URL: https://xp.xyz/
Submission: On March 09 via api from US — Scanned from DE

Summary

This website contacted 26 IPs in 3 countries across 20 domains to perform 129 HTTP transactions. The main IP is 18.66.97.11, located in United States and belongs to AMAZON-02, US. The main domain is xp.xyz.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 22nd 2023. Valid for: a year.
This is the only time xp.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 18.66.97.11 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.222.139.124 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
7 104.18.72.113 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 151.101.64.176 54113 (FASTLY)
2 2a03:2880:f08... 32934 (FACEBOOK)
10 3.5.6.179 14618 (AMAZON-AES)
20 52.55.175.18 14618 (AMAZON-AES)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.217.23.98 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 104.16.51.111 13335 (CLOUDFLAR...)
16 18.66.122.25 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 54.187.159.182 16509 (AMAZON-02)
1 34.120.195.249 396982 (GOOGLE-CL...)
4 104.198.23.205 396982 (GOOGLE-CL...)
2 2600:9000:205... 16509 (AMAZON-02)
1 34.212.84.166 16509 (AMAZON-02)
129 26
Apex Domain
Subdomains
Transfer
29 xp.xyz
xp.xyz
api.xp.xyz
2 MB
16 hngr.co
cdn.hngr.co
22 MB
12 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1155
r.stripe.com — Cisco Umbrella Rank: 2301
m.stripe.com — Cisco Umbrella Rank: 1134
487 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
684 KB
11 privy.com
widget.privy.com — Cisco Umbrella Rank: 20941
api.privy.com — Cisco Umbrella Rank: 20737
assets.privy.com — Cisco Umbrella Rank: 36861
events.privy.com — Cisco Umbrella Rank: 38804
250 KB
10 amazonaws.com
hngr-icons.s3.amazonaws.com
7 MB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
88 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2184
ekr.zdassets.com — Cisco Umbrella Rank: 2517
361 KB
5 lr-ingest.io
cdn.lr-ingest.io — Cisco Umbrella Rank: 18489
r.lr-ingest.io — Cisco Umbrella Rank: 21501
172 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2089
356 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
301 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1243
18 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
69 KB
1 sentry.io
o133761.ingest.sentry.io
368 B
1 zendesk.com
xpsupport.zendesk.com
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6744
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 124
2 KB
1 tk3dapi.com
tk3d.tk3dapi.com — Cisco Umbrella Rank: 58944
25 KB
129 20
Domain Requested by
20 api.xp.xyz xp.xyz
16 cdn.hngr.co xp.xyz
10 hngr-icons.s3.amazonaws.com xp.xyz
9 www.google.com 1 redirects widget.privy.com
www.gstatic.com
www.google.com
xp.xyz
9 xp.xyz xp.xyz
8 www.gstatic.com www.google.com
www.gstatic.com
8 js.stripe.com xp.xyz
js.stripe.com
6 assets.privy.com widget.privy.com
assets.privy.com
6 static.zdassets.com www.googletagmanager.com
static.zdassets.com
xp.xyz
4 r.lr-ingest.io xp.xyz
4 fonts.googleapis.com xp.xyz
assets.privy.com
3 r.stripe.com js.stripe.com
3 fonts.gstatic.com xp.xyz
3 region1.google-analytics.com www.googletagmanager.com
3 api.privy.com xp.xyz
3 www.googletagmanager.com xp.xyz
www.googletagmanager.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 connect.facebook.net xp.xyz
connect.facebook.net
1 m.stripe.com m.stripe.network
1 o133761.ingest.sentry.io xp.xyz
1 xpsupport.zendesk.com static.zdassets.com
1 events.privy.com xp.xyz
1 www.google.de xp.xyz
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 ekr.zdassets.com xp.xyz
1 cdn.lr-ingest.io xp.xyz
1 widget.privy.com www.googletagmanager.com
1 tk3d.tk3dapi.com xp.xyz
129 29

This site contains links to these domains. Also see Links.

Domain
xpsupport.zendesk.com
t.me
twitter.com
tamperproof.xyz
gocaptain.com
cdn.hngr.co
Subject Issuer Validity Valid
xp.xyz
Amazon RSA 2048 M01
2023-06-22 -
2024-07-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.tk3dapi.com
Amazon RSA 2048 M02
2023-06-04 -
2024-07-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-17 -
2024-04-16
a year crt.sh
zdassets.com
E1
2024-03-03 -
2024-06-01
3 months crt.sh
lr-ingest.io
E1
2024-01-31 -
2024-04-30
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-02-07 -
2024-05-09
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-12-18 -
2024-03-17
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-03
9 months crt.sh
api.xp.xyz
Amazon RSA 2048 M02
2023-11-08 -
2024-12-06
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
xpsupport.zendesk.com
E1
2024-02-06 -
2024-05-06
3 months crt.sh
*.hngr.co
Amazon RSA 2048 M03
2023-11-03 -
2024-12-01
a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2024-03-06 -
2024-06-06
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-02 -
2024-12-02
a year crt.sh
api.logrocket.com
R3
2024-02-05 -
2024-05-05
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2024-05-23
3 months crt.sh

This page contains 7 frames:

Primary Page: https://xp.xyz/
Frame ID: 219CC74DB60E8ADC75FBFA344F068948
Requests: 81 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
Frame ID: D2BCF2FD0737806BE572D084E1C1C1A7
Requests: 8 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js
Frame ID: FFB2181BB5E6FCFEE7CF43ABD1EEE570
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
Frame ID: 40363CFEE108011DE3A7FBD5D26BD05A
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Frame ID: 1494ADD304AC70020F9DBC2B6B5810B3
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 825D2A2ACA7A2D607E1B3C956B8E263B
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: BE5A90747B638B6B4D78191493C71891
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

XP- Access your favorite shows

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.lr-ingest\.io

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

129
Requests

98 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

26
IPs

3
Countries

34054 kB
Transfer

44536 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxMtfVXafd15fpMkeFzfafPPjRYzZrmI-1A&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC HTTP 302
  • https://www.google.com/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqeOh45OOC0zUQjMyuxrdQ7cygttICsQ&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxPaI3xZsSxGsvtnStnh0EafoeC5tTeFZus&random=3797035085 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqeOh45OOC0zUQjMyuxrdQ7cygttICsQ&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxPaI3xZsSxGsvtnStnh0EafoeC5tTeFZus&random=3797035085&ipr=y

