xp.xyz Open in urlscan Pro
18.66.97.11 Public Scan

URL:
https://xp.xyz/
Submission: On March 09 via api (March 9th 2024, 7:03:20 pm UTC) from US — Scanned from DE

Summary HTTP 129 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 20 domains to perform 129 HTTP transactions. The main IP is 18.66.97.11, located in United States and belongs to AMAZON-02, US. The main domain is xp.xyz.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 22nd 2023. Valid for: a year.

This is the only time xp.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	18.66.97.11 18.66.97.11	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.139.124 52.222.139.124	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
7	2606:4700:10:... 2606:4700:10::6816:156c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	3.5.6.179 3.5.6.179	14618 (AMAZON-AES) (AMAZON-AES)
20	52.55.175.18 52.55.175.18	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700:10:... 2606:4700:10::6816:146c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	18.66.122.25 18.66.122.25	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	104.198.23.205 104.198.23.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:205... 2600:9000:2057:e400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.212.84.166 34.212.84.166	16509 (AMAZON-02) (AMAZON-02)
129	26

9 18.66.97.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-11.fra56.r.cloudfront.net

xp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-124.ams50.r.cloudfront.net

tk3d.tk3dapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:156c (United States)

ASN13335 (CLOUDFLARENET, US)

widget.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.5.6.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

hngr-icons.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.55.175.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-175-18.compute-1.amazonaws.com

api.xp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:146c (United States)

ASN13335 (CLOUDFLARENET, US)

api.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

xpsupport.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.122.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-25.fra60.r.cloudfront.net

cdn.hngr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o133761.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:e400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.84.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-84-166.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	xp.xyz xp.xyz api.xp.xyz	2 MB
16	hngr.co cdn.hngr.co	22 MB
12	stripe.com js.stripe.com — Cisco Umbrella Rank: 1155 r.stripe.com — Cisco Umbrella Rank: 2301 m.stripe.com — Cisco Umbrella Rank: 1134	487 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	684 KB
11	privy.com widget.privy.com — Cisco Umbrella Rank: 20941 api.privy.com — Cisco Umbrella Rank: 20737 assets.privy.com — Cisco Umbrella Rank: 36861 events.privy.com — Cisco Umbrella Rank: 38804	250 KB
10	amazonaws.com hngr-icons.s3.amazonaws.com	7 MB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	88 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2184 ekr.zdassets.com — Cisco Umbrella Rank: 2517	361 KB
5	lr-ingest.io cdn.lr-ingest.io — Cisco Umbrella Rank: 18489 r.lr-ingest.io — Cisco Umbrella Rank: 21501	172 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	356 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	301 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1243	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	69 KB
1	sentry.io o133761.ingest.sentry.io	368 B
1	zendesk.com xpsupport.zendesk.com	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6744	455 B
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	2 KB
1	tk3dapi.com tk3d.tk3dapi.com — Cisco Umbrella Rank: 58944	25 KB
129	20

	Domain	Requested by
20	api.xp.xyz	xp.xyz
16	cdn.hngr.co	xp.xyz
10	hngr-icons.s3.amazonaws.com	xp.xyz
9	www.google.com	1 redirects widget.privy.com www.gstatic.com www.google.com xp.xyz
9	xp.xyz	xp.xyz
8	www.gstatic.com	www.google.com www.gstatic.com
8	js.stripe.com	xp.xyz js.stripe.com
6	assets.privy.com	widget.privy.com assets.privy.com
6	static.zdassets.com	www.googletagmanager.com static.zdassets.com xp.xyz
4	r.lr-ingest.io	xp.xyz
4	fonts.googleapis.com	xp.xyz assets.privy.com
3	r.stripe.com	js.stripe.com
3	fonts.gstatic.com	xp.xyz
3	region1.google-analytics.com	www.googletagmanager.com
3	api.privy.com	xp.xyz
3	www.googletagmanager.com	xp.xyz www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	connect.facebook.net	xp.xyz connect.facebook.net
1	m.stripe.com	m.stripe.network
1	o133761.ingest.sentry.io	xp.xyz
1	xpsupport.zendesk.com	static.zdassets.com
1	events.privy.com	xp.xyz
1	www.google.de	xp.xyz
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	ekr.zdassets.com	xp.xyz
1	cdn.lr-ingest.io	xp.xyz
1	widget.privy.com	www.googletagmanager.com
1	tk3d.tk3dapi.com	xp.xyz
129	29

This site contains links to these domains. Also see Links.

Domain
xpsupport.zendesk.com
t.me
twitter.com
tamperproof.xyz
gocaptain.com
cdn.hngr.co

Subject Issuer	Validity	Valid
xp.xyz Amazon RSA 2048 M01	`2023-06-22` - `2024-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.tk3dapi.com Amazon RSA 2048 M02	`2023-06-04` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
lr-ingest.io E1	`2024-01-31` - `2024-04-30`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
api.xp.xyz Amazon RSA 2048 M02	`2023-11-08` - `2024-12-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
xpsupport.zendesk.com E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.hngr.co Amazon RSA 2048 M03	`2023-11-03` - `2024-12-01`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-03-06` - `2024-06-06`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
api.logrocket.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://xp.xyz/
Frame ID: 219CC74DB60E8ADC75FBFA344F068948
Requests: 81 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
Frame ID: D2BCF2FD0737806BE572D084E1C1C1A7
Requests: 8 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js
Frame ID: FFB2181BB5E6FCFEE7CF43ABD1EEE570
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
Frame ID: 40363CFEE108011DE3A7FBD5D26BD05A
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Frame ID: 1494ADD304AC70020F9DBC2B6B5810B3
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 825D2A2ACA7A2D607E1B3C956B8E263B
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: BE5A90747B638B6B4D78191493C71891
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XP- Access your favorite shows

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

129
Requests

98 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

26
IPs

3
Countries

34054 kB
Transfer

44536 kB
Size

14
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://xpsupport.zendesk.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://t.me/+-eyZj-pB7qMwZTdh

Search URL Search Domain Scan URL

URL: https://twitter.com/xpticket

Search URL Search Domain Scan URL

URL: https://xpsupport.zendesk.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: http://tamperproof.xyz/
Title: Tamperproof

Search URL Search Domain Scan URL

URL: http://gocaptain.com/
Title: Captain Labs

Search URL Search Domain Scan URL

URL: https://xpsupport.zendesk.com/hc/en-us/requests/new
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://cdn.hngr.co/xptc.pdf
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxMtfVXafd15fpMkeFzfafPPjRYzZrmI-1A&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC HTTP 302
https://www.google.com/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqeOh45OOC0zUQjMyuxrdQ7cygttICsQ&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxPaI3xZsSxGsvtnStnh0EafoeC5tTeFZus&random=3797035085 HTTP 302
https://www.google.de/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqeOh45OOC0zUQjMyuxrdQ7cygttICsQ&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxPaI3xZsSxGsvtnStnh0EafoeC5tTeFZus&random=3797035085&ipr=y

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xp.xyz/ 3 KB
1 KB 248ms
193ms Document
text/html 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95ed9f1c3f7ca7107140863bcd0ca2349eaf412734dbf27702e9a31fd3ec329a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: br
content-type: text/html
date: Sat, 09 Mar 2024 19:03:14 GMT
etag: W/"52f71e353b4235fe52961cef67c48439"
last-modified: Fri, 08 Mar 2024 20:23:21 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id: 0S6dDR2h03MuMzFx9ycdO8DNhf9TIQsSsEsBbkdUWwTHb19N6TWi8g==
x-amz-cf-pop: FRA56-P2
x-cache: RefreshHit from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@400;500;600;700&family=Space+Mono:wght@400;700&display=swap

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc2dd9fb17a446efda2af3332c80f861f9b5d8f313201e452d45fbd8bdd79522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Mar 2024 19:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 19:03:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Mar 2024 19:03:13 GMT

GET
H2 200 dvm.js Show response
tk3d.tk3dapi.com/dvm/v1/lib/stable/ 108 KB
25 KB 66ms
15ms Script
application/javascript 52.222.139.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk3d.tk3dapi.com/dvm/v1/lib/stable/dvm.js
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-124.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f9e1f7d958504bda830cee98f04be515a1ff456440678873a69be15499505b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 00:10:59 GMT
content-encoding: gzip
via: 1.1 ef2cb74895744344a0ea2100fbbb760a.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 08:32:11 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 2400735
etag: W/"6ad2a17e44f1642207dc7d8f0f2ae3d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kIwiaYc7c10MLjI7EU5nYeE0Qxd0bDFZZtoOh3icax1aXTo1TDaW8g==

GET
H2 200 main.707bf606.js Show response
xp.xyz/static/js/ 5 MB
1 MB 8ms
8ms Script
text/javascript 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/js/main.707bf606.js
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8798694de163b0d0fb659a75ec2c8065c4e20858256edaa4a4710161b3e708bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:30:28 GMT
content-encoding: br
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 20:23:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 81165
etag: W/"2dd200ae61260c1412e8ed56f66a5235"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: _5OooyfHkkEic-aQ1jyYeC9lQCRGT0-MnuXPTt95kBDmRy0UvrnC6g==

GET
H2 200 main.ac5cee37.css
xp.xyz/static/css/ 290 KB
40 KB 10ms
10ms Stylesheet
text/css 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/css/main.ac5cee37.css
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8a9df836dd171e25a9d1ce224d0f56547b6b06d079eeb3015536cf71ff4b4a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:30:25 GMT
content-encoding: br
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 20:23:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 81168
etag: W/"ea5e9af20649d70f967e5f8ed712cb59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: gZ-2SuGVUgOaexR_CWHaAxaLCLZC_Z52BQdM7z5ma0I2qXc505Mszw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
81 KB 68ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6916492b79e293bea696f469dfdc4ee3c3cb32b0e7d4e88463a7efc504074e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82348
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 19:03:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
513 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

153771fa4bd1db6b3dbce81e61081312d9ebe1cc8dc80379d0cefabfda339ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Mar 2024 19:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 18:28:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Mar 2024 19:03:13 GMT

