urlscan.io logo urlscan.io
SecurityTrails logo

www.xapobank.com Open in urlscan Pro
104.18.13.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.xapobank.com/cY18
Effective URL: https://www.xapobank.com/app/membership
Submission: On July 10 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 35 HTTP transactions. The main IP is 104.18.13.28, located in and belongs to CLOUDFLARENET, US. The main domain is www.xapobank.com.
TLS certificate: Issued by E6 on June 27th 2024. Valid for: 3 months.
This is the only time www.xapobank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.65.195 54113 (FASTLY)
1 1 104.16.197.87 13335 (CLOUDFLAR...)
1 2 104.18.13.28 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.244.20.40 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:26d... 16509 (AMAZON-02)
1 2600:1901:0:3... 15169 (GOOGLE)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
11 99.86.8.175 16509 (AMAZON-02)
1 172.64.153.29 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 146.75.120.157 54113 (FASTLY)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
35 16
1    151.101.65.195 (San Francisco, United States)

ASN54113 (FASTLY, US)
app.xapobank.com
1    104.16.197.87 (None, )

ASN13335 (CLOUDFLARENET, US)
xapo.com
2    104.18.13.28 (None, )

ASN13335 (CLOUDFLARENET, US)
www.xapobank.com
4    2606:4700:4400::ac40:991d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    18.244.20.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-40.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700::6812:8a2d (United States)

ASN13335 (CLOUDFLARENET, US)
sgmnt.xapo.com
2    2600:9000:26da:8c00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.website-files.com
1    2600:1901:0:314:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
g9904216750.co
2    2600:1901:0:7d2:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
g1584674684.co
11    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
1    172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
3    2606:4700::6812:892d (United States)

ASN13335 (CLOUDFLARENET, US)
sgmnt-api.xapo.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
11 segment.com
cdn.segment.com — Cisco Umbrella Rank: 3092
54 KB
7 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 11437
assets.website-files.com — Cisco Umbrella Rank: 22355
301 KB
5 xapo.com
xapo.com — Cisco Umbrella Rank: 453340
sgmnt.xapo.com
sgmnt-api.xapo.com
33 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 671
px4.ads.linkedin.com — Cisco Umbrella Rank: 7218
2 KB
3 xapobank.com
app.xapobank.com
www.xapobank.com
10 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 232
71 KB
2 g1584674684.co
g1584674684.co — Cisco Umbrella Rank: 177080
2 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1254
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1900
14 KB
1 g9904216750.co
g9904216750.co — Cisco Umbrella Rank: 314032
295 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
11 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
35 12
Domain Requested by
11 cdn.segment.com sgmnt.xapo.com
cdn.segment.com
5 cdn.prod.website-files.com www.xapobank.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 sgmnt-api.xapo.com sgmnt.xapo.com
2 connect.facebook.net cdn.segment.com
connect.facebook.net
2 g1584674684.co www.xapobank.com
2 assets.website-files.com cdn.prod.website-files.com
2 www.xapobank.com 1 redirects
1 px4.ads.linkedin.com
1 static.ads-twitter.com cdn.segment.com
1 snap.licdn.com cdn.segment.com
1 g9904216750.co www.xapobank.com
1 sgmnt.xapo.com www.xapobank.com
1 cdn.jsdelivr.net www.xapobank.com
1 d3e54v103j8qbb.cloudfront.net www.xapobank.com
1 xapo.com 1 redirects
1 app.xapobank.com 1 redirects
35 17

This site contains no links.

Subject Issuer Validity Valid
www.xapobank.com
E6		 2024-06-27 -
2024-09-25		 3 months crt.sh
prod.website-files.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-30 -
2024-08-28		 a year crt.sh
*.website-files.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-08		 a year crt.sh
g9508048080.co
WR3		 2024-06-21 -
2024-09-19		 3 months crt.sh
g1584674684.co
WR3		 2024-06-24 -
2024-09-22		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-18 -
2024-07-17		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://www.xapobank.com/app/membership
Frame ID: 50F8C6452909DE3A07049336C43CE5E1
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Membership

Page URL History Show full URLs

  1. https://app.xapobank.com/cY18 HTTP 302
    https://xapo.com/app/membership/ HTTP 301
    https://www.xapobank.com/app/membership/ HTTP 301
    https://www.xapobank.com/app/membership Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