129 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xp.xyz/
3 KB
1 KB
Document
General
Full URL
https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95ed9f1c3f7ca7107140863bcd0ca2349eaf412734dbf27702e9a31fd3ec329a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
br
content-type
text/html
date
Sat, 09 Mar 2024 19:03:14 GMT
etag
W/"52f71e353b4235fe52961cef67c48439"
last-modified
Fri, 08 Mar 2024 20:23:21 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
0S6dDR2h03MuMzFx9ycdO8DNhf9TIQsSsEsBbkdUWwTHb19N6TWi8g==
x-amz-cf-pop
FRA56-P2
x-cache
RefreshHit from cloudfront
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@400;500;600;700&family=Space+Mono:wght@400;700&display=swap
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc2dd9fb17a446efda2af3332c80f861f9b5d8f313201e452d45fbd8bdd79522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Mar 2024 19:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 19:03:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Mar 2024 19:03:13 GMT
dvm.js
tk3d.tk3dapi.com/dvm/v1/lib/stable/
108 KB
25 KB
Script
General
Full URL
https://tk3d.tk3dapi.com/dvm/v1/lib/stable/dvm.js
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-124.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f9e1f7d958504bda830cee98f04be515a1ff456440678873a69be15499505b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 00:10:59 GMT
content-encoding
gzip
via
1.1 ef2cb74895744344a0ea2100fbbb760a.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jan 2024 08:32:11 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
2400735
etag
W/"6ad2a17e44f1642207dc7d8f0f2ae3d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
kIwiaYc7c10MLjI7EU5nYeE0Qxd0bDFZZtoOh3icax1aXTo1TDaW8g==
main.707bf606.js
xp.xyz/static/js/
5 MB
1 MB
Script
General
Full URL
https://xp.xyz/static/js/main.707bf606.js
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8798694de163b0d0fb659a75ec2c8065c4e20858256edaa4a4710161b3e708bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 20:30:28 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Mar 2024 20:23:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81165
etag
W/"2dd200ae61260c1412e8ed56f66a5235"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
_5OooyfHkkEic-aQ1jyYeC9lQCRGT0-MnuXPTt95kBDmRy0UvrnC6g==
main.ac5cee37.css
xp.xyz/static/css/
290 KB
40 KB
Stylesheet
General
Full URL
https://xp.xyz/static/css/main.ac5cee37.css
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8a9df836dd171e25a9d1ce224d0f56547b6b06d079eeb3015536cf71ff4b4a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 20:30:25 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Mar 2024 20:23:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81168
etag
W/"ea5e9af20649d70f967e5f8ed712cb59"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
gZ-2SuGVUgOaexR_CWHaAxaLCLZC_Z52BQdM7z5ma0I2qXc505Mszw==
gtm.js
www.googletagmanager.com/
224 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6916492b79e293bea696f469dfdc4ee3c3cb32b0e7d4e88463a7efc504074e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82348
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Mar 2024 19:03:13 GMT
css2
fonts.googleapis.com/
2 KB
513 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
153771fa4bd1db6b3dbce81e61081312d9ebe1cc8dc80379d0cefabfda339ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Mar 2024 19:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 18:28:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Mar 2024 19:03:13 GMT
widget.js
widget.privy.com/assets/
347 KB
105 KB
Script
General
Full URL
https://widget.privy.com/assets/widget.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5525d5961de144e10b645a51812010a937ae8512146a39f1887feb701d847e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 vegur, 1.1 7cf1868252578a35a0e0b87d3129c07c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
gzip
x-amz-cf-pop
AMS1-P3
age
1033
x-cache
Hit from cloudfront
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709922929&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=KwNKm92TIT1p83SR04Pv7KiuqBbNllt2BlaxagYVbT4%3D
last-modified
Fri, 08 Mar 2024 18:29:11 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709922929&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=KwNKm92TIT1p83SR04Pv7KiuqBbNllt2BlaxagYVbT4%3D"}]}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
861d52e6ef2c68ec-FRA
x-amz-cf-id
V04Tgh7swhf54xq3gaRUsPKwSyyNPFmh8Yp4mEQweT-vaFLkaRmdVw==
js
www.googletagmanager.com/gtag/
342 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f82b072aaad42586193d77e42da8a7429d285c23c4e1216159fd4f71f67e448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112510
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Mar 2024 19:03:13 GMT
destination
www.googletagmanager.com/gtag/
342 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b12dfb45966def07bc06ba651c5b58b92d4c491ded04df206f33f6683cae782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112540
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Mar 2024 19:03:13 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=bca9994f-6c8f-4539-89ac-1a4459127e01
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP2N2L95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:13 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
2R5YDTS5GZCJX74D
age
0
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
f4zcsDVt0bWrZDGr5y/58bGXF/Tek1RwTrj7sBNJCXUG5eD+P3LVrIQrofbUb3s4fGUfFK7Za7I=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOYqtPM%2Bp%2FX8c5Ools3MCRZ1o0GsLsDcVgCo3jPylQLr%2BqckpXGsteHMUVWquhjp8QejKe%2FD3Z07%2BHk3Mx%2FbpFhY2icRR0JzdAZKQHRYyH6deup3V3bFJbE4PPYnxn%2BszIBNEjI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
861d52e6fec96ae2-FRA
access-control-allow-headers
*
logger-1.min.js
cdn.lr-ingest.io/
833 KB
165 KB
Script
General
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1afd4c14480421a77cec441591c9fb3368c64fc39a4234cf5f29c6d5a5e47483
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:13 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230062-FRA
last-modified
Fri, 08 Mar 2024 21:12:19 GMT
server
cloudflare
x-timer
S1709932410.487335,VS0,VE1
etag
W/"8419ea933cb1c2d23937ddb6bf7f74aaa960db03e37294340485c1f47e2d052c-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XhasXIA39BQEKzUbWIDq7FKB7t88kFD35rE03gy5SRuHmNqjR4WHD%2BqCnSc08A68YTpW2cff5nDvp%2F8dQzSa7rgVbLSN9%2BAjJI2wKqUoXP5CVnDZ8TiIpyaHKSeEW9pgw2R2NjgsxMcobOcrFhI"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
861d52e7ce0a698b-FRA
x-cache-hits
1
v3
js.stripe.com/
605 KB
168 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 19:03:13 GMT
via
1.1 varnish
age
25
x-cache
HIT
content-length
171169
x-request-id
eb8fcecb-699d-4ecb-b80d-bf94d65886e8
x-served-by
cache-fra-etou8220109-FRA
last-modified
Sat, 09 Mar 2024 03:14:15 GMT
server
Fastly
etag
"0d82e47134264113b6f556b7b393025a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
fbevents.js
connect.facebook.net/en_US/
215 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Mar 2024 19:03:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
vL9Gsh5Ku2w8NG+qMCWUhFgLKIMB7RDoI1+f7mibZ/D1LXU2Ppmf3GyYPP4tzMG+0SFkamgLmJrcr79nQ8JJiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
XP+Logo.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/
32 KB
33 KB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/XP+Logo.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a588343e33efac9f375d8a1f704e96a77f0397cf1c1e0a0dcdfc2dfbd939b726

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
llv.BSceXar4R0IDhgKW0QYlm8qufd.5
Last-Modified
Thu, 06 Jul 2023 19:07:05 GMT
Server
AmazonS3
x-amz-request-id
3PYZBEVS010X0W3Z
ETag
"58b1609846f639ce497d9853509536e8"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
32978
x-amz-id-2
k5EQP8o3B2fI5UqSy7jz6w3VUEtJtpyQeY+ErpGIytSuM3e1rsrEQyd0BExq98xitrzcnbpPvaN29pqOp6QkvA==
XPGrayscale.png
hngr-icons.s3.amazonaws.com/ticketdex/
4 MB
4 MB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/ticketdex/XPGrayscale.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
228606fc973e515df5c25fdb162fc458ed708b36998343ed11213dbfef9d39d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
Wa1kR7gihMmH2XUOUbtr86EsfPQyzVYs
Last-Modified
Mon, 25 Sep 2023 17:04:38 GMT
Server
AmazonS3
x-amz-request-id
3PYHW95DHN9X30XA
ETag
"8f32fb05b496f91938035446aeb61e42"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3976790
x-amz-id-2
DjJ8neUI6wyIkMtTt4eZljZxDv5W8ctPQelcfK78epVnAIV/IKVtnjwc8nECce9U6qlPiTLan3PNYu15O3oTAw==
xp_logo_stretched_offwhite_noise+2.png
hngr-icons.s3.amazonaws.com/ticketdex/
1 MB
1 MB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/ticketdex/xp_logo_stretched_offwhite_noise+2.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
754b8757b0b21fbbf8665b79b69d06c4fddfaffad4b33be480c0cb92ed639016