GET
H2 200 widget.js Show response
widget.privy.com/assets/ 347 KB
105 KB 54ms
22ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.privy.com/assets/widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5525d5961de144e10b645a51812010a937ae8512146a39f1887feb701d847e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 vegur, 1.1 7cf1868252578a35a0e0b87d3129c07c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding: gzip
x-amz-cf-pop: AMS1-P3
age: 1033
x-cache: Hit from cloudfront
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709922929&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=KwNKm92TIT1p83SR04Pv7KiuqBbNllt2BlaxagYVbT4%3D
last-modified: Fri, 08 Mar 2024 18:29:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709922929&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=KwNKm92TIT1p83SR04Pv7KiuqBbNllt2BlaxagYVbT4%3D"}]}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 861d52e6ef2c68ec-FRA
x-amz-cf-id: V04Tgh7swhf54xq3gaRUsPKwSyyNPFmh8Yp4mEQweT-vaFLkaRmdVw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 342 KB
110 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f82b072aaad42586193d77e42da8a7429d285c23c4e1216159fd4f71f67e448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 112510
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Mar 2024 19:03:13 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 342 KB
110 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b12dfb45966def07bc06ba651c5b58b92d4c491ded04df206f33f6683cae782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 112540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Mar 2024 19:03:13 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 83ms
47ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=bca9994f-6c8f-4539-89ac-1a4459127e01

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:13 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 2R5YDTS5GZCJX74D
age: 0
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: f4zcsDVt0bWrZDGr5y/58bGXF/Tek1RwTrj7sBNJCXUG5eD+P3LVrIQrofbUb3s4fGUfFK7Za7I=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOYqtPM%2Bp%2FX8c5Ools3MCRZ1o0GsLsDcVgCo3jPylQLr%2BqckpXGsteHMUVWquhjp8QejKe%2FD3Z07%2BHk3Mx%2FbpFhY2icRR0JzdAZKQHRYyH6deup3V3bFJbE4PPYnxn%2BszIBNEjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 861d52e6fec96ae2-FRA
access-control-allow-headers: *

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 833 KB
165 KB 67ms
31ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1afd4c14480421a77cec441591c9fb3368c64fc39a4234cf5f29c6d5a5e47483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:13 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Fri, 08 Mar 2024 21:12:19 GMT
server: cloudflare
x-timer: S1709932410.487335,VS0,VE1
etag: W/"8419ea933cb1c2d23937ddb6bf7f74aaa960db03e37294340485c1f47e2d052c-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XhasXIA39BQEKzUbWIDq7FKB7t88kFD35rE03gy5SRuHmNqjR4WHD%2BqCnSc08A68YTpW2cff5nDvp%2F8dQzSa7rgVbLSN9%2BAjJI2wKqUoXP5CVnDZ8TiIpyaHKSeEW9pgw2R2NjgsxMcobOcrFhI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 861d52e7ce0a698b-FRA
x-cache-hits: 1

GET
H2 200 v3 Show response
js.stripe.com/ 605 KB
168 KB 63ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 19:03:13 GMT
via: 1.1 varnish
age: 25
x-cache: HIT
content-length: 171169
x-request-id: eb8fcecb-699d-4ecb-b80d-bf94d65886e8
x-served-by: cache-fra-etou8220109-FRA
last-modified: Sat, 09 Mar 2024 03:14:15 GMT
server: Fastly
etag: "0d82e47134264113b6f556b7b393025a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 19:03:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: vL9Gsh5Ku2w8NG+qMCWUhFgLKIMB7RDoI1+f7mibZ/D1LXU2Ppmf3GyYPP4tzMG+0SFkamgLmJrcr79nQ8JJiw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK XP+Logo.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/ 32 KB
33 KB 332ms
113ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/XP+Logo.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a588343e33efac9f375d8a1f704e96a77f0397cf1c1e0a0dcdfc2dfbd939b726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: llv.BSceXar4R0IDhgKW0QYlm8qufd.5
Last-Modified: Thu, 06 Jul 2023 19:07:05 GMT
Server: AmazonS3
x-amz-request-id: 3PYZBEVS010X0W3Z
ETag: "58b1609846f639ce497d9853509536e8"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 32978
x-amz-id-2: k5EQP8o3B2fI5UqSy7jz6w3VUEtJtpyQeY+ErpGIytSuM3e1rsrEQyd0BExq98xitrzcnbpPvaN29pqOp6QkvA==

GET
H/1.1 200
OK XPGrayscale.png
hngr-icons.s3.amazonaws.com/ticketdex/ 4 MB
4 MB 372ms
152ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/XPGrayscale.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 228606fc973e515df5c25fdb162fc458ed708b36998343ed11213dbfef9d39d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: Wa1kR7gihMmH2XUOUbtr86EsfPQyzVYs
Last-Modified: Mon, 25 Sep 2023 17:04:38 GMT
Server: AmazonS3
x-amz-request-id: 3PYHW95DHN9X30XA
ETag: "8f32fb05b496f91938035446aeb61e42"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3976790
x-amz-id-2: DjJ8neUI6wyIkMtTt4eZljZxDv5W8ctPQelcfK78epVnAIV/IKVtnjwc8nECce9U6qlPiTLan3PNYu15O3oTAw==

GET
H/1.1 200
OK xp_logo_stretched_offwhite_noise+2.png
hngr-icons.s3.amazonaws.com/ticketdex/ 1 MB
1 MB 377ms
158ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/xp_logo_stretched_offwhite_noise+2.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 754b8757b0b21fbbf8665b79b69d06c4fddfaffad4b33be480c0cb92ed639016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: E1MMA3KOTTT.TpGR9Oj6IFxwXt9bEg4d
Last-Modified: Wed, 27 Sep 2023 21:19:37 GMT
Server: AmazonS3
x-amz-request-id: 3PYNHPXR83CQMD0K
ETag: "2edc93b9d1b603b8b6fa4d12ff43f3ce"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1104802
x-amz-id-2: Ur8kIf9Tt6RTvniXINwMipir0q12ToKfoKRrKInJBWTi1ZUG4TbCyVvIUjTHBTwHuQ9n4osuoR05zYhq5kg27A==

GET
H/1.1 200
OK XP+Ticket+Mockup+Flipped+2.png
hngr-icons.s3.amazonaws.com/ticketdex/ 85 KB
86 KB 373ms
154ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/XP+Ticket+Mockup+Flipped+2.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 25b56ccb76e9fd9c4f51c3a640d62e35ac3bfc203f1877f410f5425836707f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: ZxK4LqnoN1fOANPUYdHihUWknqYUNvJk
Last-Modified: Mon, 25 Sep 2023 17:04:36 GMT
Server: AmazonS3
x-amz-request-id: 3PYMJSKBZTKNWTSG
ETag: "14cfb71f4bbcf81d81782073364c184e"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 87405
x-amz-id-2: BEMPAISpVGAusAserbL4Na/cEYZSrboszpkMJ4WY/0k7VMhycoA4tAUjn8ykgE15+NLne30j4hIaeuPUKgffxw==

GET
H/1.1 200
OK Globe+Icon+1.png
hngr-icons.s3.amazonaws.com/ticketdex/ 67 KB
67 KB 366ms
147ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/Globe+Icon+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c07c6b0d23cf877e90e0a11ca66f62be222e0209896ddadb5dee9b8965be1212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: SEvuWZ.Eew.Hyt69gBy_cUXGIEd3V98R
Last-Modified: Mon, 25 Sep 2023 22:02:15 GMT
Server: AmazonS3
x-amz-request-id: 3PYHEQMEDT5F9FJ4
ETag: "45fe2211a9218d025cb614be7f31276b"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 68462
x-amz-id-2: OGr+Zyz2KKevNayZKAbA+jHULXWFb7lJfkGX94y0pmu1cnkNYrPlJgDUDiZv6B9VgZRbo4adWZmt+lRdY20n0Q==

GET
H/1.1 200
OK Torus+Icon+1.png
hngr-icons.s3.amazonaws.com/ticketdex/ 94 KB
95 KB 576ms
153ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/Torus+Icon+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 55cf313f6b5cfc7b15b38fb6e04f48c09430d5a3073a492155c57925720b2941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: zQNCsjGxdnJQLQw0HtNQwdwrXddC.B4R
Last-Modified: Mon, 25 Sep 2023 22:02:16 GMT
Server: AmazonS3
x-amz-request-id: 3PYHW47SB996XNE0
ETag: "eb36971b678c738032f7054d189f8587"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 96531
x-amz-id-2: G8g7TxL+N+m7LNAJr7wMQWjHBZ2wrHdcZoqbco1Iev1Km0jhX8FdPQ5IVRtZtIB8uHLWb/6ueqzSe0TyoApOAg==

GET
H/1.1 200
OK Telegram+XP+Glow+1.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/ 3 KB
3 KB 134ms
133ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/Telegram+XP+Glow+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d40b07c587acdc51adb1b5f200b3586054d61637fd7d76a45f61bb330eae0eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: p31XdP.rafkI7EDQZDnFdW_xH_F_t4HN
Last-Modified: Wed, 07 Feb 2024 23:15:53 GMT
Server: AmazonS3
x-amz-request-id: 3PYTH6QWGZB5Z9A1
ETag: "9d500ca1f4ad9646be8eab3084a56a9c"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3040
x-amz-id-2: ogiZNaJFUtAeW1oa3dlepo08pp5wAzpQuFBKFuNpbHMaFZuKnvD2EWZOduhKLVQOMlOJinBsBUqQY9EsAOrOlg==

GET
H/1.1 200
OK twitter.png
hngr-icons.s3.amazonaws.com/ticketdex/ 10 KB
11 KB 131ms
130ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/twitter.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3c1c1b5b523a4a35824c5ebf0b8f56b003dc1ccbef4e654cc459face31659445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: S1l_74b1EVm2Iv.LdbKLKDsqkIZnjQOQ
Last-Modified: Wed, 23 Aug 2023 18:26:19 GMT
Server: AmazonS3
x-amz-request-id: 3PYG682ZWGN427HV
ETag: "2e55618cc9b9657dbbf571fb662bf071"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10683
x-amz-id-2: onPRBuxVvWE2E/YQa4Qwc3CXldZgmqYR7eE5SaJAwOJrTStp2Z+Rsos4dHlrxWUXG5bCjsC2QMh2IXk0kAB6WQ==