35
Requests

97 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

16
IPs

3
Countries

540 kB
Transfer

2066 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.xapobank.com/cY18 HTTP 302
    https://xapo.com/app/membership/ HTTP 301
    https://www.xapobank.com/app/membership/ HTTP 301
    https://www.xapobank.com/app/membership Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4878945&time=1720591042804&url=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4878945&time=1720591042804&url=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership&e_ipv6=AQJkQv2DEKHGogAAAZCbN8muJMczoPaj8JWw0wPVI6c5ymmLakXuvWByq6cykdE6gciBu90

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request membership
www.xapobank.com/app/
Redirect Chain
  • https://app.xapobank.com/cY18
  • https://xapo.com/app/membership/
  • https://www.xapobank.com/app/membership/
  • https://www.xapobank.com/app/membership
23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abacd6c053958442b8559937661bbedba08f681f7053b8a912b43e27c1d1b266
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
758295
cf-cache-status
DYNAMIC
cf-ray
8a0e50d8e89dbfc6-WAW
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Wed, 10 Jul 2024 05:57:21 GMT
permissions-policy
geolocation=(), microphone=(), camera=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding,x-wf-forwarded-proto
x-cache
MISS, HIT
x-cache-hits
0, 0
x-cluster-name
eu-west-1-prod-hosting-red
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-lambda-id
b9edc39b-4b67-434b-8602-572e05cf06fe
x-security-researcher
https://legal.xapobank.com/misc/responsible-disclosure-policy
x-served-by
cache-iad-kiad7000165-IAD, cache-dub4332-DUB
x-timer
S1720591042.644362,VS0,VE1
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8a0e50d6ff3dbfc6-WAW
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Wed, 10 Jul 2024 05:57:21 GMT
location
https://www.xapobank.com/app/membership
permissions-policy
geolocation=(), microphone=(), camera=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-security-researcher
https://legal.xapobank.com/misc/responsible-disclosure-policy
x-xss-protection
1; mode=block
xapo-bank-redesign.aafbdf1e7.min.css
cdn.prod.website-files.com/63e50679266c6f4d3006bade/css/ 		224 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/63e50679266c6f4d3006bade/css/xapo-bank-redesign.aafbdf1e7.min.css
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb97b43e565ab3bc9a9210a9f8add1a608ff5c7edfb301758ec6300117452043

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:21 GMT
content-encoding
gzip
x-amz-version-id
J93aG6830GiWX7wqVjiEp64rEMnn5Jo0
cf-cache-status
HIT
x-amz-request-id
DS9AHGXWECJJFS8E
age
178218
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
42282
x-amz-id-2
wWRJoZYPfKweWRK4j4fs3FIbS8JiEH70TRSrlfstoBiU/EDOf8X1J01HX3fYOAJ4aCYQVouUVFA=
last-modified
Mon, 24 Jun 2024 18:31:59 GMT
server
cloudflare
etag
"a899114d4c67e9e75f58fc4869e634b5"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a0e50dbada7381f-FRA
6436accce583a22d14ca4458_Message%20body.svg
cdn.prod.website-files.com/63e50679266c6f4d3006bade/ 		2 KB
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/63e50679266c6f4d3006bade/6436accce583a22d14ca4458_Message%20body.svg
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85930f9913e1a854e8e43681a32d7b0996ea251cb3d90109157442026726e337

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:21 GMT
x-amz-version-id
YvVLv2thJZN5M5MFh.I8jn4q9OtmcwDm
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
E9SY0M5TXVM8J5AM
age
1596788
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pV2iPxn9ESnAKhs+qcoKcc8F36DN9pX+3QPRIa1ztKeyuwQQ/g44nwOK7+2UjTwKmxHNMzRFAdo=
last-modified
Wed, 12 Apr 2023 13:06:21 GMT
server
cloudflare
etag
W/"073f92a142d9048d0b3e3b2a312525ce"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
8a0e50dbadac381f-FRA
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=63e50679266c6f4d3006bade
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-40.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.xapobank.com/
Origin
https://www.xapobank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:40:19 GMT
content-encoding
br
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
age
76623
x-amz-cf-pop
FRA56-P11
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
COYQH3JT5gETU7Jaw1ot_Lh9gzo7TFCJxXqjAGoo0KB3tGZLq-saiQ==
xapo-bank-redesign.d2caaf417.js
cdn.prod.website-files.com/63e50679266c6f4d3006bade/js/ 		1004 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/63e50679266c6f4d3006bade/js/xapo-bank-redesign.d2caaf417.js
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165bd0bc874e6533064c1fae95685eeb2501cc50b6344337b776a10a228ccca4