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
E1MMA3KOTTT.TpGR9Oj6IFxwXt9bEg4d
Last-Modified
Wed, 27 Sep 2023 21:19:37 GMT
Server
AmazonS3
x-amz-request-id
3PYNHPXR83CQMD0K
ETag
"2edc93b9d1b603b8b6fa4d12ff43f3ce"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1104802
x-amz-id-2
Ur8kIf9Tt6RTvniXINwMipir0q12ToKfoKRrKInJBWTi1ZUG4TbCyVvIUjTHBTwHuQ9n4osuoR05zYhq5kg27A==
XP+Ticket+Mockup+Flipped+2.png
hngr-icons.s3.amazonaws.com/ticketdex/
85 KB
86 KB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/ticketdex/XP+Ticket+Mockup+Flipped+2.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
25b56ccb76e9fd9c4f51c3a640d62e35ac3bfc203f1877f410f5425836707f7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
ZxK4LqnoN1fOANPUYdHihUWknqYUNvJk
Last-Modified
Mon, 25 Sep 2023 17:04:36 GMT
Server
AmazonS3
x-amz-request-id
3PYMJSKBZTKNWTSG
ETag
"14cfb71f4bbcf81d81782073364c184e"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
87405
x-amz-id-2
BEMPAISpVGAusAserbL4Na/cEYZSrboszpkMJ4WY/0k7VMhycoA4tAUjn8ykgE15+NLne30j4hIaeuPUKgffxw==
Globe+Icon+1.png
hngr-icons.s3.amazonaws.com/ticketdex/
67 KB
67 KB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/ticketdex/Globe+Icon+1.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c07c6b0d23cf877e90e0a11ca66f62be222e0209896ddadb5dee9b8965be1212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
SEvuWZ.Eew.Hyt69gBy_cUXGIEd3V98R
Last-Modified
Mon, 25 Sep 2023 22:02:15 GMT
Server
AmazonS3
x-amz-request-id
3PYHEQMEDT5F9FJ4
ETag
"45fe2211a9218d025cb614be7f31276b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68462
x-amz-id-2
OGr+Zyz2KKevNayZKAbA+jHULXWFb7lJfkGX94y0pmu1cnkNYrPlJgDUDiZv6B9VgZRbo4adWZmt+lRdY20n0Q==
Torus+Icon+1.png
hngr-icons.s3.amazonaws.com/ticketdex/
94 KB
95 KB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/ticketdex/Torus+Icon+1.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
55cf313f6b5cfc7b15b38fb6e04f48c09430d5a3073a492155c57925720b2941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
zQNCsjGxdnJQLQw0HtNQwdwrXddC.B4R
Last-Modified
Mon, 25 Sep 2023 22:02:16 GMT
Server
AmazonS3
x-amz-request-id
3PYHW47SB996XNE0
ETag
"eb36971b678c738032f7054d189f8587"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
96531
x-amz-id-2
G8g7TxL+N+m7LNAJr7wMQWjHBZ2wrHdcZoqbco1Iev1Km0jhX8FdPQ5IVRtZtIB8uHLWb/6ueqzSe0TyoApOAg==
Telegram+XP+Glow+1.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/
3 KB
3 KB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/Telegram+XP+Glow+1.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d40b07c587acdc51adb1b5f200b3586054d61637fd7d76a45f61bb330eae0eef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
p31XdP.rafkI7EDQZDnFdW_xH_F_t4HN
Last-Modified
Wed, 07 Feb 2024 23:15:53 GMT
Server
AmazonS3
x-amz-request-id
3PYTH6QWGZB5Z9A1
ETag
"9d500ca1f4ad9646be8eab3084a56a9c"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3040
x-amz-id-2
ogiZNaJFUtAeW1oa3dlepo08pp5wAzpQuFBKFuNpbHMaFZuKnvD2EWZOduhKLVQOMlOJinBsBUqQY9EsAOrOlg==
twitter.png
hngr-icons.s3.amazonaws.com/ticketdex/
10 KB
11 KB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/ticketdex/twitter.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3c1c1b5b523a4a35824c5ebf0b8f56b003dc1ccbef4e654cc459face31659445

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
S1l_74b1EVm2Iv.LdbKLKDsqkIZnjQOQ
Last-Modified
Wed, 23 Aug 2023 18:26:19 GMT
Server
AmazonS3
x-amz-request-id
3PYG682ZWGN427HV
ETag
"2e55618cc9b9657dbbf571fb662bf071"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10683
x-amz-id-2
onPRBuxVvWE2E/YQa4Qwc3CXldZgmqYR7eE5SaJAwOJrTStp2Z+Rsos4dHlrxWUXG5bCjsC2QMh2IXk0kAB6WQ==
XP+Logo+Footer+1.png
hngr-icons.s3.amazonaws.com/ticketdex/
1 MB
1 MB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/ticketdex/XP+Logo+Footer+1.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f28f3a085b5b313f188dac78cb183da7831fa11d65939b93edd959e8057bebb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
nz2.nd4XjvsVRi1zEtO2frkzNxAIL_UX
Last-Modified
Tue, 26 Sep 2023 17:19:45 GMT
Server
AmazonS3
x-amz-request-id
3PYT3S65CBFX4D5D
ETag
"90488b1b7206e392382698d79ef20c6f"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1079288
x-amz-id-2
ZNr9Nc9G26WZqjzZaSak9EUrkKetInRCRJhbMzZ/mQbJ1K/M8Iyrh0hAHkwPcirwMqehOkaa+7rtA6B4J65Jrg==
Crowd3+1.png
hngr-icons.s3.amazonaws.com/supperclub/ticketdex/
810 KB
810 KB
Image
General
Full URL
https://hngr-icons.s3.amazonaws.com/supperclub/ticketdex/Crowd3+1.png
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.6.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b3820e0459f9097db723db1f155653dbcf7d3a91be374e104db2dc3d67f55c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
xo2Nf4FFdDM5pCOaWoTnGjW6Xthh05Ma
Last-Modified
Tue, 16 Jan 2024 19:20:44 GMT
Server
AmazonS3
x-amz-request-id
3PYTE42FX6QXYM03
ETag
"ed9ff44b23eada73fafaafcd1d326840"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
829136
x-amz-id-2
2FdM8Z26S/41hP+NayhEH0p1brqRH78BoRU6DontjL/htnL0ourgekT0em+VWWPKN8+oMrmwP5jfmzztW7cZeQ==
undefined
xp.xyz/
3 KB
3 KB
Image
General
Full URL
https://xp.xyz/undefined
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:15 GMT
content-encoding
gzip
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Mar 2024 20:23:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"52f71e353b4235fe52961cef67c48439"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
cache-control
max-age=0
x-amz-cf-id
CylJvd-w3rSKV8dGi4h_BeRehcUhyThRIIja30uzpswSOaYDlgx5fQ==
RobotoMono-VariableFont_wght.e14e25b7c497634efdfe.ttf
xp.xyz/static/media/
180 KB
121 KB
Font
General
Full URL
https://xp.xyz/static/media/RobotoMono-VariableFont_wght.e14e25b7c497634efdfe.ttf
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
173a14a0d6085072cb655a381aae7949612c0d76c1e7de780288b74939363fdb

