2AjHe7k4fAHF6ifPQ1wIxJjHEmxt86Q==
GET H3	200	EuclidCircularA-Medium-TDTSXA7N.1278c0b7aee3282a341c.woff app.onboard.xyz/static/media/	50 KB 50 KB	451ms 450ms	Font font/woff	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/media/EuclidCircularA-Medium-TDTSXA7N.1278c0b7aee3282a341c.woff Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bce98081bccf38a8e91290f1356c96f823b8847075e20388b5ae223c229f988d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Origin https://app.onboard.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:37 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 50820 last-modified Tue, 30 Jan 2024 01:33:02 GMT server AmazonS3 etag "fdcc4e3317073c40e34037c1bc43f82e" x-frame-options SAMEORIGIN content-type font/woff cache-control public, max-age=0, s-maxage=2 accept-ranges bytes x-amz-cf-id IJlBUC1uLyqvkp2GN6z8_sJKUXIY9Ws7ZOcXgJkd2ikW-P_lGaZdBA==
POST H2	200	i Show response api.segment.io/v1/	21 B 173 B	192ms 192ms	Fetch application/json	35.163.144.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/i Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-163-144-222.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://app.onboard.xyz date Thu, 01 Feb 2024 14:53:37 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET BLOB	200 OK	e107809a-d390-41f3-9dba-51599c65e566 https://app.onboard.xyz/	46 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://app.onboard.xyz/e107809a-d390-41f3-9dba-51599c65e566 Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Length 46922 Content-Type
GET H3	200	price Show response app.onboard.xyz/api/rates/	9 B 368 B	652ms 652ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/api/rates/price?symbolPairs= Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.25.2 / Resource Hash 212c5e659097c7b11239deafda2dddeec70b141d9d540cc8eb7fc390982c8178 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 9 server nginx/1.25.2 etag W/"9-MGfFmoS+QbM431NC/iAzQ/5pWmE" x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, max-age=0 x-amz-cf-id xUg2vb1s-Nbcl377XWzoCWB8Gl1p2i4krptkLFQY0TPoDxe3kE6jsA== expires Wed, 31 Jan 2024 14:53:38 GMT
GET H3	200	match Show response app.onboard.xyz/api/offers/	20 KB 4 KB	584ms 584ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/api/offers/match?offerType=OFFRAMP&limit=10 Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.25.2 / Resource Hash eaee4235e28513d8b65bfc0f2f4f89df443fb121af3c780ed8353d2ec9432fba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 server nginx/1.25.2 etag W/"4f4b-JyuhOHlz1hBYp9Q1S3j1EFs8t5w" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, max-age=0 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization x-amz-cf-id ZC-65iDUS0uFGNiWTe0xeBpko-_Udde0f4EpRIai8RkacjawfswdTw== expires Wed, 31 Jan 2024 14:53:38 GMT
POST H2	200	t Show response api.segment.io/v1/	21 B 173 B	193ms 193ms	Fetch application/json	35.163.144.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/t Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-163-144-222.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://app.onboard.xyz date Thu, 01 Feb 2024 14:53:38 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET H3	200	networks Show response app.onboard.xyz/bridge-api/tokens/	882 B 2 KB	659ms 659ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/bridge-api/tokens/networks Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d9787a340bb94f5eb2885005312dce95372e98ffdf178825799177fa16e89370 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ x-auth-token accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:38 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy require-corp x-dns-prefetch-control off x-cache Miss from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 content-length 882 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"372-6If+54Ec+xdz06jROqw0o3ygFpw" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-amz-cf-id JRQnqUHiSlKX-8zevKmQANYqr0mEYXlGa_hZZwZ8nPJCc-a9flyw8Q==
GET H/1.1	200 OK	NG.png s3.us-west-2.amazonaws.com/country-flags-staging.getonboard.co/	398 B 754 B	616ms 212ms	Image image/png	52.218.177.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.us-west-2.amazonaws.com/country-flags-staging.getonboard.co/NG.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.177.128 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 298409d30ad17f65613e2fdb9438e3a2704d29659d7b56c56e3a77b0771ebea3 Request headers accept-language de-DE,de;q=0.9 Referer https://app.onboard.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 14:53:39 GMT Last-Modified Mon, 16 May 2022 17:46:33 GMT Server AmazonS3 x-amz-request-id ZRT2RK70DGSHHS6M ETag "75cbe7b3495103ee1b541cf12cf2d33a" Content-Type image/png Accept-Ranges bytes Content-Length 398 x-amz-id-2 aXjqYLiMkt0y05nmvqpcj2X4p+CYYPsRSbE93wanV82PCws71PJ6BIcsTuSwPkTy8ZALvpMJEUM=