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:21 GMT
content-encoding
gzip
x-amz-version-id
IuDuG8azhXCW4mffSp3A3e1eBWXQQ3Fd
cf-cache-status
HIT
x-amz-request-id
W4X5WNFNBSB9BW5S
age
992774
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
198253
x-amz-id-2
55/igsHLM8Htt6eR5wnLQnQC5IpX7E/eCeXTPz+bdkLto3Aktq8T11JX6iwmpeLKLerTYsyC2x71XVu8IgmNcw==
last-modified
Mon, 24 Jun 2024 18:31:59 GMT
server
cloudflare
etag
"adb06d68fcf694ccd0fc66955de3f686"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a0e50dbadab381f-FRA
fs-cc.js
cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/cookie-consent@1/fs-cc.js
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bdeed7650697bd478a6b0591a9ea29664b04a6681a4f9f7c4c2d3d10cdae42a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Jul 2024 05:57:22 GMT
x-content-type-options
nosniff
content-encoding
br
age
28554
x-jsd-version
1.15.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10845
x-served-by
cache-fra-eddf8230135-FRA, cache-cph2320044-CPH
x-jsd-version-type
version
etag
W/"73ae-nwFPCwd3UXiTZ7YuAXjbCNGDpOw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
xapo.js
sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd27bac4384f8ec4decfe046408dca307452e38c521f9ad2a328500d15c7aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 05:57:22 GMT
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-version-id
jcAATovjt5q4HMzNrnUAju.9atI58pDC
CF-Cache-Status
HIT
x-amz-cf-pop
FRA6-C1
Age
23
Cf-Polished
origSize=105530
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
x-cache
Miss from cloudfront
Content-Encoding
gzip
x-amz-replication-status
COMPLETED
Connection
keep-alive
x-xss-protection
1; mode=block
referrer-policy
same-origin
Cf-Bgj
minify
last-modified
Thu, 30 May 2024 20:58:20 GMT
Server
cloudflare
etag
W/"3bfc86b347216c98c7e9a6b4a5021cfe"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
Content-Type
text/javascript; charset=utf-8
access-control-allow-origin
*
Cache-Control
public, max-age=14400
vary
Accept-Encoding
CF-RAY
8a0e50dccf1165ac-FRA
x-amz-cf-id
vExJSBsbtw76Vbn1ShHRaTB88jJr2JARdC5GGInCvJCVW-pryiL9Ww==
Expires
Wed, 10 Jul 2024 09:57:22 GMT
63e5097ed04942377bcdc08a_metric-2-medium.woff2
assets.website-files.com/63e50679266c6f4d3006bade/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.website-files.com/63e50679266c6f4d3006bade/63e5097ed04942377bcdc08a_metric-2-medium.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/63e50679266c6f4d3006bade/css/xapo-bank-redesign.aafbdf1e7.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
130f09ac4f1c794277b9a7ba3d47527f91311eaf8a1a3bd98a504998541832bd

Request headers

Referer
https://cdn.prod.website-files.com/
Origin
https://www.xapobank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 31 May 2024 18:03:27 GMT
x-amz-version-id
io75e.tCxvvsQstISDEm_CDgixcOW6UD
via
1.1 455035b7b3ab5f564b775e2968249d3e.cloudfront.net (CloudFront)
age
3412435
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30034
last-modified
Thu, 09 Feb 2023 14:56:00 GMT
server
AmazonS3
etag
"6f2eaef259d48e96cfc616d56c8bee25"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
ESJ6sMwDVamWv5ngn1vgq2erVwBTCL_ohfUrhYLLp65_djh-ThPQ9A==
63e5097e5d41d15022288728_metric-2-regular.woff2
assets.website-files.com/63e50679266c6f4d3006bade/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.website-files.com/63e50679266c6f4d3006bade/63e5097e5d41d15022288728_metric-2-regular.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/63e50679266c6f4d3006bade/css/xapo-bank-redesign.aafbdf1e7.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
328d81fcd83e08bb1e666c1d9d591fd44a7c0f372a1d7d1e3620d318db7d9d5f