Request headers

Referer
https://xp.xyz/static/css/main.ac5cee37.css
Origin
https://xp.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 20:31:40 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Mar 2024 20:23:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81094
etag
W/"336102a48d996db3d945a346b1790b1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
-PqWXsMWpsUfULTL-JsPGq5F01dxQNf8hxozNBsT0QdkKeMS0akDhQ==
Sequel100Black-55.0fcfc4e507ff03dbd933.ttf
xp.xyz/static/media/
46 KB
23 KB
Font
General
Full URL
https://xp.xyz/static/media/Sequel100Black-55.0fcfc4e507ff03dbd933.ttf
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92ba422186fcdf423baaae445c3535672f485c5bf9b0a40b4eb6dd4a2222bb2c

Request headers

Referer
https://xp.xyz/static/css/main.ac5cee37.css
Origin
https://xp.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 20:31:40 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Mar 2024 20:23:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81094
etag
W/"11de6a60d8bee2493a9cfda767555659"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
fHxil-75pHbW7OeognfWmm2ALeWTPCOkz_YFAi2asY4cFhBHCJoebw==
Sequel100Black-65.e4003b0d2f58a56e1166.ttf
xp.xyz/static/media/
46 KB
23 KB
Font
General
Full URL
https://xp.xyz/static/media/Sequel100Black-65.e4003b0d2f58a56e1166.ttf
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
181fe485ffdfce46542d6d1dd5063b7bc4110deabb3b2ad9026aca860aef2466

Request headers

Referer
https://xp.xyz/static/css/main.ac5cee37.css
Origin
https://xp.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 20:31:40 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Mar 2024 20:23:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81094
etag
W/"46e04813fd076dee1d665480f5f6ec08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
bGvnGDMn9lzKw5oAUTf1y_R79fT0GT0LZCv-fZ0I3e6McTIIMTWAPA==
Sequel100Black-75.0bd2903cf018e606533a.ttf
xp.xyz/static/media/
46 KB
23 KB
Font
General
Full URL
https://xp.xyz/static/media/Sequel100Black-75.0bd2903cf018e606533a.ttf
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11bd041ab0fc6de3bb51707ba58f50f1a6f7dd273d4506ff5abb91a29377d6fe

Request headers

Referer
https://xp.xyz/static/css/main.ac5cee37.css
Origin
https://xp.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 20:31:40 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Mar 2024 20:23:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81094
etag
W/"d2c9891c648ec6cbe808fef09a790c13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
2cc1rsRD1pqgvzUIe_vwIvZnzgvx0TzBKh5Z8E9zhuBKg1wNl3quLg==
performers-by-league
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/performers-by-league
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
performers-by-league
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/performers-by-league
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
performers-by-league
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/performers-by-league
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
performers-by-league
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/performers-by-league
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
featured-performers
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/featured-performers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
performers-by-league
api.xp.xyz/api/stagehand/
8 KB
8 KB
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/performers-by-league
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
711c03b2458e6f86906e934135cc87eb182de911086fe97209468d5f1181cae8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
7958
x-xss-protection
1; mode=block
performers-by-league
api.xp.xyz/api/stagehand/
8 KB
9 KB
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/performers-by-league
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
416a7a95985905a45a20c475aed096a6f14be534d65ca46135128a32c13c02b9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
8286
x-xss-protection
1; mode=block
performers-by-league
api.xp.xyz/api/stagehand/
9 KB
9 KB
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/performers-by-league
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
41773beda8273a4d80ece7b051f2887484aed8d6c49d2bb59b6bc01c46e5afbd
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
8719
x-xss-protection
1; mode=block
performers-by-league
api.xp.xyz/api/stagehand/
12 KB
13 KB
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/performers-by-league
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
6000da7742d628c23e3cd593a7bba296e12a941bb0001ca82595308350c15c3e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
12572
x-xss-protection
1; mode=block
featured-performers
api.xp.xyz/api/stagehand/
2 KB
2 KB
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/featured-performers
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
7007e23ccf56e65c61987411b19cdf4d00805d248e9fa5d7792893a7d22a0f54
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
1738
x-xss-protection
1; mode=block
filters
api.xp.xyz/api/stagehand/
39 B
451 B
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/filters
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
d5c9826032018406a861a5e1666b795fdb83d1c5f727ca63b2a98466261ed257
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:15 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
39
x-xss-protection
1; mode=block
filters
api.xp.xyz/api/stagehand/
39 B
451 B
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/filters
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
d5c9826032018406a861a5e1666b795fdb83d1c5f727ca63b2a98466261ed257
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:15 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
39
x-xss-protection
1; mode=block
filters
api.xp.xyz/api/stagehand/
469 KB
470 KB
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/filters
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
1e0f340f831eb085c8bd435cb1b0aeda4b354a21cef0fdcd513bda168df5d234
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
480493
x-xss-protection
1; mode=block
campaigns
api.xp.xyz/api/xp/
2 KB
3 KB
Fetch
General
Full URL
https://api.xp.xyz/api/xp/campaigns
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
c9c15065d3d64c404a86c89dda2b7720f72ae7a755b248435af94cde1f790a5b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
2488
x-xss-protection
1; mode=block
filters
api.xp.xyz/api/stagehand/
469 KB
470 KB
Fetch
General
Full URL
https://api.xp.xyz/api/stagehand/filters
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
738e5280b8e9abc67656062da2943c575aeecf731a06388f615b94df4b2d8526
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains
server
gunicorn/20.0.4
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://xp.xyz
permissions-policy
interest-cohort=()
content-length
480509
x-xss-protection
1; mode=block
filters
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/filters
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
filters
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/filters
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
filters
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/filters
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
campaigns
api.xp.xyz/api/xp/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/xp/campaigns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
filters
api.xp.xyz/api/stagehand/ Frame
0
0
Preflight
General
Full URL
https://api.xp.xyz/api/stagehand/filters
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.175.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-175-18.compute-1.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp.xyz
allow
OPTIONS, POST
content-length
0
content-security-policy
default-src 'self' 'unsafe-inline' *; img-src 'self' data: *; script-src 'self' 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
gunicorn/20.0.4
strict-transport-security
max-age=31556926; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
campaigns.json
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/
11 KB
3 KB
XHR
General
Full URL
https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=3cd9775a-a530-476e-a071-a7f041aa5e78&fence=1
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6401271f271365b2b9b0402a3f77240c6b13453893ef5331ee247b28297b759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ipcountry
DE
date
Sat, 09 Mar 2024 19:03:14 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
x-ippostalcode
via
1.1 vegur
content-encoding
gzip
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D
x-request-id
d289fbea-abe0-4a8b-a4e5-336da40fc4b5
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c6401271f271365b2b9b0402a3f77240"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control
max-age=0, private, must-revalidate
x-ipregion
DE_
cf-ray
861d52e8be29913c-FRA
campaigns.json
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/
11 KB
3 KB
XHR
General
Full URL
https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=3cd9775a-a530-476e-a071-a7f041aa5e78&fence=1
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6401271f271365b2b9b0402a3f77240c6b13453893ef5331ee247b28297b759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ipcountry
DE
date
Sat, 09 Mar 2024 19:03:14 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
x-ippostalcode
via
1.1 vegur
content-encoding
gzip
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D
x-request-id
bbaca25d-fae6-4eaa-9386-5738cd26103b
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c6401271f271365b2b9b0402a3f77240"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control
max-age=0, private, must-revalidate
x-ipregion
DE_
cf-ray
861d52e8ce2a913c-FRA
campaigns.json
api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/
11 KB
3 KB
XHR
General
Full URL
https://api.privy.com/businesses/AF7240E62E5BB1F64E2D0FA3/campaigns.json?s=j&l=https%3A%2F%2Fxp.xyz%2F&user_uuid=3cd9775a-a530-476e-a071-a7f041aa5e78&fence=1
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6401271f271365b2b9b0402a3f77240c6b13453893ef5331ee247b28297b759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ipcountry
DE
date
Sat, 09 Mar 2024 19:03:14 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
x-ippostalcode
via
1.1 vegur
content-encoding
gzip
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D
x-request-id
dc999c5a-abb1-422a-ad9a-f8c16e575be5
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c6401271f271365b2b9b0402a3f77240"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8aF0whc8R0GOLIzYVRFAa1C6f6HJ%2FED50xkJmWn4yKk%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control
max-age=0, private, must-revalidate
x-ipregion
DE_
cf-ray
861d52e8be28913c-FRA
bca9994f-6c8f-4539-89ac-1a4459127e01
ekr.zdassets.com/compose/
1010 B
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/bca9994f-6c8f-4539-89ac-1a4459127e01
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8b5e61808de5a49a7390d1ea88700c98e190aa6457e35804aa0cc7a17f014a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
860d8c9cbefe5387-SEA, 860d8c9cbefe5387-SEA
x-runtime
0.003669
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1b8b5e61808de5a49a7390d1ea88700c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U3q4wBQrMVAgaos365lYuy0a4bTMoj2UX9PRICfXhUWtHVdERDVg9NhKFThzfc6M5H7Pp9uGHvth4obH%2BSPNZ7gU%2BZ0siBEbaiz8iNQ0yu6H4vk%2BObK7nL65PjzEtx4bAY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
861d52e8de6c5b9e-FRA
/
www.googleadservices.com/pagead/conversion/11351563070/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/11351563070/?random=1710010994029&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&bttype=purchase&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
fd001e1bc3113a96f7c6aa411b4e56ab3caf4c9f92f8f6212bf3ead688472a8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1684
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
248 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45je4360v9130944946z89172014031za200&_p=1710010993566&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1577528411.1710010994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710010994&sct=1&seg=0&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=782
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 19:03:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
52da2fa4-8810-4fc2-9beb-1f94d9ea500c
https://xp.xyz/
463 KB
0
Other
General
Full URL
blob:https://xp.xyz/52da2fa4-8810-4fc2-9beb-1f94d9ea500c
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffae9431def3390a1dc09d80a41f9c224affd01ad64970dc157790e9dbdf7721