GET
H/1.1 200
OK XP+Logo+Footer+1.png
hngr-icons.s3.amazonaws.com/ticketdex/ 1 MB
1 MB 120ms
119ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/ticketdex/XP+Logo+Footer+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f28f3a085b5b313f188dac78cb183da7831fa11d65939b93edd959e8057bebb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: nz2.nd4XjvsVRi1zEtO2frkzNxAIL_UX
Last-Modified: Tue, 26 Sep 2023 17:19:45 GMT
Server: AmazonS3
x-amz-request-id: 3PYT3S65CBFX4D5D
ETag: "90488b1b7206e392382698d79ef20c6f"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1079288
x-amz-id-2: ZNr9Nc9G26WZqjzZaSak9EUrkKetInRCRJhbMzZ/mQbJ1K/M8Iyrh0hAHkwPcirwMqehOkaa+7rtA6B4J65Jrg==

GET
H/1.1 200
OK Crowd3+1.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/ 810 KB
810 KB 358ms
148ms Image
image/png 3.5.6.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/Crowd3+1.png
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b3820e0459f9097db723db1f155653dbcf7d3a91be374e104db2dc3d67f55c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: xo2Nf4FFdDM5pCOaWoTnGjW6Xthh05Ma
Last-Modified: Tue, 16 Jan 2024 19:20:44 GMT
Server: AmazonS3
x-amz-request-id: 3PYTE42FX6QXYM03
ETag: "ed9ff44b23eada73fafaafcd1d326840"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 829136
x-amz-id-2: 2FdM8Z26S/41hP+NayhEH0p1brqRH78BoRU6DontjL/htnL0ourgekT0em+VWWPKN8+oMrmwP5jfmzztW7cZeQ==

GET
H2 200 undefined
xp.xyz/ 3 KB
3 KB 443ms
443ms Image
text/html 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xp.xyz/undefined
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:15 GMT
content-encoding: gzip
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 20:23:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"52f71e353b4235fe52961cef67c48439"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
cache-control: max-age=0
x-amz-cf-id: CylJvd-w3rSKV8dGi4h_BeRehcUhyThRIIja30uzpswSOaYDlgx5fQ==

GET
H2 200 RobotoMono-VariableFont_wght.e14e25b7c497634efdfe.ttf
xp.xyz/static/media/ 180 KB
121 KB 9ms
8ms Font
font/ttf 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/RobotoMono-VariableFont_wght.e14e25b7c497634efdfe.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 173a14a0d6085072cb655a381aae7949612c0d76c1e7de780288b74939363fdb

Request headers

Referer: https://xp.xyz/static/css/main.ac5cee37.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:31:40 GMT
content-encoding: br
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 20:23:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 81094
etag: W/"336102a48d996db3d945a346b1790b1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: -PqWXsMWpsUfULTL-JsPGq5F01dxQNf8hxozNBsT0QdkKeMS0akDhQ==

GET
H2 200 Sequel100Black-55.0fcfc4e507ff03dbd933.ttf
xp.xyz/static/media/ 46 KB
23 KB 10ms
10ms Font
font/ttf 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/Sequel100Black-55.0fcfc4e507ff03dbd933.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92ba422186fcdf423baaae445c3535672f485c5bf9b0a40b4eb6dd4a2222bb2c

Request headers

Referer: https://xp.xyz/static/css/main.ac5cee37.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:31:40 GMT
content-encoding: br
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 20:23:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 81094
etag: W/"11de6a60d8bee2493a9cfda767555659"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: fHxil-75pHbW7OeognfWmm2ALeWTPCOkz_YFAi2asY4cFhBHCJoebw==

GET
H2 200 Sequel100Black-65.e4003b0d2f58a56e1166.ttf
xp.xyz/static/media/ 46 KB
23 KB 12ms
12ms Font
font/ttf 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/Sequel100Black-65.e4003b0d2f58a56e1166.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 181fe485ffdfce46542d6d1dd5063b7bc4110deabb3b2ad9026aca860aef2466

Request headers

Referer: https://xp.xyz/static/css/main.ac5cee37.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:31:40 GMT
content-encoding: br
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 20:23:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 81094
etag: W/"46e04813fd076dee1d665480f5f6ec08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: bGvnGDMn9lzKw5oAUTf1y_R79fT0GT0LZCv-fZ0I3e6McTIIMTWAPA==

GET
H2 200 Sequel100Black-75.0bd2903cf018e606533a.ttf
xp.xyz/static/media/ 46 KB
23 KB 13ms
13ms Font
font/ttf 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/Sequel100Black-75.0bd2903cf018e606533a.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11bd041ab0fc6de3bb51707ba58f50f1a6f7dd273d4506ff5abb91a29377d6fe

Request headers

Referer: https://xp.xyz/static/css/main.ac5cee37.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:31:40 GMT
content-encoding: br
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 20:23:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 81094
etag: W/"d2c9891c648ec6cbe808fef09a790c13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: 2cc1rsRD1pqgvzUIe_vwIvZnzgvx0TzBKh5Z8E9zhuBKg1wNl3quLg==

OPTIONS
H2 200 performers-by-league
api.xp.xyz/api/stagehand/ Frame 0
0 332ms
109ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 performers-by-league
api.xp.xyz/api/stagehand/ Frame 0
0 320ms
97ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 performers-by-league
api.xp.xyz/api/stagehand/ Frame 0
0 331ms
108ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 performers-by-league
api.xp.xyz/api/stagehand/ Frame 0
0 329ms
106ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 featured-performers
api.xp.xyz/api/stagehand/ Frame 0
0 331ms
108ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/featured-performers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 performers-by-league Show response
api.xp.xyz/api/stagehand/ 8 KB
8 KB 188ms
188ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

711c03b2458e6f86906e934135cc87eb182de911086fe97209468d5f1181cae8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 7958
x-xss-protection: 1; mode=block

POST
H2 200 performers-by-league Show response
api.xp.xyz/api/stagehand/ 8 KB
9 KB 109ms
108ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

416a7a95985905a45a20c475aed096a6f14be534d65ca46135128a32c13c02b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 8286
x-xss-protection: 1; mode=block

POST
H2 200 performers-by-league Show response
api.xp.xyz/api/stagehand/ 9 KB
9 KB 187ms
187ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

41773beda8273a4d80ece7b051f2887484aed8d6c49d2bb59b6bc01c46e5afbd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 8719
x-xss-protection: 1; mode=block

POST
H2 200 performers-by-league Show response
api.xp.xyz/api/stagehand/ 12 KB
13 KB 170ms
170ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/performers-by-league

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

6000da7742d628c23e3cd593a7bba296e12a941bb0001ca82595308350c15c3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 12572
x-xss-protection: 1; mode=block

POST
H2 200 featured-performers Show response
api.xp.xyz/api/stagehand/ 2 KB
2 KB 391ms
391ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/featured-performers

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

7007e23ccf56e65c61987411b19cdf4d00805d248e9fa5d7792893a7d22a0f54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 1738
x-xss-protection: 1; mode=block

POST
H2 200 filters Show response
api.xp.xyz/api/stagehand/ 39 B
451 B 1364ms
1362ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

d5c9826032018406a861a5e1666b795fdb83d1c5f727ca63b2a98466261ed257

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:15 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 39
x-xss-protection: 1; mode=block

POST
H2 200 filters Show response
api.xp.xyz/api/stagehand/ 39 B
451 B 1430ms
1429ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

d5c9826032018406a861a5e1666b795fdb83d1c5f727ca63b2a98466261ed257

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:15 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 39
x-xss-protection: 1; mode=block

POST
H2 200 filters Show response
api.xp.xyz/api/stagehand/ 469 KB
470 KB 290ms
290ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

1e0f340f831eb085c8bd435cb1b0aeda4b354a21cef0fdcd513bda168df5d234

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 480493
x-xss-protection: 1; mode=block

POST
H2 200 campaigns Show response
api.xp.xyz/api/xp/ 2 KB
3 KB 104ms
104ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/xp/campaigns

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

c9c15065d3d64c404a86c89dda2b7720f72ae7a755b248435af94cde1f790a5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 2488
x-xss-protection: 1; mode=block

POST
H2 200 filters Show response
api.xp.xyz/api/stagehand/ 469 KB
470 KB 219ms
219ms Fetch
application/json 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

738e5280b8e9abc67656062da2943c575aeecf731a06388f615b94df4b2d8526

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
server: gunicorn/20.0.4
referrer-policy: strict-origin-when-cross-origin
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://xp.xyz
permissions-policy: interest-cohort=()
content-length: 480509
x-xss-protection: 1; mode=block

OPTIONS
H2 200 filters
api.xp.xyz/api/stagehand/ Frame 0
0 318ms
96ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 filters
api.xp.xyz/api/stagehand/ Frame 0
0 406ms
184ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 filters
api.xp.xyz/api/stagehand/ Frame 0
0 408ms
186ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 campaigns
api.xp.xyz/api/xp/ Frame 0
0 324ms
102ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/xp/campaigns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 filters
api.xp.xyz/api/stagehand/ Frame 0
0 320ms
98ms Preflight
text/html 52.55.175.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xp.xyz/api/stagehand/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-175-18.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' ; img-src 'self' data: ; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://xp.xyz
allow: OPTIONS, POST
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: gunicorn/20.0.4
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/ 11 KB
3 KB 347ms
319ms XHR
application/json 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=3cd9775a-a530-476e-a071-a7f041aa5e78&fence=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6401271f271365b2b9b0402a3f77240c6b13453893ef5331ee247b28297b759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ipcountry: DE
date: Sat, 09 Mar 2024 19:03:14 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
x-ippostalcode
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D
x-request-id: d289fbea-abe0-4a8b-a4e5-336da40fc4b5
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c6401271f271365b2b9b0402a3f77240"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: DE_
cf-ray: 861d52e8be29913c-FRA

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/ 11 KB
3 KB 344ms
319ms XHR
application/json 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=3cd9775a-a530-476e-a071-a7f041aa5e78&fence=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6401271f271365b2b9b0402a3f77240c6b13453893ef5331ee247b28297b759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ipcountry: DE
date: Sat, 09 Mar 2024 19:03:14 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
x-ippostalcode
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D
x-request-id: bbaca25d-fae6-4eaa-9386-5738cd26103b
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c6401271f271365b2b9b0402a3f77240"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: DE_
cf-ray: 861d52e8ce2a913c-FRA