Request headers

Referer
https://cdn.prod.website-files.com/
Origin
https://www.xapobank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 31 May 2024 18:03:27 GMT
x-amz-version-id
uUPN01Cu2qOI2zQvUnz1TDyUPdHOHo8I
via
1.1 455035b7b3ab5f564b775e2968249d3e.cloudfront.net (CloudFront)
age
3412435
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31248
last-modified
Thu, 09 Feb 2023 14:56:00 GMT
server
AmazonS3
etag
"f6baad35d83d139742fcc991d5a1e731"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
_zSYTEesC1xBbub8EkrTVXI3KMeBkm5ycQtpw4Obt60VX5SXvCygcQ==
63e50ac19d488659d1869e8a_Logo.svg
cdn.prod.website-files.com/63e50679266c6f4d3006bade/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/63e50679266c6f4d3006bade/63e50ac19d488659d1869e8a_Logo.svg
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e657cc387e7ced0ce04a439a8c9bf4aca407b3fe1f1998551ce265f10610cad1

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:21 GMT
x-amz-version-id
0CKSil6pI_2fgWfmb5wtzev6.RlwGOGM
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
AVZWMVSHQDHRXAJ2
age
3423614
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
W/HVGV5XVNehbmjH8nWeaiHzJCj8wZnxqvj5D6rpC+XxnHNHqFusceiBf+6Cu0tUHDjP9apJ4EI=
last-modified
Thu, 09 Feb 2023 15:01:23 GMT
server
cloudflare
etag
W/"48972a24613ceda92d9962aa4ebf0e93"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
8a0e50dc2e27381f-FRA
gb
g9904216750.co/ 		26 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g9904216750.co/gb?id=-NoNLrbzV4m1f_uNoXQJ&refurl=&winurl=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:314:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
da103d821f382c20662d437ccd1a622b9679059041dbb7228902d8d4bbb8c2a8

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
etag
W/"1a-MH0W8JAojBy17oKnhBdT5CRM8HU"
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
843532fb0855370091c4d5b759f6b9ab
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
gc
g1584674684.co/ 		615 B
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1584674684.co/gc?winurl=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership&refurl=&id=-NXWW4vZWmRgyQeSMPjA
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
1bd347129814f5695783b4971a49d8b561ab6a408e2d4f97730ba2b4bebef148

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
etag
W/"267-xe9mUClRox7Rej46jOC4yJ8uj0Q"
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
9fc056fe1cf70913e577cbe467575be3
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
615
gc
g1584674684.co/ 		615 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1584674684.co/gc?winurl=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership&refurl=&id=-O0ASuT3sp1AhbRpppMr
Requested by
Host: www.xapobank.com
URL: https://www.xapobank.com/app/membership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
4b2e2c1b657d66e10950c36d6bb606a38571379e7e36e50493d2582d3180d3e0

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
etag
W/"267-7ebWgeLoY/N2VMhXRE5ZtWgeceY"
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
75a8b0f0bc2dabff9300f9ce81089fe8
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
615
settings
cdn.segment.com/v1/projects/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/settings
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b870857005bf9e0266ac3a80f31ff96a7bc13c780ebd5345954649043978442

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
A5Vk.V7scORhZ4zBhgsLtokhBEgQ8lDv
content-encoding
gzip
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 04:28:42 GMT
x-amz-cf-pop
FRA6-C1
age
6150
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jun 2024 11:22:59 GMT
server
AmazonS3
etag
W/"b1c4430249b5d98f5dbc6242796ca659"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
jXPyHK8tvNN40qRuuONzOhs1l55zJ7PWkgroI7-edu-xbJH1qh2new==
63fcc09ddb42f5518c4c2263_Favicon_new.png
cdn.prod.website-files.com/63e50679266c6f4d3006bade/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/63e50679266c6f4d3006bade/63fcc09ddb42f5518c4c2263_Favicon_new.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cacb98aafa8d4ae530792cefa728937601f264ed3b0004bbdba463cc7e1eb9a

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
x-amz-version-id
duasAsqMv0j9HAMbsICVC0qHlgWyqH9a
cf-cache-status
HIT
x-amz-request-id
QHT21J1HDBQW8DFT
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
1028
x-amz-id-2
uWkie0paiDlSyrlehjcF2XekS5KcLJWetxzoLrlZ8FOqOd7T6HpXO7GhWp651+pZYWm+lwiYpj7gj1yFKeIZeOgsdpqcfYgB
last-modified
Mon, 27 Feb 2023 14:39:27 GMT
server
cloudflare
etag
"1aa9c29cd3099222bd01059c8e8e62e0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a0e50dde8a46a78-TXL
870.bundle.6e2976b75e60ab2b2bf8.js
cdn.segment.com/analytics-next/bundles/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/870.bundle.6e2976b75e60ab2b2bf8.js
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da691c9121865cc84cb038acd5c8cc3b8adcd480c4f1edeaa8bbf8acd532ee0f