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
474307
Content-Type
1514233069351079
connect.facebook.net/signals/config/
53 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1514233069351079?v=2.9.148&r=stable&domain=xp.xyz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7fcd7c9a055e8565e3191344be5ba42d563c5fe2b944ca0dd259783db192b8df
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Mar 2024 19:03:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=64, mss=1294, tbw=62475, tp=-1, tpl=-1, uplat=67, ullat=0
pragma
public
x-fb-debug
rS07rvH6WkVAxUuVjyHjHPGobIq9oW0V8w8RUtMdZfwelFIFshRgeXGstJwXtoso3YpisYCEvWCiOrkpxNXtcQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
controller-c8bfdd70e62be9f4e611d8b62738f20d.html
js.stripe.com/v3/ Frame D2BC
325 B
778 B
Document
General
Full URL
https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1bfb181330911e3736a1fe85f14a2ca94b4728ce86887d11e6b4fea110cd1292
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
32
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
188
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:14 GMT
etag
"c8bfdd70e62be9f4e611d8b62738f20d"
last-modified
Sat, 09 Mar 2024 02:38:05 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
17
x-content-type-options
nosniff
x-request-id
d0d6f030-625a-4952-b220-87e43bad1803
x-served-by
cache-fra-etou8220109-FRA
/
www.google.de/pagead/1p-conversion/11351563070/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3...
  • https://www.google.com/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&d...
  • https://www.google.de/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dm...
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqeOh45OOC0zUQjMyuxrdQ7cygttICsQ&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxPaI3xZsSxGsvtnStnh0EafoeC5tTeFZus&random=3797035085&ipr=y
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Mar 2024 19:03:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/11351563070/?random=1120455062&cv=11&fst=1710010994029&bg=ffffff&guid=ON&async=1&gtm=45be4360v9130944946z89172014031za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fxp.xyz%2F&label=zXmJCNGOufoYEL627KQq&hn=www.googleadservices.com&frm=0&tiba=XP-%20Access%20your%20favorite%20shows&value=20&npa=1&pscdl=noapi&auid=1467846874.1710010994&uamb=0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4akhYbGNPZURNSWxRbjlEazhobmVWTUVLTkl5M3MtdlpGNEJyX0lnSTlWUi1nGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWS0R0Umh6ckFBZ1NneVBZbnY2dko0T1pCMy1WRUt6QkIzM0xrd3RVZ1pZR1NkZURnODlWTk5OR3ciEwiKt_Wu7-eEAxWIZpEFHdQZBwwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqeOh45OOC0zUQjMyuxrdQ7cygttICsQ&eitems=ChEIgK6wrwYQ7OPN27Ckp_WmARIdABLGGxPaI3xZsSxGsvtnStnh0EafoeC5tTeFZus&random=3797035085&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
js.stripe.com/v3/fingerprinted/js/ Frame D2BC
537 KB
130 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
58d85ba8e53eddc3d87dc3d8c114812bc7cfd1d49f658d7a0827a898b708d6ec
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 19:03:14 GMT
via
1.1 varnish
age
58853
x-cache
HIT
content-length
133401
x-request-id
0362d8e4-0a42-42cd-b001-7b68581b194a
x-served-by
cache-fra-etou8220109-FRA
last-modified
Sat, 09 Mar 2024 02:38:17 GMT
server
Fastly
etag
"ae80f9950714ec2bafdb890ef9866f99"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
14
controller-a58721c28affd3a672e82df8c6e7e6a4.js
js.stripe.com/v3/fingerprinted/js/ Frame D2BC
703 KB
184 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a58721c28affd3a672e82df8c6e7e6a4.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7fbe8a94ecb5d03772bd3de4e36a8b484d905a8be393f49201932f4521725ff4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 19:03:14 GMT
via
1.1 varnish
age
58853
x-cache
HIT
content-length
188464
x-request-id
529964e8-ea8f-4b53-8331-2938175a1b4c
x-served-by
cache-fra-etou8220109-FRA
last-modified
Sat, 09 Mar 2024 02:38:15 GMT
server
Fastly
etag
"5c2042a721abac64eac72d7fe5b76577"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
14
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f6369864f88c35b1302ab28dbaa8944f4f275f11a3e43bd96187cc79bf82699d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 09 Mar 2024 19:03:14 GMT
755-abe14dc84751c419cb42.js
assets.privy.com/packs/js/
88 KB
31 KB
Script
General
Full URL
https://assets.privy.com/packs/js/755-abe14dc84751c419cb42.js
Requested by
Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9520b2cb671d613ff9f2ae92c8de2305abfc8ad6a24cd7ad5d89203c60aa8432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 72aa637991c46f23f831d2a4b7cb6c9a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P3
age
392
x-cache
Hit from cloudfront
content-length
31062
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709928365&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Dn05P8P3wtvDxgi7R7JP%2BbH1o%2F8AaHRbE343VV%2F2ugQ%3D
last-modified
Fri, 08 Mar 2024 18:29:11 GMT
server
cloudflare
vary
accept-encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709928365&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Dn05P8P3wtvDxgi7R7JP%2BbH1o%2F8AaHRbE343VV%2F2ugQ%3D"}]}
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
861d52e9aa0868ec-FRA
x-amz-cf-id
0rRQoGfQOLCz-Niv7_gToVaU7VENmrCDVVmhXB7yqDaa00zoCi8k2A==
908-000e1ac551df9d63c8a5.js
assets.privy.com/packs/js/
38 KB
13 KB
Script
General
Full URL
https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js
Requested by
Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P3
age
6101
x-cache
Hit from cloudfront
content-length
12381
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709928679&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Oc9SzueRJz%2FXf6tSlCfQfTSrx8r%2F%2FPvrDVI72yI%2BYWo%3D
last-modified
Fri, 08 Mar 2024 18:29:11 GMT
server
cloudflare
vary
accept-encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709928679&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Oc9SzueRJz%2FXf6tSlCfQfTSrx8r%2F%2FPvrDVI72yI%2BYWo%3D"}]}
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
861d52e9aa0168ec-FRA
x-amz-cf-id
xWW0lTov-Yze6McYQ1keGupFq1GKwxdl3chor2qVSd5Zz-sxly5Y2A==
864-e97430f5f316998a0c34.js
assets.privy.com/packs/js/
19 KB
7 KB
Script
General
Full URL
https://assets.privy.com/packs/js/864-e97430f5f316998a0c34.js