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/ 11 KB
3 KB 152ms
132ms XHR
application/json 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=3cd9775a-a530-476e-a071-a7f041aa5e78&fence=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6401271f271365b2b9b0402a3f77240c6b13453893ef5331ee247b28297b759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ipcountry: DE
date: Sat, 09 Mar 2024 19:03:14 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
x-ippostalcode
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D
x-request-id: dc999c5a-abb1-422a-ad9a-f8c16e575be5
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c6401271f271365b2b9b0402a3f77240"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: DE_
cf-ray: 861d52e8be28913c-FRA

GET
H2 200 bca9994f-6c8f-4539-89ac-1a4459127e01 Show response
ekr.zdassets.com/compose/ 1010 B
1 KB 219ms
179ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/bca9994f-6c8f-4539-89ac-1a4459127e01

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b8b5e61808de5a49a7390d1ea88700c98e190aa6457e35804aa0cc7a17f014a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 860d8c9cbefe5387-SEA, 860d8c9cbefe5387-SEA
x-runtime: 0.003669
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1b8b5e61808de5a49a7390d1ea88700c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U3q4wBQrMVAgaos365lYuy0a4bTMoj2UX9PRICfXhUWtHVdERDVg9NhKFThzfc6M5H7Pp9uGHvth4obH%2BSPNZ7gU%2BZ0siBEbaiz8iNQ0yu6H4vk%2BObK7nL65PjzEtx4bAY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 861d52e8de6c5b9e-FRA

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11351563070/ 3 KB
2 KB 84ms
48ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11351563070/?random=1710010994029&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&bttype=purchase&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

fd001e1bc3113a96f7c6aa411b4e56ab3caf4c9f92f8f6212bf3ead688472a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1684
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45je4360v9130944946z89172014031za200&_p=1710010993566&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1577528411.1710010994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710010994&sct=1&seg=0&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=782
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 19:03:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xp.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 52da2fa4-8810-4fc2-9beb-1f94d9ea500c
https://xp.xyz/ 463 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xp.xyz/52da2fa4-8810-4fc2-9beb-1f94d9ea500c
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffae9431def3390a1dc09d80a41f9c224affd01ad64970dc157790e9dbdf7721

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 474307
Content-Type

GET
H2 200 1514233069351079 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 75ms
74ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1514233069351079?v=2.9.148&r=stable&domain=xp.xyz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fcd7c9a055e8565e3191344be5ba42d563c5fe2b944ca0dd259783db192b8df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 19:03:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=64, mss=1294, tbw=62475, tp=-1, tpl=-1, uplat=67, ullat=0
pragma: public
x-fb-debug: rS07rvH6WkVAxUuVjyHjHPGobIq9oW0V8w8RUtMdZfwelFIFshRgeXGstJwXtoso3YpisYCEvWCiOrkpxNXtcQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 controller-c8bfdd70e62be9f4e611d8b62738f20d.html Show response
js.stripe.com/v3/ Frame D2BC 325 B
778 B 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1bfb181330911e3736a1fe85f14a2ca94b4728ce86887d11e6b4fea110cd1292

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xp.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 32
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 188
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:14 GMT
etag: "c8bfdd70e62be9f4e611d8b62738f20d"
last-modified: Sat, 09 Mar 2024 02:38:05 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-content-type-options: nosniff
x-request-id: d0d6f030-625a-4952-b220-87e43bad1803
x-served-by: cache-fra-etou8220109-FRA

GET
H2

200

/
www.google.de/pagead/1p-conversion/11351563070/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3...
https://www.google.com/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&d...
https://www.google.de/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dm...

42 B
455 B

44ms
23ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqeOh45OOC0zUQjMyuxrdQ7cygttICsQ&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxPaI3xZsSxGsvtnStnh0EafoeC5tTeFZus&random=3797035085&ipr=y

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqeOh45OOC0zUQjMyuxrdQ7cygttICsQ&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxPaI3xZsSxGsvtnStnh0EafoeC5tTeFZus&random=3797035085&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shared-e5fa3fec3ae52e82c9dbe99744d9674a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D2BC 537 KB
130 KB 7ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

58d85ba8e53eddc3d87dc3d8c114812bc7cfd1d49f658d7a0827a898b708d6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 19:03:14 GMT
via: 1.1 varnish
age: 58853
x-cache: HIT
content-length: 133401
x-request-id: 0362d8e4-0a42-42cd-b001-7b68581b194a
x-served-by: cache-fra-etou8220109-FRA
last-modified: Sat, 09 Mar 2024 02:38:17 GMT
server: Fastly
etag: "ae80f9950714ec2bafdb890ef9866f99"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 controller-a58721c28affd3a672e82df8c6e7e6a4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D2BC 703 KB
184 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a58721c28affd3a672e82df8c6e7e6a4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7fbe8a94ecb5d03772bd3de4e36a8b484d905a8be393f49201932f4521725ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 19:03:14 GMT
via: 1.1 varnish
age: 58853
x-cache: HIT
content-length: 188464
x-request-id: 529964e8-ea8f-4b53-8331-2938175a1b4c
x-served-by: cache-fra-etou8220109-FRA
last-modified: Sat, 09 Mar 2024 02:38:15 GMT
server: Fastly
etag: "5c2042a721abac64eac72d7fe5b76577"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f6369864f88c35b1302ab28dbaa8944f4f275f11a3e43bd96187cc79bf82699d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 09 Mar 2024 19:03:14 GMT

GET
H2 200 755-abe14dc84751c419cb42.js Show response
assets.privy.com/packs/js/ 88 KB
31 KB 50ms
40ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/755-abe14dc84751c419cb42.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9520b2cb671d613ff9f2ae92c8de2305abfc8ad6a24cd7ad5d89203c60aa8432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 72aa637991c46f23f831d2a4b7cb6c9a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: AMS1-P3
age: 392
x-cache: Hit from cloudfront
content-length: 31062
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709928365&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Dn05P8P3wtvDxgi7R7JP%2BbH1o%2F8AaHRbE343VV%2F2ugQ%3D
last-modified: Fri, 08 Mar 2024 18:29:11 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709928365&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Dn05P8P3wtvDxgi7R7JP%2BbH1o%2F8AaHRbE343VV%2F2ugQ%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 861d52e9aa0868ec-FRA
x-amz-cf-id: 0rRQoGfQOLCz-Niv7_gToVaU7VENmrCDVVmhXB7yqDaa00zoCi8k2A==

GET
H2 200 908-000e1ac551df9d63c8a5.js Show response
assets.privy.com/packs/js/ 38 KB
13 KB 40ms
30ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: AMS1-P3
age: 6101
x-cache: Hit from cloudfront
content-length: 12381
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709928679&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Oc9SzueRJz%2FXf6tSlCfQfTSrx8r%2F%2FPvrDVI72yI%2BYWo%3D
last-modified: Fri, 08 Mar 2024 18:29:11 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709928679&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Oc9SzueRJz%2FXf6tSlCfQfTSrx8r%2F%2FPvrDVI72yI%2BYWo%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 861d52e9aa0168ec-FRA
x-amz-cf-id: xWW0lTov-Yze6McYQ1keGupFq1GKwxdl3chor2qVSd5Zz-sxly5Y2A==

GET
H2 200 864-e97430f5f316998a0c34.js Show response
assets.privy.com/packs/js/ 19 KB
7 KB 39ms
29ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/864-e97430f5f316998a0c34.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b1c975871e139ec3dce8ca5d2cea862edf5572c930da5952c31a0e72a71ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 965
x-cache: Hit from cloudfront
content-length: 6189
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709923272&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=4fz9Hpeusx1AAy6%2FZxE5Ugeu60PuYm6f4j7HMoU8mSM%3D
last-modified: Fri, 08 Mar 2024 18:29:11 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709923272&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=4fz9Hpeusx1AAy6%2FZxE5Ugeu60PuYm6f4j7HMoU8mSM%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 861d52e9aa0668ec-FRA
x-amz-cf-id: ElGnPWhe_wszOCAz52p0zbaPlNrFwIAy-uQx8zvPwUydetgUANrGGg==

GET
H2 200 538-58faf0b20e3865c7e8c9.js Show response
assets.privy.com/packs/js/ 108 KB
32 KB 26ms
26ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/538-58faf0b20e3865c7e8c9.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f74af822db7aa4ed1c03da76062e7909ff2aae04d06ed5c15277d938eb7de383

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 965
x-cache: Hit from cloudfront
content-length: 31874
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709929944&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2RHlC5q7yb49q6p9HwbrmF1QsVcjP22hTTRTDowXAMs%3D
last-modified: Fri, 08 Mar 2024 18:29:11 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709929944&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2RHlC5q7yb49q6p9HwbrmF1QsVcjP22hTTRTDowXAMs%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 861d52e9da2d68ec-FRA
x-amz-cf-id: 9lo2ZdKngu98uC-Dm27qwODWzEP0hd1P76ncQI-DWqqglAY2Hiboxw==

GET
H2 200 legacy_widget-77347368f315fe42ebe0.chunk.js Show response
assets.privy.com/packs/js/ 114 KB
29 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/legacy_widget-77347368f315fe42ebe0.chunk.js

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e433db6a5e93d9fd34379bf9d3dee291b8bc60fc0cfebb86dfc66b23270e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P7
age: 7165
x-cache: Hit from cloudfront
content-length: 29169
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709923522&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Gk9TEKuoYk0FRWtnSL6R2imnq1GrcZmJKuEF5RJGffQ%3D
last-modified: Fri, 08 Mar 2024 18:29:11 GMT
server: cloudflare
vary: accept-encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709923522&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Gk9TEKuoYk0FRWtnSL6R2imnq1GrcZmJKuEF5RJGffQ%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 861d52e9da3368ec-FRA
x-amz-cf-id: 1D8rLMbURZ10AKDKk9ymqs7GJ5tA7pZKD25MHszW1OAD0KJc73ywpg==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D2BC 474 B
612 B 23ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