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 29 Jun 2024 20:08:56 GMT
x-amz-version-id
Ht3wjjXMsAbMOA5X2_VuM3bmXcLsc.U2
content-encoding
br
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
899307
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 28 Jun 2024 21:56:36 GMT
server
AmazonS3
etag
W/"69ff6d99504e355f116e0d507f3dcf2b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
u1WDD80xFEpgwIYakMR4FBBMCl40g6Y7yfbqKuKRICru7P4hnxfIiA==
tsub-middleware.bundle.77315eced46c5ae4c052.js
cdn.segment.com/analytics-next/bundles/ 		568 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.77315eced46c5ae4c052.js
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0857d11fef8be7a02171417365501f07d12e4d0fd4969a8ce43b9adffb7b1158

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 02 Jul 2024 19:20:35 GMT
x-amz-version-id
Irzpvvh3xcwltgUoIKYIehQRaoD5Cam4
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
643008
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
568
last-modified
Tue, 02 Jul 2024 17:38:14 GMT
server
AmazonS3
etag
"2e2a6826c25f4a2f22f0112c0e467584"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
C61Omh8Ov59xtWwGkK_HZ2Kr39M8n2xsti4K0MqpO24rNZB2ihgTwg==
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:52 GMT
x-amz-version-id
y1rPlIgvelxNE1YxH.dn4iIroP2Pnn0U
content-encoding
br
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1330770
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
FqY27eEdmEE4UCnNLrHaW8dLveBkxtq9N_7hDz2ElLs7JRbeGsu8yQ==
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:54 GMT
x-amz-version-id
fFM2.Q5O21tbOz6I0BWTT24IeUb4pa6L
content-encoding
br
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1330769
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
YENvbSTvEGmNpJ1geDa9YGCYGIHKNyxziaOMWOFBNya95mjdzlx08Q==
ad70603567d2fd1e96e9.js
cdn.segment.com/next-integrations/actions/YW1wbGl0dWRlLXBsdWdpbnM/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/YW1wbGl0dWRlLXBsdWdpbnM/ad70603567d2fd1e96e9.js
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d20fef5c39a29496573f320ec20c08d6f3fe386635f87de035e89d24fdd40556

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
WQXdd48iHBf29RDuRwwNMTv6HkY9JXFL
content-encoding
br
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 00:44:35 GMT
x-amz-cf-pop
FRA6-C1
age
18896
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jul 2024 17:58:54 GMT
server
AmazonS3
etag
W/"d182a0c483cdfe192fbae74b56192b30"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
56Po5fqbrnl8w7xG2rd00dqSZKFn_xx-F8cqQywUN2OPs7z8xsk9-g==
2d04d1da143afcea0dd4.js
cdn.segment.com/next-integrations/actions/845/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/YW1wbGl0dWRlLXBsdWdpbnM/ad70603567d2fd1e96e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6QwFHwiTFjRaoadUFPfbiMxzeAQ1Qs2f
content-encoding
br
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 01:23:12 GMT
x-amz-cf-pop
FRA6-C1
age
17607
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jul 2024 17:58:54 GMT
server
AmazonS3
etag
W/"3d84aa516e4818a6f28f1cad3a20212d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
_wQKu5xSIEWTZNa8C-ovoZDW-HqNPDizD7MdnEM_ThLRHQT-82U3Zg==
ZmFjZWJvb2stcGl4ZWw.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/ZmFjZWJvb2stcGl4ZWw/2.11.5/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/ZmFjZWJvb2stcGl4ZWw/2.11.5/ZmFjZWJvb2stcGl4ZWw.dynamic.js.gz
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4df53644d1c9fd651ccfd697977eb07d94cd744b0a4997568d67cc25ef44e483

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 17:20:20 GMT
content-encoding
gzip
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-version-id
xCpsTe8xfuPHOavYUCVbSXBquECPE.OD
x-amz-cf-pop
FRA6-C1
age
563823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3273
last-modified
Mon, 03 Jun 2024 14:40:13 GMT
server
AmazonS3
etag
"a7cd49c834a0851140e3304c91cb34d0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
QF0Jxek3tWUNyHsaLJZ5bvsG613r4v9xlRdYILCSUUTvsfeRGCT6Ww==
dHdpdHRlci1hZHM.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/dHdpdHRlci1hZHM/2.5.2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/dHdpdHRlci1hZHM/2.5.2/dHdpdHRlci1hZHM.dynamic.js.gz
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f9db17db87a17891eee947a12ba2fb9d92aae5040c2c047d7eaece4b565c567