Requested by
Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b1c975871e139ec3dce8ca5d2cea862edf5572c930da5952c31a0e72a71ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P7
age
965
x-cache
Hit from cloudfront
content-length
6189
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709923272&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=4fz9Hpeusx1AAy6%2FZxE5Ugeu60PuYm6f4j7HMoU8mSM%3D
last-modified
Fri, 08 Mar 2024 18:29:11 GMT
server
cloudflare
vary
accept-encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709923272&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=4fz9Hpeusx1AAy6%2FZxE5Ugeu60PuYm6f4j7HMoU8mSM%3D"}]}
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
861d52e9aa0668ec-FRA
x-amz-cf-id
ElGnPWhe_wszOCAz52p0zbaPlNrFwIAy-uQx8zvPwUydetgUANrGGg==
538-58faf0b20e3865c7e8c9.js
assets.privy.com/packs/js/
108 KB
32 KB
Script
General
Full URL
https://assets.privy.com/packs/js/538-58faf0b20e3865c7e8c9.js
Requested by
Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f74af822db7aa4ed1c03da76062e7909ff2aae04d06ed5c15277d938eb7de383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P7
age
965
x-cache
Hit from cloudfront
content-length
31874
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709929944&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2RHlC5q7yb49q6p9HwbrmF1QsVcjP22hTTRTDowXAMs%3D
last-modified
Fri, 08 Mar 2024 18:29:11 GMT
server
cloudflare
vary
accept-encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709929944&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2RHlC5q7yb49q6p9HwbrmF1QsVcjP22hTTRTDowXAMs%3D"}]}
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
861d52e9da2d68ec-FRA
x-amz-cf-id
9lo2ZdKngu98uC-Dm27qwODWzEP0hd1P76ncQI-DWqqglAY2Hiboxw==
legacy_widget-77347368f315fe42ebe0.chunk.js
assets.privy.com/packs/js/
114 KB
29 KB
Script
General
Full URL
https://assets.privy.com/packs/js/legacy_widget-77347368f315fe42ebe0.chunk.js
Requested by
Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e433db6a5e93d9fd34379bf9d3dee291b8bc60fc0cfebb86dfc66b23270e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P7
age
7165
x-cache
Hit from cloudfront
content-length
29169
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709923522&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Gk9TEKuoYk0FRWtnSL6R2imnq1GrcZmJKuEF5RJGffQ%3D
last-modified
Fri, 08 Mar 2024 18:29:11 GMT
server
cloudflare
vary
accept-encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709923522&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Gk9TEKuoYk0FRWtnSL6R2imnq1GrcZmJKuEF5RJGffQ%3D"}]}
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
861d52e9da3368ec-FRA
x-amz-cf-id
1D8rLMbURZ10AKDKk9ymqs7GJ5tA7pZKD25MHszW1OAD0KJc73ywpg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame D2BC
474 B
612 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
756cd5368e3bf22664232c8228b5d7d572cf4b6b8f912ff17da005caea7790c0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
5
x-cache
HIT
content-length
298
x-request-id
11f94a82-69fb-471b-adc3-279446ac225c
x-served-by
cache-fra-etou8220074-FRA
last-modified
Sat, 09 Mar 2024 03:17:41 GMT
server
Fastly
etag
"abf0cb9b2315500db3445ffbd3bb17d5"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
.deploy_status_henson.json
js.stripe.com/v3/ Frame D2BC
474 B
372 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
756cd5368e3bf22664232c8228b5d7d572cf4b6b8f912ff17da005caea7790c0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-c8bfdd70e62be9f4e611d8b62738f20d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
5
x-cache
HIT
content-length
298
x-request-id
a5172809-103a-4de8-b402-229f5ecf1787
x-served-by
cache-fra-etou8220074-FRA
last-modified
Sat, 09 Mar 2024 03:17:41 GMT
server
Fastly
etag
"abf0cb9b2315500db3445ffbd3bb17d5"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/
494 KB
197 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xp.xyz/
Origin
https://xp.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 18:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Mar 2025 18:36:21 GMT
web-widget-main-a8e2471.js
static.zdassets.com/web_widget/classic/latest/ Frame FFB2
945 KB
277 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=bca9994f-6c8f-4539-89ac-1a4459127e01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0a75d7e84a90aba9d68dc5b54e7afedf58b4bbf7221aa78dcb9c4f26f87364
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
x-amz-version-id
Z2TyMhu0USmhlgy7zbQ76q.AzD1L6aZ1
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
B5VFJJN3BRVJ0FRW
age
290384
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
pXirvkJ3mW6sVnrhyFFVVSruNnHtIpaQzrRrbuXb4DDPVPBjdtaCVLxs9w2WDpV8JnBFN95+23A=
last-modified
Mon, 04 Mar 2024 13:52:16 GMT
server
cloudflare
etag
W/"d07da7b379d0bd38cb3b8930758e82b1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQ3POZEty5sHXDC4s8qNkT5RT5RnRPzLtSRBdvkZkFfmKwSYDYA4ORm6EqXvRt8gXzwDJ5vwDJXZHkB46XYf8JEzWvuFJQDgOW9ZtV8Umc4w%2BqGkbdLO3%2FjoBfxIM1mOVcdEEk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
861d52ea0ba26ae2-FRA
access-control-allow-headers
*
expires
Tue, 04 Mar 2025 13:52:15 GMT
collect
events.privy.com/v2/
0
404 B
XHR
General
Full URL
https://events.privy.com/v2/collect
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
via
1.1 vegur
content-encoding
gzip
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=v5CXMegQoZrZFca%2BfgcRd7GqicMVDDjbqBPjt0pa6%2B8%3D
x-request-id
d05402b5-c4c9-4a4d-80dd-f00cf3b344ab
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710010994&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=v5CXMegQoZrZFca%2BfgcRd7GqicMVDDjbqBPjt0pa6%2B8%3D"}]}
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
cf-ray
861d52ea3846913c-FRA
widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css
assets.privy.com/assets/
245 KB
25 KB
Stylesheet
General
Full URL
https://assets.privy.com/assets/widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css
Requested by
Host: assets.privy.com
URL: https://assets.privy.com/packs/js/legacy_widget-77347368f315fe42ebe0.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P9
age
4208
x-cache
Hit from cloudfront
content-length
25091
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706156137&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=m93sp6VOrb%2Fk8CXpxxWitHaX%2FPRP71eQZRsMSydmkCI%3D