756cd5368e3bf22664232c8228b5d7d572cf4b6b8f912ff17da005caea7790c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 5
x-cache: HIT
content-length: 298
x-request-id: 11f94a82-69fb-471b-adc3-279446ac225c
x-served-by: cache-fra-etou8220074-FRA
last-modified: Sat, 09 Mar 2024 03:17:41 GMT
server: Fastly
etag: "abf0cb9b2315500db3445ffbd3bb17d5"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D2BC 474 B
372 B 16ms
8ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

756cd5368e3bf22664232c8228b5d7d572cf4b6b8f912ff17da005caea7790c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 5
x-cache: HIT
content-length: 298
x-request-id: a5172809-103a-4de8-b402-229f5ecf1787
x-served-by: cache-fra-etou8220074-FRA
last-modified: Sat, 09 Mar 2024 03:17:41 GMT
server: Fastly
etag: "abf0cb9b2315500db3445ffbd3bb17d5"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 494 KB
197 KB 36ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xp.xyz/
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 18:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 18:36:21 GMT

GET
H2 200 web-widget-main-a8e2471.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FFB2 945 KB
277 KB 45ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=bca9994f-6c8f-4539-89ac-1a4459127e01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0a75d7e84a90aba9d68dc5b54e7afedf58b4bbf7221aa78dcb9c4f26f87364

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
x-amz-version-id: Z2TyMhu0USmhlgy7zbQ76q.AzD1L6aZ1
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5VFJJN3BRVJ0FRW
age: 290384
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: pXirvkJ3mW6sVnrhyFFVVSruNnHtIpaQzrRrbuXb4DDPVPBjdtaCVLxs9w2WDpV8JnBFN95+23A=
last-modified: Mon, 04 Mar 2024 13:52:16 GMT
server: cloudflare
etag: W/"d07da7b379d0bd38cb3b8930758e82b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQ3POZEty5sHXDC4s8qNkT5RT5RnRPzLtSRBdvkZkFfmKwSYDYA4ORm6EqXvRt8gXzwDJ5vwDJXZHkB46XYf8JEzWvuFJQDgOW9ZtV8Umc4w%2BqGkbdLO3%2FjoBfxIM1mOVcdEEk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 861d52ea0ba26ae2-FRA
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 13:52:15 GMT

POST
H2 200 collect Show response
events.privy.com/v2/ 0
404 B 337ms
325ms XHR
text/html 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.privy.com/v2/collect

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=v5CXMegQoZrZFca%2BfgcRd7GqicMVDDjbqBPjt0pa6%2B8%3D
x-request-id: d05402b5-c4c9-4a4d-80dd-f00cf3b344ab
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=v5CXMegQoZrZFca%2BfgcRd7GqicMVDDjbqBPjt0pa6%2B8%3D"}]}
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 861d52ea3846913c-FRA

GET
H2 200 widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css
assets.privy.com/assets/ 245 KB
25 KB 25ms
25ms Stylesheet
text/css 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/assets/widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/legacy_widget-77347368f315fe42ebe0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P9
age: 4208
x-cache: Hit from cloudfront
content-length: 25091
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706156137&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=m93sp6VOrb%2Fk8CXpxxWitHaX%2FPRP71eQZRsMSydmkCI%3D
last-modified: Mon, 10 Apr 2023 19:08:01 GMT
server: cloudflare
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706156137&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=m93sp6VOrb%2Fk8CXpxxWitHaX%2FPRP71eQZRsMSydmkCI%3D"}]}
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 861d52ea2a8668ec-FRA
x-amz-cf-id: ebFvQandCOBZhx8XbfkkH4YjBVN1lFSgYrgc2IFhDTh4cCQzOZUFog==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4036 46 KB
29 KB 31ms
31ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19e3336736fd2eacc993e742f8b846b2d0baa56612914c33928b1ad9cb8a3ca1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sjxXBy2nr9IdYPqmloRt8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sjxXBy2nr9IdYPqmloRt8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Mar 2024 19:03:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ 717 B
370 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 18:02:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Mar 2024 19:03:14 GMT

GET
H3 200 css
fonts.googleapis.com/ 6 KB
777 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cousine:300,400,700%7CLato:400,500,undefined

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d492fb6ef3f5ff87d9f2121102e08ad06456088dc639db43bff5b16abc9a4eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 19:03:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Mar 2024 19:03:14 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 4036 55 KB
24 KB 21ms
6ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 07:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 07:30:28 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 4036 494 KB
196 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 18:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 18:36:21 GMT

GET
H2 200 en-us-json-a8e2471.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame FFB2 25 KB
6 KB 26ms
26ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
x-amz-version-id: K6AM8OxoSO1OmWBpYrwye40k70ja8ul8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V04AQJD5WK6CXC
age: 290379
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: m4Z/n+x3kJTPGM0HGMlwo81RA0VTdiqu5oNlwVWnlHQdPxSIsM8Frhl6Uxt/TZIyva/gCupleUo=
last-modified: Mon, 04 Mar 2024 13:52:18 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aElu4VGpqeKcsHrhJ001wf1Erv1cFEUb86kr%2F90GaLDWj93oKGU776gimvu%2Fr5xl0SHj%2FO5PoGuBIkB%2FnNdcCT%2B%2FbhxDL7a2lIZiWKnfEbEukNiOtDI91pmuACzUpTSZvHZTg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 861d52eb1d306ae2-FRA
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 13:52:16 GMT

GET
H2 200 config Show response
xpsupport.zendesk.com/embeddable/ Frame FFB2 605 B
1 KB 429ms
389ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xpsupport.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7641dd581b49197ec3e16b4ffc870e8bcc65dde3f9566452c729b43a6af14b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-58c76669b6-xthjr
x-cached: MISS
x-request-id: 861d52eb5f52085d-FRA
x-runtime: 0.002191
last-modified: Sat, 09 Mar 2024 19:03:14 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsZ%2B9qv%2BilioJfn6G%2FjVH7UgSPBn5GgETRBAp4s9NmIzIwS4netFUJ%2BZZrV2K%2BG%2BIlP%2BkEbpkegjVtRQ3IM2Maimsh3Kh0z4IGTy0yGQNVrycWGwMznbacnZfdQ%2BbP%2BXEH98cSrmsA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 861d52eb5f52085d-FRA

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 4036 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 18:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 18:13:58 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4036 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 09 Mar 2024 19:03:14 GMT

GET
H2 200 web-widget-chat-sdk-a8e2471.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FFB2 202 KB
51 KB 32ms
32ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
x-amz-version-id: x4eH3W9GJ9cm0gXRbqZSeow_eidCmzsM
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V5EJRFDP790NEC
age: 290383
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 62x+OtZ1+vQqekzZTM9PJbhPZX/5upGM2YP2rAGWEW5Oj0A9DfGAU4nWeSU6SemzBqb2pYpZHps=
last-modified: Mon, 04 Mar 2024 13:52:16 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St%2Br4%2Bd%2BeaF%2Fh%2FREUu0dr7uKCK%2BaFtw3c6a7xLOqn0AC%2BVLYcmHCWgrGg77%2BuZRqbz11pNfqURPQww1mtl2sd65mNYKo7Gm3ThS2A0Tmj8ACp8uxBj1b2fJojE%2By0qjW4w564m0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 861d52ebee7e6ae2-FRA
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 13:52:15 GMT

GET
H2 200 XP_Site_Background_Less_Grainy_WEBPv3.webp
cdn.hngr.co/xp/heroes/ 340 KB
341 KB 40ms
11ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/heroes/XP_Site_Background_Less_Grainy_WEBPv3.webp
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9a03f78d4fdbf1c14ebc2771b7a048a83ed1698705a2c16db2afd0fb34f8bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: CHBsnr4tg3asFlJy..L5VAmYgFgJs3B1
date: Sat, 09 Mar 2024 15:52:05 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 17:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11470
x-amz-server-side-encryption: AES256
etag: "c4569fe37bce8adb2152889bcf7f90e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 348650
x-amz-cf-id: iBvIxil7LJ8f0tK-Zut-JjniBLpgGq8APIeVf_QSfqDCD2yCT6aHPQ==

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1494 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bd95f91baabd29b68d8b2a9fcc69b334fb08dbcbd6e74c34551990974d264c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LCVjEBCkA0q6L1rouGAL1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xp.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LCVjEBCkA0q6L1rouGAL1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Mar 2024 19:03:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 1494 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 07:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 07:30:28 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 1494 494 KB
196 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 18:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 18:36:21 GMT

GET
H2 200 tswift.jpg
cdn.hngr.co/ticketdex/artists/Taylor%20Swift/ 192 KB
193 KB 12ms
10ms Image
image/jpeg 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/ticketdex/artists/Taylor%20Swift/tswift.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fcb59c1b2732bb975f8bd6bce13b68402952a0f17b12d9f56f16cee9110448d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: ivbs3tdsefYkcjjB9Jg8B_7j_YCU_9ml
date: Sat, 09 Mar 2024 06:37:03 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Fri, 01 Sep 2023 21:45:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 44772
x-amz-server-side-encryption: AES256
etag: "e0273ca3eca6e20bdf76fba5209a30f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 196550
x-amz-cf-id: 3HU5BPqcxIwYXYtdH6qXdiI0ZD3SQyEvEc48N6GD2mn3xlOZCqILhg==

GET
H2 200 993014053_0.jpg
cdn.hngr.co/performers/apple/ 561 KB
562 KB 36ms
35ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/993014053_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b40f6b8d5873db73881656441cc18c4ffa42010a32add6733f0e6d913ba5f32d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: droRorkth2mKNBn_hlHeVYb8wHukFA7k
date: Sat, 09 Mar 2024 15:52:05 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:41:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11470
x-amz-server-side-encryption: AES256
etag: "00a70acc511ccce957548221120d0670"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 574596
x-amz-cf-id: 8zalLxL7xMtigXvMjyXFtic1drki2ImqzXaG59suaz2Y1SOrQk0ewQ==