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Jul 2024 22:18:22 GMT
content-encoding
gzip
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-version-id
h3kpgTVEaSor8QW68c3AvDFxD00csGrQ
x-amz-cf-pop
FRA6-C1
age
373141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1971
last-modified
Mon, 03 Jun 2024 14:40:14 GMT
server
AmazonS3
etag
"e01d319dec2747f020224330d27d488b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
QF_Lf12SOQZJtn5odi-sJedIwFASli6b8ni4FG0RQE1XOvFc_rcqkg==
bGlua2VkaW4taW5zaWdodC10YWc.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/bGlua2VkaW4taW5zaWdodC10YWc/1.0.1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/bGlua2VkaW4taW5zaWdodC10YWc/1.0.1/bGlua2VkaW4taW5zaWdodC10YWc.dynamic.js.gz
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36f9bf7f4514edb409609f496bb668dcf33cbaa9f6a3219663f631014c726a97

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 07 Jul 2024 00:54:34 GMT
content-encoding
gzip
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-version-id
Gt.OpEjNulvPhyFgBWHlS27r_IG.P7G9
x-amz-cf-pop
FRA6-C1
age
277369
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1062
last-modified
Mon, 03 Jun 2024 14:40:14 GMT
server
AmazonS3
etag
"e3b346a4f0b35b7ff884730f4c61cd2e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
S75IMrrRD0LK2WR3rzMa3HIyJmqsHSsngwi19do8B-gcyYlM-4Lr-Q==
p
sgmnt-api.xapo.com/v1/ 		21 B
926 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sgmnt-api.xapo.com/v1/p
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Jul 2024 05:57:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
same-origin
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
Server
cloudflare
expect-ct
max-age=86400, enforce
vary
Origin
x-frame-options
SAMEORIGIN
Content-Type
application/json
access-control-allow-origin
https://www.xapobank.com
Connection
keep-alive
CF-RAY
8a0e50e0eb54364e-FRA
Content-Length
21
x-xss-protection
1; mode=block
p
sgmnt-api.xapo.com/v1/ 		21 B
926 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sgmnt-api.xapo.com/v1/p
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Jul 2024 05:57:23 GMT
strict-transport-security
max-age=31536000
referrer-policy
same-origin
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
Server
cloudflare
expect-ct
max-age=86400, enforce
vary
Origin
x-frame-options
SAMEORIGIN
Content-Type
application/json
access-control-allow-origin
https://www.xapobank.com
Connection
keep-alive
CF-RAY
8a0e50e0faf04d5a-FRA
Content-Length
21
x-xss-protection
1; mode=block
t
sgmnt-api.xapo.com/v1/ 		21 B
926 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sgmnt-api.xapo.com/v1/t
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Jul 2024 05:57:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
same-origin
CF-Cache-Status
DYNAMIC
x-content-type-options
nosniff
Server
cloudflare
expect-ct
max-age=86400, enforce
vary
Origin
x-frame-options
SAMEORIGIN
Content-Type
application/json
access-control-allow-origin
https://www.xapobank.com
Connection
keep-alive
CF-RAY
8a0e50e0eced364f-FRA
Content-Length
21
x-xss-protection
1; mode=block
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: sgmnt.xapo.com
URL: https://sgmnt.xapo.com/wbcno2geq8cDsLABwl0dd7YGQubTpbGF/xapo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:32:38 GMT
content-encoding
gzip
via
1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-version-id
V.SxMmReU8g28xcE4bFlqm5TAakYuTpt
x-amz-cf-pop
FRA6-C1
age
77085
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21911
last-modified
Mon, 03 Jun 2024 14:40:11 GMT
server
AmazonS3
etag
"c467a63b2e7c3a99be423ace649014d8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
-bdg8vK38fOG6c63fq1NVVmU_R044pGIZSBywBcfzYUrZ-Dnvd-RMw==
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 Jul 2024 05:57:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
g9B9N++vxFWPHkUMZzqFPqFhzmPqfNpYgNQecvnGU31hstdcKo8zpNDgx6qElrmdzyRMEFwF0V8b2VmvjZtMYA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:46:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=66121
accept-ranges
bytes
content-length
14004
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220109-FRA
attribution_trigger
px.ads.linkedin.com/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=4878945&time=1720591042804&url=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache
CONFIG_NOCACHE
x-li-uuid
AAYc3lHrxXHjh6KmwVJNjA==
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7AD8CDFE29964C6DBB561C9D11C0EAAB Ref B: FRAEDGE2014 Ref C: 2024-07-10T05:57:22Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lva1
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-fs-uuid
00061cde51ebc571e387a2a6c1524d8c
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4878945&time=1720591042804&url=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4878945&time=1720591042804&url=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership&e_ipv6=AQJkQv2DEKHGogAAAZCbN8muJMczoPaj8JWw0wPVI6c5ymmLakXuvWByq...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4878945&time=1720591042804&url=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership&e_ipv6=AQJkQv2DEKHGogAAAZCbN8muJMczoPaj8JWw0wPVI6c5ymmLakXuvWByq6cykdE6gciBu90
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6BDA796D8B9E4C788BAC143CCB111EF9 Ref B: DUS30EDGE0918 Ref C: 2024-07-10T05:57:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYc3lHvYpu9Ky9BZdkmPw==