last-modified
Mon, 10 Apr 2023 19:08:01 GMT
server
cloudflare
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706156137&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=m93sp6VOrb%2Fk8CXpxxWitHaX%2FPRP71eQZRsMSydmkCI%3D"}]}
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
861d52ea2a8668ec-FRA
x-amz-cf-id
ebFvQandCOBZhx8XbfkkH4YjBVN1lFSgYrgc2IFhDTh4cCQzOZUFog==
anchor
www.google.com/recaptcha/api2/ Frame 4036
46 KB
29 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
19e3336736fd2eacc993e742f8b846b2d0baa56612914c33928b1ad9cb8a3ca1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sjxXBy2nr9IdYPqmloRt8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sjxXBy2nr9IdYPqmloRt8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Mar 2024 19:03:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
717 B
370 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400
Requested by
Host: assets.privy.com
URL: https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 18:02:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Mar 2024 19:03:14 GMT
css
fonts.googleapis.com/
6 KB
777 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Cousine:300,400,700%7CLato:400,500,undefined
Requested by
Host: assets.privy.com
URL: https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d492fb6ef3f5ff87d9f2121102e08ad06456088dc639db43bff5b16abc9a4eed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 19:03:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Mar 2024 19:03:14 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 4036
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Mar 2025 07:30:28 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 4036
494 KB
196 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 18:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Mar 2025 18:36:21 GMT
en-us-json-a8e2471.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame FFB2
25 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-a8e2471.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
x-amz-version-id
K6AM8OxoSO1OmWBpYrwye40k70ja8ul8
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
B5V04AQJD5WK6CXC
age
290379
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
m4Z/n+x3kJTPGM0HGMlwo81RA0VTdiqu5oNlwVWnlHQdPxSIsM8Frhl6Uxt/TZIyva/gCupleUo=
last-modified
Mon, 04 Mar 2024 13:52:18 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aElu4VGpqeKcsHrhJ001wf1Erv1cFEUb86kr%2F90GaLDWj93oKGU776gimvu%2Fr5xl0SHj%2FO5PoGuBIkB%2FnNdcCT%2B%2FbhxDL7a2lIZiWKnfEbEukNiOtDI91pmuACzUpTSZvHZTg0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
861d52eb1d306ae2-FRA
access-control-allow-headers
*
expires
Tue, 04 Mar 2025 13:52:16 GMT
config
xpsupport.zendesk.com/embeddable/ Frame FFB2
605 B
1 KB
Fetch
General
Full URL
https://xpsupport.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7641dd581b49197ec3e16b4ffc870e8bcc65dde3f9566452c729b43a6af14b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-58c76669b6-xthjr
x-cached
MISS
x-request-id
861d52eb5f52085d-FRA
x-runtime
0.002191
last-modified
Sat, 09 Mar 2024 19:03:14 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsZ%2B9qv%2BilioJfn6G%2FjVH7UgSPBn5GgETRBAp4s9NmIzIwS4netFUJ%2BZZrV2K%2BG%2BIlP%2BkEbpkegjVtRQ3IM2Maimsh3Kh0z4IGTy0yGQNVrycWGwMznbacnZfdQ%2BbP%2BXEH98cSrmsA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
861d52eb5f52085d-FRA
IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js
www.google.com/js/bg/ Frame 4036
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 18:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6933
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Mar 2025 18:13:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 4036
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly94cC54eXo6NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=i8ldwil9rkot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 09 Mar 2024 19:03:14 GMT
web-widget-chat-sdk-a8e2471.js
static.zdassets.com/web_widget/classic/latest/ Frame FFB2
202 KB
51 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-a8e2471.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
x-amz-version-id
x4eH3W9GJ9cm0gXRbqZSeow_eidCmzsM
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
B5V5EJRFDP790NEC
age
290383
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
62x+OtZ1+vQqekzZTM9PJbhPZX/5upGM2YP2rAGWEW5Oj0A9DfGAU4nWeSU6SemzBqb2pYpZHps=
last-modified
Mon, 04 Mar 2024 13:52:16 GMT
server
cloudflare
etag
W/"b8284a4b45e40625c2b90a641ebe4a68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St%2Br4%2Bd%2BeaF%2Fh%2FREUu0dr7uKCK%2BaFtw3c6a7xLOqn0AC%2BVLYcmHCWgrGg77%2BuZRqbz11pNfqURPQww1mtl2sd65mNYKo7Gm3ThS2A0Tmj8ACp8uxBj1b2fJojE%2By0qjW4w564m0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
861d52ebee7e6ae2-FRA
access-control-allow-headers
*
expires
Tue, 04 Mar 2025 13:52:15 GMT
XP_Site_Background_Less_Grainy_WEBPv3.webp
cdn.hngr.co/xp/heroes/
340 KB
341 KB
Image
General
Full URL
https://cdn.hngr.co/xp/heroes/XP_Site_Background_Less_Grainy_WEBPv3.webp
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9a03f78d4fdbf1c14ebc2771b7a048a83ed1698705a2c16db2afd0fb34f8bba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
CHBsnr4tg3asFlJy..L5VAmYgFgJs3B1
date
Sat, 09 Mar 2024 15:52:05 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 17:19:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11470
x-amz-server-side-encryption
AES256
etag
"c4569fe37bce8adb2152889bcf7f90e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
348650
x-amz-cf-id
iBvIxil7LJ8f0tK-Zut-JjniBLpgGq8APIeVf_QSfqDCD2yCT6aHPQ==
bframe
www.google.com/recaptcha/api2/ Frame 1494
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4bd95f91baabd29b68d8b2a9fcc69b334fb08dbcbd6e74c34551990974d264c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LCVjEBCkA0q6L1rouGAL1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LCVjEBCkA0q6L1rouGAL1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Mar 2024 19:03:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 1494
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Mar 2025 07:30:28 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 1494
494 KB