GET
H2 200 ufc.webp
cdn.hngr.co/ticketdex/artists/UFC/ 149 KB
149 KB 37ms
35ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/ticketdex/artists/UFC/ufc.webp
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 001da1ce5207c9ebe4af62fb5f9ef224d98ba2bd9957543195cac1da83bf46c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: xcTiP0Rt7cWgSeGxwRYXciKH8zM2555B
date: Sat, 09 Mar 2024 15:52:05 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Wed, 18 Oct 2023 18:40:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11470
x-amz-server-side-encryption: AES256
etag: "ba19f1f6a759a017eb6db3c938ecff3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 152128
x-amz-cf-id: 2NCIzBmiasSWQu_pRriMYvRYP4cu17FAsUKzehvtaiAwyik1xPhGkQ==

GET
H2 200 Kenny_Chesney.jpg
cdn.hngr.co/ticketdex/artists/Kenny%20Chesney/ 394 KB
395 KB 15ms
14ms Image
image/jpeg 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/ticketdex/artists/Kenny%20Chesney/Kenny_Chesney.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26cf3c16397342eaa58df6d157cacc134ce77593f2acaa699c2fff22fd16b1db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: j.LUqDgr_s1onYmFVI57S9zL5Toqsf2Y
date: Sat, 09 Mar 2024 15:52:05 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Wed, 08 Nov 2023 15:55:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11470
x-amz-server-side-encryption: AES256
etag: "0a72c025060580ed862303d319c1a46b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 403598
x-amz-cf-id: SFZJqZun3cCHCzufh1m6MDzr4JmtzI9rbMj11NEkY4NKKmOrXZLBjQ==

GET
H2 200 829142092_0.jpg
cdn.hngr.co/performers/apple/ 3 MB
3 MB 31ms
30ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/829142092_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31b2d04446fd5c796d194d3ee3813374224f9a1f66c0f31164d4ada352758a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: IQoqheECALwoC.x8n7xx9mxvkeKu5HSb
date: Sat, 09 Mar 2024 15:52:05 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:33:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11470
x-amz-server-side-encryption: AES256
etag: "3391e018c053c9be380e8a35f2f9e175"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 3200700
x-amz-cf-id: S6WKxFQ4dQNZy_lQ6QWrdim38ZIVDXB-0rRC1_Og1YHfD1ohUHn90g==

GET
H2 200 14450-dd081922-81a1-401a-9a96-466baa0c9eb0.jpg
cdn.hngr.co/xp/performer-images/ 244 KB
245 KB 26ms
24ms Image
image/jpeg 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/performer-images/14450-dd081922-81a1-401a-9a96-466baa0c9eb0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f559328fc7464c8eba42a44881a16ada9e72d8a11b1598dc0ffa9d4325653e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id: 5VvcvmV6QrmAw2gqPopso7y37eOYdbwj
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 15 Feb 2024 20:22:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 44772
etag: "7c99602496673849fccbf0a4edece02b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 250295
x-amz-cf-id: eWJLR2k_ZjsZ2m97Mv7jJNp0pPH61NbRAVwiVWwbMXs10fvLJZUwlg==

GET
H2 200 485953_0.jpg
cdn.hngr.co/performers/apple/ 2 MB
2 MB 35ms
33ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/485953_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2991fb5c323d90ecb01e1da10b1e67193af2af30f99eadc8f65df19a21491f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id: Tp1ovySu0xEFo8IVQXpdJedm0pYyzg7d
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:37:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 44772
etag: "800037939af89d99ce81b0d288748d7a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 2150137
x-amz-cf-id: YSVaUwImeb5Ux9VK60vgnhzGuSK-ltq1tp3Wolz7LVeJ5XoOm_BdlQ==

GET
H2 200 12576-dd784384-b08d-45cb-9aa6-5c6b0ca80ca0.jpg
cdn.hngr.co/xp/performer-images/ 58 KB
58 KB 35ms
34ms Image
image/jpeg 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/performer-images/12576-dd784384-b08d-45cb-9aa6-5c6b0ca80ca0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a6e42b5f0f0a24733687fdda3750590330295a2737047621a2f6ea9e81d8256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id: dtPtC9CAoNPHK10TFh_6lU7ynfGufi67
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 14:23:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 44772
etag: "3a381a50f6ce5e9614daa3f401fe00c2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 58932
x-amz-cf-id: yfq1dkSULDMiWhkh6OuHQ-4ldIz-SQujmbKQhexbvKdVBY33OuxR3g==

GET
H2 200 96353_0.jpg
cdn.hngr.co/performers/apple/ 2 MB
2 MB 35ms
34ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/96353_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b04f320935e6af2fb98db96fedbcf673fc29db197f3af31066fa187fad8ac879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: mC3Stw9adoEfuIDo36ZBcfkU6LHgn66t
date: Sat, 09 Mar 2024 15:52:05 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 02 Nov 2023 17:18:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11470
x-amz-server-side-encryption: AES256
etag: "10c10069965092fed6ccb614f8a51ec0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 1586870
x-amz-cf-id: IeSQLMMdEUrTvdd5mgZvEVlZCPi8p1UD2mMCENvwBIv80oHh6_PmwQ==

GET
H2 200 3996865_0.jpg
cdn.hngr.co/performers/apple/ 5 MB
5 MB 35ms
34ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/3996865_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 172a8b8e74e952dc54c4b927097ebd03987e8188e4697df51206d663c265e559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: FHpWPjBMXf6O.qcYGHbJHfJcDW.j6Kko
date: Sat, 09 Mar 2024 15:52:05 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:35:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11470
x-amz-server-side-encryption: AES256
etag: "dd397f293869bc8c084d4abbc1f389eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5506216
x-amz-cf-id: K-WnzRoP9tHx0KfoyULbThcOHiJ29JSz0X_Ebnhl51NCfxTE9_RLvg==

GET
H2 200 1436413980_0.jpg
cdn.hngr.co/performers/apple/ 1 MB
1 MB 36ms
35ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/1436413980_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f8bcc2025d2c56f2bf8e91b0026b850aa3eaf4807d983daa86dfd226609f4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id: 4PjkF3l3QT3f2qO1n2S2anARR5.FCu.c
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 02 Nov 2023 17:11:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 44772
etag: "5ec57c647098a8cd5750c28209d930fa"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 1344975
x-amz-cf-id: CicLOESvzfZLodyW3ctg-cMvjYqBJVY42pYLvqsb-k40zRIhxcaGIQ==

GET
H2 200 271256_0.jpg
cdn.hngr.co/performers/apple/ 1 MB
1 MB 538ms
537ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/271256_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 400482eecc81a1b6f6f45c03efea336730e798916f63f5a6aa82b542293b2c8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:16 GMT
x-amz-version-id: e71slgTOfghBekQRhanGyMpc9iRuQaE5
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:33:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "b95c5869a29a59a9009755a0cf647d76"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 1094104
x-amz-cf-id: FlDPGHltFKywImI7sPRHqfKf9tGxsqc9Zlul0yUxsoGNdZJgGiYVbw==

GET
H2 200 14819-85d8d988-7e81-46aa-931d-f5a5006b21cb.jpg
cdn.hngr.co/xp/performer-images/ 768 KB
770 KB 36ms
35ms Image
image/jpeg 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/xp/performer-images/14819-85d8d988-7e81-46aa-931d-f5a5006b21cb.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa7c5ffa27b46017a62670d98b2b2afe177192d85a41080e7b4d81670595e0d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id: QIr1LZ8s4RcTwawG5LBTnT4OyOHepCYr
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Mon, 18 Dec 2023 22:04:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 44772
etag: "37739912884910307066efe39563abb9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 786837
x-amz-cf-id: vDP7tSzEAdpD-9NCqwUJliVn3xkkXBI_k0F8PnJi9jn34PHPrdipVA==

GET
H2 200 815635315_0.jpg
cdn.hngr.co/performers/apple/ 4 MB
4 MB 128ms
127ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/815635315_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcca199ea7b457bf28257b9baea1671c76d9f993e06046319dbe65f7882ceb04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: rLuv5EOrW.jS6TpMtjI.AR6NQE3yqzF2
date: Sat, 09 Mar 2024 15:52:05 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 02 Nov 2023 17:18:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11470
x-amz-server-side-encryption: AES256
etag: "8bf4c6a0634c6fec29b6958a22dbee0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 4277171
x-amz-cf-id: r61YmXo5QuXbgkRexC2GBBqXGYBUZcZLlI1aEwGoXjdgR818jmOpyw==

GET
H2 200 129045039_0.jpg
cdn.hngr.co/performers/apple/ 674 KB
675 KB 538ms
537ms Image
binary/octet-stream 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hngr.co/performers/apple/129045039_0.jpg
Requested by: Host: xp.xyz
URL: https://xp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a88f29729747fb24cb5fa9c592e1a7acb0c0888b0a9e8de7bf4ca67100ebfa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:16 GMT
x-amz-version-id: FGOlQnL7T8Y1D.rNC6zwHLjtAf.20nbS
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:37:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "6bec46e8ac61715512e731cdc1aaec36"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 689854
x-amz-cf-id: U961faxU9GYnlZnrFU0PqbnPzNOjQUHSrog_TSTYlitUmt52SbdNMw==

GET
H2 200 Sequel100Black-85.b6e03c89c405e3d2409a.ttf
xp.xyz/static/media/ 46 KB
23 KB 9ms
8ms Font
font/ttf 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.xyz/static/media/Sequel100Black-85.b6e03c89c405e3d2409a.ttf
Requested by: Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 938c4c5f11cc2bc38dba9a06da56853e654dccc7f35e33cb1b1cd9aa1ee8ebbf