Redirect headers

date
Wed, 10 Jul 2024 05:57:22 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B5E42E6DB28C479BA53B0906E46F7053 Ref B: FRAEDGE1416 Ref C: 2024-07-10T05:57:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4878945&time=1720591042804&url=https%3A%2F%2Fwww.xapobank.com%2Fapp%2Fmembership&e_ipv6=AQJkQv2DEKHGogAAAZCbN8muJMczoPaj8JWw0wPVI6c5ymmLakXuvWByq6cykdE6gciBu90
x-li-proto
http/2
content-length
0
x-li-uuid
AAYc3lHrtTlNx0wUZwYtIg==
774278844323257
connect.facebook.net/signals/config/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/774278844323257?v=2.9.160&r=stable&domain=www.xapobank.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0450aa22a25cea1af74ee5224132a7a0a5e0e75455a17e5da1c9b68bb6147ab
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 Jul 2024 05:57:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=64, mss=1297, tbw=63827, tp=-1, tpl=-1, uplat=67, ullat=0
pragma
public
x-fb-debug
aNGZVrRQ4cEQwYwqPU89pdSRPo1vbNY8ZrG+Uv61rN0bmdpycJHwQU0kW2cJ0qKsWGTAJv2C46LvEXsvV8ZPjQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
px.ads.linkedin.com/wa/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.xapobank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 05:57:22 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 344A644230A94076B8C0E95724F8A069 Ref B: FRAEDGE1416 Ref C: 2024-07-10T05:57:23Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://www.xapobank.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYc3lHyF1GygXoUfptvlQ==

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| MEMBERSHIP_APPLICATION_URL string| GOOGLE_TAG_MANAGER_CONTAINER_ID string| TWILLIO_SEGMENT_WRITE_KEY string| FORM_API_URL object| LN_CONVERSION_EVENTS string| SSO_FORMS_REQUEST_ENDPOINT string| SSO_GOOGLE_KEY boolean| isUserAgentClear string| CREATE_UMA_URL number| windowWidth object| lazyImages object| lazyBackground object| lazyIframe object| lazyScripts object| analytics function| s number| flag function| init function| lazyLoadImg function| lazyLoadBackground function| lazyLoadIframe function| lazyLoadScripts function| lazyLoadCss function| lazyLoadJS function| asyncLoad function| load_all_js function| $ function| jQuery function| tram object| Webflow function| objectFitPolyfill function| doTriggerActionAfterFormSubmittedSuccessfully function| getParentMainComponent function| collectCurrentSearchParams function| rewriteCurrentSearchParamsToURL function| setAllMembershipApplicationHrefsToTheRightEnv function| setAllCreateUMACTAHrefsToTheRightEnv function| trackEventWithAutogeneratedName function| trackEventWithCustomName function| trackCustomEvent function| identify function| getFormData function| prepareBasicProperties string| dynamicNumberBTC string| dynamicNumberUSD function| updateNumbers object| FsCC object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext function| geotargetlygeotargetlygeocontent1686336987045_content function| geotargetlygeotargetlygeocontent1719253051362_content object| webpackChunkDestination function| amplitude-pluginsDestination object| facebook-pixelDeps function| facebook-pixelLoader object| linkedin-insight-tagDeps function| linkedin-insight-tagLoader object| twitter-adsDeps function| twitter-adsLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| facebook-pixelIntegration function| _fbq function| fbq function| linkedin-insight-tagIntegration string| _linkedin_data_partner_id function| twitter-adsIntegration function| twq function| lintrk boolean| _already_called_lintrk object| regeneratorRuntime object| twttr object| ORIBILI