GET H3	200	match Show response app.onboard.xyz/api/offers/	17 KB 4 KB	768ms 768ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/api/offers/match?tokenSymbol=USDT&offerType=OFFRAMP&limit=10 Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.25.2 / Resource Hash 6c7488167ebde5499d82296ca6812f5a2e25be89a876fc37d91768c8e9f9d712 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 server nginx/1.25.2 etag W/"44ec-jAIwW1SAhi0SoIdwYhPsu5GlC/M" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, max-age=0 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization x-amz-cf-id nb_4QUl51uGu0k-fap2gz49ux1L8YiRmbqMAekTP9oftgiqnCh51qQ== expires Wed, 31 Jan 2024 14:53:39 GMT
GET H3	200	currencies Show response app.onboard.xyz/bridge-api/	258 B 982 B	695ms 695ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/bridge-api/currencies?countryCode=NG Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a9edfa57593db98ee941267dd8b4a6999b976fb806940e71b147d8c527609108 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ x-auth-token accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:39 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy require-corp x-dns-prefetch-control off x-cache Miss from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 content-length 258 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"102-cD9/ZmNgYSchH6xo49ipWUtQ1i8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-amz-cf-id Es-9r9F-0LcfjUDUqToWob5xdqErTHwTE7YHQmrBfpl1EKEMymH0_g==
GET H3	200	match Show response app.onboard.xyz/api/offers/	12 KB 3 KB	670ms 669ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/api/offers/match?tokenSymbol=USDT&fiatSymbol=NGN&offerType=OFFRAMP&limit=10 Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.25.2 / Resource Hash 2fb2f1680ff26e8e5b40d48a334b1831a6589e2be48ad3c4dd7406199457fe49 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-amz-cf-pop MUC50-P2 via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 server nginx/1.25.2 etag W/"3075-uv9nmnwgZN1on9I0kTgPjHcWL0M" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, max-age=0 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization x-amz-cf-id J12pkcxyVeLkyvObAW02uFje208jrp9A9VPyn77mV6Ak-c5QD9D7sQ== expires Wed, 31 Jan 2024 14:53:38 GMT
GET H3	200	payment-channels Show response app.onboard.xyz/bridge-api/	91 B 813 B	673ms 673ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/bridge-api/payment-channels Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a393c99edf258c9d1904201eb02514c1f4da1a036c4943b30025cbe52e8e1863 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:39 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy require-corp x-dns-prefetch-control off x-cache Miss from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 content-length 91 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"5b-V5mdK5q7Pt3Yo9VCsrpqAp6vWbY" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-amz-cf-id 7eK-VXEikY1Esk3jYu4bdsYCAU3FH820hLu9Dj161tKPP8d8Wm5KTw==
GET H3	200	Satoshi-Black-GPBLQBZ5.ee13a5e6ad48a42e5951.woff app.onboard.xyz/static/media/	33 KB 33 KB	463ms 463ms	Font font/woff	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/static/media/Satoshi-Black-GPBLQBZ5.ee13a5e6ad48a42e5951.woff Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4b29b9f447bdeb45c4b77f7dc213ff6014e481f35a8ec3ca816ac2b2a637ba8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://app.onboard.xyz/static/css/ui.5e8a6c1b.css Origin https://app.onboard.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 33552 last-modified Tue, 30 Jan 2024 01:33:02 GMT server AmazonS3 etag "134bb1e7d1f5404348b9f46735367d87" x-frame-options SAMEORIGIN content-type font/woff cache-control public, max-age=0, s-maxage=2 accept-ranges bytes x-amz-cf-id FgGlody3_7hN1AD_xJIezTE7EB-tjH-Krj6BGAzcYWzVkJVd87CM9g==
GET H3	200	networks Show response app.onboard.xyz/bridge-api/tokens/	882 B 2 KB	673ms 673ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/bridge-api/tokens/networks Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d9787a340bb94f5eb2885005312dce95372e98ffdf178825799177fa16e89370 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ x-auth-token accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:39 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy require-corp x-dns-prefetch-control off x-cache Miss from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 content-length 882 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"372-6If+54Ec+xdz06jROqw0o3ygFpw" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-amz-cf-id QvWFcCNl-1GyzHmaq-ss76YQinHeBdvCz0iluVHpGv8U1EF53a5wwg==
GET H3	200	tokens Show response app.onboard.xyz/bridge-api/	33 KB 4 KB	735ms 735ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/bridge-api/tokens?page=1&size=50 Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 3da4adde5baab5a310e988d2ce5416b7d531ab07b66430ab73e79d6fd3d17aef Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ x-auth-token accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:40 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy require-corp x-dns-prefetch-control off x-cache Miss from cloudfront via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"85c6-HeBQSFqlNtaSqcDjFg4XBdyX9AM" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-amz-cf-id B3yhfSf7pXUR5WdT9xuVUBw98o8yad3nnlZl-aUUMcY2wnAPwispDA==