Request headers

Referer: https://xp.xyz/static/css/main.ac5cee37.css
Origin: https://xp.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:32:08 GMT
content-encoding: br
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 20:23:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 81066
etag: W/"31a9c9aa3bcd926ba76919938549cd33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: BPmYfGRBOQLG-B-bap3v-7o-55XNRdo8itgsc8GW85kzha7YZbDPbA==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1494 19 KB
14 KB 59ms
59ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b69c2738f3e33dfa085ddc33b5b4cf6845b2e1a3d02d8b74be0f272285db9c18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sat, 09 Mar 2024 19:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 09 Mar 2024 19:03:14 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1494 600 B
624 B 9ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:30:13 GMT
x-content-type-options: nosniff
age: 433981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 18:30:13 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1494 530 B
554 B 10ms
10ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:17:32 GMT
x-content-type-options: nosniff
age: 431142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 19:17:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1494 665 B
689 B 11ms
10ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 11:42:02 GMT
x-content-type-options: nosniff
age: 199272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 14 Mar 2024 11:42:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1494 15 KB
15 KB 53ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:26:23 GMT
x-content-type-options: nosniff
age: 423412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 21:26:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1494 15 KB
15 KB 88ms
58ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 04:50:44 GMT
x-content-type-options: nosniff
age: 310351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 04:50:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1494 15 KB
16 KB 49ms
19ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 381098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 09:11:37 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 1494 17 KB
7 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 18:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 18:13:58 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 1494 28 KB
28 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6mrMcnZ-XRe9BBle1_NT7_zgOb9CpqPEnPbhH28C17m4B4QbUJ2MqAa-kVB-hIM7mupoI9JwgtNRGy3FwHlQDrRgD6f4RrTAop1HJe4VfW0y7Enya3Zgu_yRktezGygnkzBHe_G3oF0DzN1QCcRQAf9hHqkZNkhTAEwvPYnc0-PzBnZGvYcoVDshmnupITjU3mc1bUpu48Ds6WaQlCRgLuSG5cHA&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

631e44e3a32f593b0d44d9564bfc99e0b4bfaa5c464c7ac90dc51b31c7de4b79

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:15 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 09 Mar 2024 19:03:15 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame D2BC 0
272 B 579ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 09 Mar 2024 19:03:15 GMT
x-stripe-server-envoy-start-time-us: 1710010995757204
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710010995756768
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame D2BC 0
274 B 577ms
183ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 09 Mar 2024 19:03:15 GMT
x-stripe-server-envoy-start-time-us: 1710010995757154
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1710010995756794
access-control-allow-credentials: true
content-length: 0

GET
H2 200 web-widget-chat-incoming-message-notification-a8e2471.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FFB2 236 B
841 B 35ms
35ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: 1SQhkWkfVry4zKqC.d.MJhJxkoua2r26
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DCT7TXFJFAMBEJPX
age: 290383
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: uBT82rJUq9fxREdrtYy8BQE+RlOzb0OgR2TSL+60RNWz3y9+KIu0D2VtFCRsNWYOqDlrRRH8Stk=
last-modified: Mon, 04 Mar 2024 13:52:16 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8x%2Fb7kfwV9qnImUNMrnzbSZVEMcoX7icBxS%2FeEzXF6uqZWfcv1IJH41rXWlU57qAyEE4h%2Bz31LgKKAhGsLz0ERtTeMdB1ifQ926Hm19yvxX9%2BWEz9h%2BwamQNHvje2lnUoO%2Fun8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 861d52f3fb906ae2-FRA
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 13:52:15 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame FFB2 19 KB
20 KB 27ms
27ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: xp.xyz
URL: https://xp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id: 7mQmj5CjPPHXphZWB9MwFHsB8G6GZRZR
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HT3YBWDSMX7GGWKJ
age: 10164057
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: u4rjVl6bznOFELXxWcdEy4cxf3HS8QD5+1jVYrU8pTGZTnnUMyhwdvSjilQjVnwTrzYblOccmBE=
last-modified: Tue, 26 Sep 2023 06:59:46 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot7Qm0klpKE6fvi1el4Q9i8JwRYiR3vH640lnrIaquF9YeSvASK9nnW5CLG831T3cC2iHmykSYsEmIJOtWAem%2BNvmuyleAh%2FgRpG%2FhWnDbl%2BItAI5FE%2F3b4VB2GKEkCwn1Eak3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 861d52f43be66ae2-FRA
access-control-allow-headers: *
expires: Wed, 25 Sep 2024 06:59:45 GMT

POST
H2 200 / Show response
o133761.ingest.sentry.io/api/4505557805563904/envelope/ 41 B
368 B 57ms
25ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o133761.ingest.sentry.io/api/4505557805563904/envelope/?sentry_key=6bb349aba87347d6b4af354ce446661e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.49.0

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

88895d105e5970e51e2836a364df66612653931e60c6f2375d67ed884a87f971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://xp.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Mar 2024 19:03:16 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 i
r.lr-ingest.io/ Frame 0
0 367ms
113ms Preflight 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-ee55713e-6f2b-4c70-acf9-1e5748859796&t=a48b9e2c-6d89-42fc-a4a2-048a23f455aa&s=0&rs=0%2Cu&u=5f59f574-6767-41eb-889a-aae690357b81&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Sat, 09 Mar 2024 19:03:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.lr-ingest.io/ 6 KB
6 KB 2165ms
1601ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-ee55713e-6f2b-4c70-acf9-1e5748859796&t=a48b9e2c-6d89-42fc-a4a2-048a23f455aa&s=0&rs=0%2Cu&u=5f59f574-6767-41eb-889a-aae690357b81&is=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

f05ccfe88420175dc603d9b4702139773d1d2142a27144f72aa9c2378b089a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://xp.xyz/
X-LogRocket-Relay-Version: 2023.12.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"1734-YpqfunMGwLF9wmdZptRq1pfazfw"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 5940

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 825D 200 B
884 B 8ms
8ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xp.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 242664
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 19:03:18 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 61691
x-content-type-options: nosniff
x-request-id: e5fa71c7-e9eb-46fa-a343-40d91d069375
x-served-by: cache-fra-etou8220109-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 825D 526 B
449 B 8ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 19:03:18 GMT
via: 1.1 varnish
age: 305523
x-cache: HIT
content-length: 315
x-request-id: fb2777dd-fbdd-465d-89aa-adbfde265eb0
x-served-by: cache-fra-etou8220109-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 58580

GET
H2 200 inner.html Show response
m.stripe.network/ Frame BE5A 930 B
2 KB 58ms
9ms Document
text/html 2600:9000:2057:e400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 200
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Mar 2024 18:59:59 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id: HkPx5ripdx7RIoVj5l3zFvx27hgrB96ouGJOGBQH1PdXyqb0GiatBA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame BE5A 87 KB
16 KB 10ms
9ms Script
text/javascript 2600:9000:2057:e400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:01:49 GMT
content-encoding: gzip
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 90
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: zUjlXinfOXSPQ3jvo7tOTds8NVw1MAZpglFo3t5N2EyIS2MuKYrzTQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame BE5A 156 B
668 B 563ms
183ms XHR
application/json 34.212.84.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.212.84.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-212-84-166.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

aa1ba0a0d51048667dc23ac16debc42c169505ab5fa61f271005b2d1fe1dcdec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 09 Mar 2024 19:03:19 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710010999159029
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710010999158372
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45be4360v9130944946za201&_p=1710010993566&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1577528411.1710010994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1710010994&sct=1&seg=0&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=scroll&epn.percent_scrolled=90&tfd=5798
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 19:03:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xp.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45je4360v9130944946za200&_p=1710010993566&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1577528411.1710010994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1710010994&sct=1&seg=0&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=scroll&epn.percent_scrolled=90&_et=18&tfd=5801
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xp.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 19:03:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xp.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame D2BC 0
272 B 184ms
184ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 09 Mar 2024 19:03:19 GMT
x-stripe-server-envoy-start-time-us: 1710010999618674
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710010999618220
access-control-allow-credentials: true
content-length: 0

POST
H2 200 i Show response
r.lr-ingest.io/ 0
435 B 181ms
181ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-ee55713e-6f2b-4c70-acf9-1e5748859796&t=a48b9e2c-6d89-42fc-a4a2-048a23f455aa&s=0&des=true&rs=0%2Ct&u=5f59f574-6767-41eb-889a-aae690357b81&is=1

Requested by

Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://xp.xyz/
X-LogRocket-Relay-Version: 2023.12.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:03:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 0

OPTIONS
H2 204 i
r.lr-ingest.io/ Frame 0
0 114ms
114ms Preflight 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-ee55713e-6f2b-4c70-acf9-1e5748859796&t=a48b9e2c-6d89-42fc-a4a2-048a23f455aa&s=0&des=true&rs=0%2Ct&u=5f59f574-6767-41eb-889a-aae690357b81&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://xp.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Sat, 09 Mar 2024 19:03:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:19:22	Name: _GRECAPTCHA Value: 09AI0kreJKJYMbE3cSxs1ZBMB1Ar1hbj3n4NZoGPLBQsk0iec8nmBGJBu8OwdPa9Kd8cYMQI51dbf3OgnyglMyYwY
.xp.xyz/	1970-01-20 21:09:46	Name: _gcl_au Value: 1.1.1467846874.1710010994
.xp.xyz/	1970-01-21 04:36:10	Name: _ga Value: GA1.1.1577528411.1710010994
.xp.xyz/	1970-01-21 04:36:10	Name: _ga_FNW94WS062 Value: GS1.1.1710010994.1.0.1710010994.0.0.0
xp.xyz/	1970-01-20 19:01:37	Name: _lr_tabs_-ivunb2%2Fhngr Value: {%22sessionID%22:0%2C%22recordingID%22:%225-ee55713e-6f2b-4c70-acf9-1e5748859796%22%2C%22webViewID%22:null%2C%22lastActivity%22:1710010994101}
xp.xyz/	1970-01-20 19:01:37	Name: _lr_hb_-ivunb2%2Fhngr Value: {%22heartbeat%22:1710010994101}
xp.xyz/	1969-12-31 23:59:59	Name: _lr_uf_-ivunb2 Value: ec2f94ae-6ed2-45dc-b98a-8dbfda58caff
.xp.xyz/	1970-01-21 03:45:46	Name: _privy_AF7240E62E5BB1F64E2D0FA3 Value: %7B%22uuid%22%3A%223cd9775a-a530-476e-a071-a7f041aa5e78%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22DE%22%2C%22region_code%22%3A%22DE_%22%2C%22postal_code%22%3A%22%22%7D
.doubleclick.net/	1970-01-20 19:00:11	Name: test_cookie Value: CheckForPermission
widget-mediator.zopim.com/	1970-01-20 19:10:15	Name: AWSALBCORS Value: oDlCbt8rDiVQt++sToV5Y0n+ntDoNYKZpUgfGf8G/rLlF9lJVaHQRK5s2aceJEDHbfxvcHo/7S++doqYoujD8gJxpDVm/BeRLvbP7xwWGZbGenwT6sNIKQfFcQg8
.xp.xyz/	1970-01-21 03:45:46	Name: __zlcmid Value: 1KhmYZM31F7XONX
m.stripe.com/	1970-01-21 04:36:10	Name: m Value: 0d786c44-4581-44b9-b08b-9a521c0e480206d8f4
.xp.xyz/	1970-01-21 03:45:46	Name: __stripe_mid Value: c3ee492a-8f62-4ad1-9fca-97f85da716c17c1d9c
.xp.xyz/	1970-01-20 19:00:12	Name: __stripe_sid Value: 139109fc-c06e-47e5-976c-a9ac8a2f7a71da1625