8 Cookies

Domain/Path Name / Value
.xapo.com/ Name: __cf_bm
Value: 6igheslqS1YFRBq4cLq4fb2bKuqXbyahmIswDDOQOAo-1720591042-1.0.1.1-QaQ1EFJzI0LTTEDpiviuOOwq4aKQ_W_cfCDtVxP57fim1anlA5xb9EsBD7bnnu8bnnSnTpCCjCq2n.9Kzl.RdA
.xapo.com/ Name: _cfuvid
Value: ZIRhdZ_HZjtK1KpJnbD2rDX3kxYWo98liQ7meNAf6jM-1720591042073-0.0.1.1-604800000
.xapobank.com/ Name: ajs_anonymous_id
Value: 322fc3fc-4baf-48b6-98c6-3fbdb6a7d97a
.xapobank.com/ Name: analytics_session_id
Value: 1720591042567
.xapobank.com/ Name: analytics_session_id.last_access
Value: 1720591042569
.linkedin.com/ Name: bcookie
Value: "v=2&066f7a95-3878-4164-8c0d-ebae924f833f"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjA1OTEwNDI7MjswMjELXWve64yV5JJYittpDYcUlOE6E5/bT+iDsRoGADDSKg==
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3395:u=1:x=1:i=1720591042:t=1720677442:v=2:sig=AQEbIP5papwgRdejw0VqxY_LzzmsigS_"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.xapobank.com
assets.website-files.com
cdn.jsdelivr.net
cdn.prod.website-files.com
cdn.segment.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
g1584674684.co
g9904216750.co
px.ads.linkedin.com
px4.ads.linkedin.com
sgmnt-api.xapo.com
sgmnt.xapo.com
snap.licdn.com
static.ads-twitter.com
www.xapobank.com
xapo.com
104.16.197.87
104.18.13.28
13.107.42.14
146.75.120.157
151.101.65.195
172.64.153.29
18.244.20.40
2600:1901:0:314::
2600:1901:0:7d2::
2600:9000:26da:8c00:11:3b84:d200:93a1
2606:4700:4400::ac40:991d
2606:4700::6812:892d
2606:4700::6812:8a2d
2620:1ec:21::14
2a02:26f0:3500:10::210:a99
2a03:2880:f084:105:face:b00c:0:3
2a04:4e42::485
99.86.8.175
0857d11fef8be7a02171417365501f07d12e4d0fd4969a8ce43b9adffb7b1158
0cacb98aafa8d4ae530792cefa728937601f264ed3b0004bbdba463cc7e1eb9a
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
130f09ac4f1c794277b9a7ba3d47527f91311eaf8a1a3bd98a504998541832bd
165bd0bc874e6533064c1fae95685eeb2501cc50b6344337b776a10a228ccca4
1bd347129814f5695783b4971a49d8b561ab6a408e2d4f97730ba2b4bebef148
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
2b870857005bf9e0266ac3a80f31ff96a7bc13c780ebd5345954649043978442
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
328d81fcd83e08bb1e666c1d9d591fd44a7c0f372a1d7d1e3620d318db7d9d5f
36f9bf7f4514edb409609f496bb668dcf33cbaa9f6a3219663f631014c726a97
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b2e2c1b657d66e10950c36d6bb606a38571379e7e36e50493d2582d3180d3e0
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4df53644d1c9fd651ccfd697977eb07d94cd744b0a4997568d67cc25ef44e483
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
85930f9913e1a854e8e43681a32d7b0996ea251cb3d90109157442026726e337
8f9db17db87a17891eee947a12ba2fb9d92aae5040c2c047d7eaece4b565c567
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
abacd6c053958442b8559937661bbedba08f681f7053b8a912b43e27c1d1b266
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08
bdeed7650697bd478a6b0591a9ea29664b04a6681a4f9f7c4c2d3d10cdae42a7
cb97b43e565ab3bc9a9210a9f8add1a608ff5c7edfb301758ec6300117452043
d20fef5c39a29496573f320ec20c08d6f3fe386635f87de035e89d24fdd40556
da103d821f382c20662d437ccd1a622b9679059041dbb7228902d8d4bbb8c2a8
da691c9121865cc84cb038acd5c8cc3b8adcd480c4f1edeaa8bbf8acd532ee0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e657cc387e7ced0ce04a439a8c9bf4aca407b3fe1f1998551ce265f10610cad1
ecd27bac4384f8ec4decfe046408dca307452e38c521f9ad2a328500d15c7aa1
f0450aa22a25cea1af74ee5224132a7a0a5e0e75455a17e5da1c9b68bb6147ab
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d