GET H3	200	payment-channels Show response app.onboard.xyz/bridge-api/	91 B 815 B	681ms 681ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/bridge-api/payment-channels Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a393c99edf258c9d1904201eb02514c1f4da1a036c4943b30025cbe52e8e1863 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:40 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy require-corp x-dns-prefetch-control off x-cache Miss from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 content-length 91 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"5b-V5mdK5q7Pt3Yo9VCsrpqAp6vWbY" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-amz-cf-id M9R1DcXlrPkJ2eDRGhB1UuXyZAMZfwtoLC7EuFkV7wbKDN5Qy19pvg==
GET H3	200	tokens Show response app.onboard.xyz/bridge-api/	33 KB 4 KB	729ms 729ms	XHR application/json	2600:9000:237d:4800:4:afab:1f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.onboard.xyz/bridge-api/tokens?page=1&size=50 Requested by Host: app.onboard.xyz URL: https://app.onboard.xyz/static/js/vendors.cc4f7a7e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:237d:4800:4:afab:1f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 3da4adde5baab5a310e988d2ce5416b7d531ab07b66430ab73e79d6fd3d17aef Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept application/json, text/plain, */* Referer https://app.onboard.xyz/ x-auth-token accept-language de-DE,de;q=0.9 authorization Bearer 96099761914820041416241552979240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 14:53:41 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy require-corp x-dns-prefetch-control off x-cache Miss from cloudfront via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"85c6-HeBQSFqlNtaSqcDjFg4XBdyX9AM" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-amz-cf-id TmQITjMUAR_8j2ynUgrLjBa-rbiwaKRni07Vu_ukUb81e956kE86hg==

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| analytics object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkcustomer object| regeneratorRuntime object| __tireLock function| _ object| __SENTRY__ object| onboardEventBus function| captureError object| __sentry_instrumentation_handlers__

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.onboard.xyz/	1970-01-21 02:52:15	Name: ajs_anonymous_id Value: 388cbb01-35bd-44ca-9de4-e77ba87c2501
			.onboard.xyz/	1970-01-21 02:52:15	Name: ajs_user_id Value: 6861262e-0ec9-4935-8717-cc7f228ed63b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KG9V7LR Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.country.is
api.segment.io
app.onboard.xyz
cdn.segment.com
crypto-assets.nestcoin.com
s3.us-west-2.amazonaws.com
www.googletagmanager.com
108.138.32.174
2600:9000:237d:4800:4:afab:1f00:93a1
2606:4700:20::ac43:4bc7
2606:4700:3034::6815:178d
2a00:1450:4001:810::2008
35.163.144.222
52.218.177.128
004ef6cc72ed180f095b294e09438afdf00422aaf647423f8defc8fa19ef22d8
023eef3e818b214eafb175d5474f37e46ecaefc4f6690646787714af443647e7
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1c8350c8964f0549808e8fdade5bb023a49224c68c27768fb8dfe7bda2a0f5de
1ceadd0447350643dd0828120b3768ffad23c857d3e127a730217a3a1a03dbcc
212c5e659097c7b11239deafda2dddeec70b141d9d540cc8eb7fc390982c8178
260ecc9e47312bfab699ab129df6b937d8696ba05a567009746b8b302ebb336e
298409d30ad17f65613e2fdb9438e3a2704d29659d7b56c56e3a77b0771ebea3
2fb2f1680ff26e8e5b40d48a334b1831a6589e2be48ad3c4dd7406199457fe49
32c99acb2f5c7f0d4134747bb6f99e6aa51702b4dd3f7f872761f621e953b2fb
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
365875d3eb201c7fd2cbfd3cdb6303093091edef3e3c0f0224fd41e5ac9b1f4c
3da4adde5baab5a310e988d2ce5416b7d531ab07b66430ab73e79d6fd3d17aef
4b29b9f447bdeb45c4b77f7dc213ff6014e481f35a8ec3ca816ac2b2a637ba8e
533f4f4163c3bb2f724adb2838a99e474f36b159297584eedddb1976e550db0f
697c633bd39ba8781035548a16a43cf92821bedf7efb9edd8b0546abdf3dd253
6c7488167ebde5499d82296ca6812f5a2e25be89a876fc37d91768c8e9f9d712
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
937fdc34a520b0d33f85ce1cd8c7f55026531589ee5a17b769c2173b83446474
98c9f06c7d484c8202b1fa9d2bb454660791e5dbb55afe323529f6c576b88f67
a393c99edf258c9d1904201eb02514c1f4da1a036c4943b30025cbe52e8e1863
a9edfa57593db98ee941267dd8b4a6999b976fb806940e71b147d8c527609108
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
ba29aaa38ce85b43e29ae15e4f6ebb666a48189482ede851e9cdf7d1c83795b3
bce98081bccf38a8e91290f1356c96f823b8847075e20388b5ae223c229f988d
c0a1c4972e9c720615b23af6386c9939010115b173b34b9a212ecf76e8649c51
d9787a340bb94f5eb2885005312dce95372e98ffdf178825799177fa16e89370
e0bda9134b90f246de60167df2e3e0eca56c04d965f71786ecf6efd48fa22ce7
eaee4235e28513d8b65bfc0f2f4f89df443fb121af3c780ed8353d2ec9432fba