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1514233069351079?v=2.9.148&r=stable&domain=xp.xyz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://xp.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xp.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xp.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xp.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.privy.com
api.xp.xyz
assets.privy.com
cdn.hngr.co
cdn.lr-ingest.io
connect.facebook.net
ekr.zdassets.com
events.privy.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hngr-icons.s3.amazonaws.com
js.stripe.com
m.stripe.com
m.stripe.network
o133761.ingest.sentry.io
r.lr-ingest.io
r.stripe.com
region1.google-analytics.com
static.zdassets.com
tk3d.tk3dapi.com
widget.privy.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
xp.xyz
xpsupport.zendesk.com
104.16.51.111
104.18.72.113
104.198.23.205
151.101.64.176
172.217.23.98
18.66.122.25
18.66.97.11
2001:4860:4802:34::36
2600:9000:2057:e400:19:7d10:bd80:93a1
2606:4700:10::6816:146c
2606:4700:10::6816:156c
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2002
2a03:2880:f084:105:face:b00c:0:3
2a06:98c1:3120::3
3.5.6.179
34.120.195.249
34.212.84.166
52.222.139.124
52.55.175.18
54.187.159.182
001da1ce5207c9ebe4af62fb5f9ef224d98ba2bd9957543195cac1da83bf46c6
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
11bd041ab0fc6de3bb51707ba58f50f1a6f7dd273d4506ff5abb91a29377d6fe
153771fa4bd1db6b3dbce81e61081312d9ebe1cc8dc80379d0cefabfda339ac9
172a8b8e74e952dc54c4b927097ebd03987e8188e4697df51206d663c265e559
173a14a0d6085072cb655a381aae7949612c0d76c1e7de780288b74939363fdb
1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6
181fe485ffdfce46542d6d1dd5063b7bc4110deabb3b2ad9026aca860aef2466
19e3336736fd2eacc993e742f8b846b2d0baa56612914c33928b1ad9cb8a3ca1
1afd4c14480421a77cec441591c9fb3368c64fc39a4234cf5f29c6d5a5e47483
1b8b5e61808de5a49a7390d1ea88700c98e190aa6457e35804aa0cc7a17f014a
1bfb181330911e3736a1fe85f14a2ca94b4728ce86887d11e6b4fea110cd1292
1e0f340f831eb085c8bd435cb1b0aeda4b354a21cef0fdcd513bda168df5d234
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
228606fc973e515df5c25fdb162fc458ed708b36998343ed11213dbfef9d39d3
25b56ccb76e9fd9c4f51c3a640d62e35ac3bfc203f1877f410f5425836707f7b
26cf3c16397342eaa58df6d157cacc134ce77593f2acaa699c2fff22fd16b1db
2991fb5c323d90ecb01e1da10b1e67193af2af30f99eadc8f65df19a21491f5f
2c0a75d7e84a90aba9d68dc5b54e7afedf58b4bbf7221aa78dcb9c4f26f87364
2fcb59c1b2732bb975f8bd6bce13b68402952a0f17b12d9f56f16cee9110448d
31b2d04446fd5c796d194d3ee3813374224f9a1f66c0f31164d4ada352758a22
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3c1c1b5b523a4a35824c5ebf0b8f56b003dc1ccbef4e654cc459face31659445
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
400482eecc81a1b6f6f45c03efea336730e798916f63f5a6aa82b542293b2c8e
416a7a95985905a45a20c475aed096a6f14be534d65ca46135128a32c13c02b9
41773beda8273a4d80ece7b051f2887484aed8d6c49d2bb59b6bc01c46e5afbd
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4a6e42b5f0f0a24733687fdda3750590330295a2737047621a2f6ea9e81d8256
4bd95f91baabd29b68d8b2a9fcc69b334fb08dbcbd6e74c34551990974d264c6
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5525d5961de144e10b645a51812010a937ae8512146a39f1887feb701d847e17
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
55cf313f6b5cfc7b15b38fb6e04f48c09430d5a3073a492155c57925720b2941
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
58d85ba8e53eddc3d87dc3d8c114812bc7cfd1d49f658d7a0827a898b708d6ec
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6000da7742d628c23e3cd593a7bba296e12a941bb0001ca82595308350c15c3e
631e44e3a32f593b0d44d9564bfc99e0b4bfaa5c464c7ac90dc51b31c7de4b79
6b12dfb45966def07bc06ba651c5b58b92d4c491ded04df206f33f6683cae782
6f8bcc2025d2c56f2bf8e91b0026b850aa3eaf4807d983daa86dfd226609f4fe
6f9e1f7d958504bda830cee98f04be515a1ff456440678873a69be15499505b2
7007e23ccf56e65c61987411b19cdf4d00805d248e9fa5d7792893a7d22a0f54
711c03b2458e6f86906e934135cc87eb182de911086fe97209468d5f1181cae8
738e5280b8e9abc67656062da2943c575aeecf731a06388f615b94df4b2d8526
754b8757b0b21fbbf8665b79b69d06c4fddfaffad4b33be480c0cb92ed639016
756cd5368e3bf22664232c8228b5d7d572cf4b6b8f912ff17da005caea7790c0
7641dd581b49197ec3e16b4ffc870e8bcc65dde3f9566452c729b43a6af14b7f
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
7f82b072aaad42586193d77e42da8a7429d285c23c4e1216159fd4f71f67e448
7fbe8a94ecb5d03772bd3de4e36a8b484d905a8be393f49201932f4521725ff4
7fcd7c9a055e8565e3191344be5ba42d563c5fe2b944ca0dd259783db192b8df
8798694de163b0d0fb659a75ec2c8065c4e20858256edaa4a4710161b3e708bc
88895d105e5970e51e2836a364df66612653931e60c6f2375d67ed884a87f971
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a88f29729747fb24cb5fa9c592e1a7acb0c0888b0a9e8de7bf4ca67100ebfa6
92ba422186fcdf423baaae445c3535672f485c5bf9b0a40b4eb6dd4a2222bb2c
938c4c5f11cc2bc38dba9a06da56853e654dccc7f35e33cb1b1cd9aa1ee8ebbf
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9520b2cb671d613ff9f2ae92c8de2305abfc8ad6a24cd7ad5d89203c60aa8432
95ed9f1c3f7ca7107140863bcd0ca2349eaf412734dbf27702e9a31fd3ec329a
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a588343e33efac9f375d8a1f704e96a77f0397cf1c1e0a0dcdfc2dfbd939b726
a7e433db6a5e93d9fd34379bf9d3dee291b8bc60fc0cfebb86dfc66b23270e5f
a8a9df836dd171e25a9d1ce224d0f56547b6b06d079eeb3015536cf71ff4b4a7
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
aa1ba0a0d51048667dc23ac16debc42c169505ab5fa61f271005b2d1fe1dcdec
b04f320935e6af2fb98db96fedbcf673fc29db197f3af31066fa187fad8ac879
b3820e0459f9097db723db1f155653dbcf7d3a91be374e104db2dc3d67f55c4d
b40f6b8d5873db73881656441cc18c4ffa42010a32add6733f0e6d913ba5f32d
b69c2738f3e33dfa085ddc33b5b4cf6845b2e1a3d02d8b74be0f272285db9c18
b9a03f78d4fdbf1c14ebc2771b7a048a83ed1698705a2c16db2afd0fb34f8bba
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc2dd9fb17a446efda2af3332c80f861f9b5d8f313201e452d45fbd8bdd79522
c07c6b0d23cf877e90e0a11ca66f62be222e0209896ddadb5dee9b8965be1212
c6401271f271365b2b9b0402a3f77240c6b13453893ef5331ee247b28297b759
c6916492b79e293bea696f469dfdc4ee3c3cb32b0e7d4e88463a7efc504074e2
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9b1c975871e139ec3dce8ca5d2cea862edf5572c930da5952c31a0e72a71ba2
c9c15065d3d64c404a86c89dda2b7720f72ae7a755b248435af94cde1f790a5b
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d40b07c587acdc51adb1b5f200b3586054d61637fd7d76a45f61bb330eae0eef
d492fb6ef3f5ff87d9f2121102e08ad06456088dc639db43bff5b16abc9a4eed
d5c9826032018406a861a5e1666b795fdb83d1c5f727ca63b2a98466261ed257
dcca199ea7b457bf28257b9baea1671c76d9f993e06046319dbe65f7882ceb04
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ccfe88420175dc603d9b4702139773d1d2142a27144f72aa9c2378b089a7d
f28f3a085b5b313f188dac78cb183da7831fa11d65939b93edd959e8057bebb1
f559328fc7464c8eba42a44881a16ada9e72d8a11b1598dc0ffa9d4325653e88
f6369864f88c35b1302ab28dbaa8944f4f275f11a3e43bd96187cc79bf82699d
f74af822db7aa4ed1c03da76062e7909ff2aae04d06ed5c15277d938eb7de383
fa7c5ffa27b46017a62670d98b2b2afe177192d85a41080e7b4d81670595e0d8
fd001e1bc3113a96f7c6aa411b4e56ab3caf4c9f92f8f6212bf3ead688472a8c
ffae9431def3390a1dc09d80a41f9c224affd01ad64970dc157790e9dbdf7721

xp.xyz Open in urlscan Pro 18.66.97.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

129 Requests

98 %HTTPS

50 %IPv6

20 Domains

29 Subdomains

26 IPs

3 Countries

34054 kBTransfer

44536 kBSize

14 Cookies

8 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xp.xyz Open in urlscan Pro
18.66.97.11 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

98 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

26
IPs

3
Countries

34054 kB
Transfer

44536 kB
Size

14
Cookies

129 HTTP transactions
0 data transactions