196 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 18:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Mar 2025 18:36:21 GMT
tswift.jpg
cdn.hngr.co/ticketdex/artists/Taylor%20Swift/
192 KB
193 KB
Image
General
Full URL
https://cdn.hngr.co/ticketdex/artists/Taylor%20Swift/tswift.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fcb59c1b2732bb975f8bd6bce13b68402952a0f17b12d9f56f16cee9110448d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
ivbs3tdsefYkcjjB9Jg8B_7j_YCU_9ml
date
Sat, 09 Mar 2024 06:37:03 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Fri, 01 Sep 2023 21:45:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
44772
x-amz-server-side-encryption
AES256
etag
"e0273ca3eca6e20bdf76fba5209a30f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
196550
x-amz-cf-id
3HU5BPqcxIwYXYtdH6qXdiI0ZD3SQyEvEc48N6GD2mn3xlOZCqILhg==
993014053_0.jpg
cdn.hngr.co/performers/apple/
561 KB
562 KB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/993014053_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b40f6b8d5873db73881656441cc18c4ffa42010a32add6733f0e6d913ba5f32d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
droRorkth2mKNBn_hlHeVYb8wHukFA7k
date
Sat, 09 Mar 2024 15:52:05 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 22 Jun 2023 17:41:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11470
x-amz-server-side-encryption
AES256
etag
"00a70acc511ccce957548221120d0670"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
574596
x-amz-cf-id
8zalLxL7xMtigXvMjyXFtic1drki2ImqzXaG59suaz2Y1SOrQk0ewQ==
ufc.webp
cdn.hngr.co/ticketdex/artists/UFC/
149 KB
149 KB
Image
General
Full URL
https://cdn.hngr.co/ticketdex/artists/UFC/ufc.webp
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
001da1ce5207c9ebe4af62fb5f9ef224d98ba2bd9957543195cac1da83bf46c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
xcTiP0Rt7cWgSeGxwRYXciKH8zM2555B
date
Sat, 09 Mar 2024 15:52:05 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 18:40:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11470
x-amz-server-side-encryption
AES256
etag
"ba19f1f6a759a017eb6db3c938ecff3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
152128
x-amz-cf-id
2NCIzBmiasSWQu_pRriMYvRYP4cu17FAsUKzehvtaiAwyik1xPhGkQ==
Kenny_Chesney.jpg
cdn.hngr.co/ticketdex/artists/Kenny%20Chesney/
394 KB
395 KB
Image
General
Full URL
https://cdn.hngr.co/ticketdex/artists/Kenny%20Chesney/Kenny_Chesney.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26cf3c16397342eaa58df6d157cacc134ce77593f2acaa699c2fff22fd16b1db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
j.LUqDgr_s1onYmFVI57S9zL5Toqsf2Y
date
Sat, 09 Mar 2024 15:52:05 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 15:55:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11470
x-amz-server-side-encryption
AES256
etag
"0a72c025060580ed862303d319c1a46b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
403598
x-amz-cf-id
SFZJqZun3cCHCzufh1m6MDzr4JmtzI9rbMj11NEkY4NKKmOrXZLBjQ==
829142092_0.jpg
cdn.hngr.co/performers/apple/
3 MB
3 MB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/829142092_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b2d04446fd5c796d194d3ee3813374224f9a1f66c0f31164d4ada352758a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
IQoqheECALwoC.x8n7xx9mxvkeKu5HSb
date
Sat, 09 Mar 2024 15:52:05 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 22 Jun 2023 17:33:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11470
x-amz-server-side-encryption
AES256
etag
"3391e018c053c9be380e8a35f2f9e175"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3200700
x-amz-cf-id
S6WKxFQ4dQNZy_lQ6QWrdim38ZIVDXB-0rRC1_Og1YHfD1ohUHn90g==
14450-dd081922-81a1-401a-9a96-466baa0c9eb0.jpg
cdn.hngr.co/xp/performer-images/
244 KB
245 KB
Image
General
Full URL
https://cdn.hngr.co/xp/performer-images/14450-dd081922-81a1-401a-9a96-466baa0c9eb0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f559328fc7464c8eba42a44881a16ada9e72d8a11b1598dc0ffa9d4325653e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id
5VvcvmV6QrmAw2gqPopso7y37eOYdbwj
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 15 Feb 2024 20:22:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
44772
etag
"7c99602496673849fccbf0a4edece02b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
250295
x-amz-cf-id
eWJLR2k_ZjsZ2m97Mv7jJNp0pPH61NbRAVwiVWwbMXs10fvLJZUwlg==
485953_0.jpg
cdn.hngr.co/performers/apple/
2 MB
2 MB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/485953_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2991fb5c323d90ecb01e1da10b1e67193af2af30f99eadc8f65df19a21491f5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id
Tp1ovySu0xEFo8IVQXpdJedm0pYyzg7d
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 22 Jun 2023 17:37:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
44772
etag
"800037939af89d99ce81b0d288748d7a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2150137
x-amz-cf-id
YSVaUwImeb5Ux9VK60vgnhzGuSK-ltq1tp3Wolz7LVeJ5XoOm_BdlQ==
12576-dd784384-b08d-45cb-9aa6-5c6b0ca80ca0.jpg
cdn.hngr.co/xp/performer-images/
58 KB
58 KB
Image
General
Full URL
https://cdn.hngr.co/xp/performer-images/12576-dd784384-b08d-45cb-9aa6-5c6b0ca80ca0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a6e42b5f0f0a24733687fdda3750590330295a2737047621a2f6ea9e81d8256

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id
dtPtC9CAoNPHK10TFh_6lU7ynfGufi67
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Tue, 21 Nov 2023 14:23:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
44772
etag
"3a381a50f6ce5e9614daa3f401fe00c2"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
58932
x-amz-cf-id
yfq1dkSULDMiWhkh6OuHQ-4ldIz-SQujmbKQhexbvKdVBY33OuxR3g==
96353_0.jpg
cdn.hngr.co/performers/apple/
2 MB
2 MB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/96353_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b04f320935e6af2fb98db96fedbcf673fc29db197f3af31066fa187fad8ac879

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
mC3Stw9adoEfuIDo36ZBcfkU6LHgn66t
date
Sat, 09 Mar 2024 15:52:05 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 17:18:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11470
x-amz-server-side-encryption
AES256
etag
"10c10069965092fed6ccb614f8a51ec0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
1586870
x-amz-cf-id
IeSQLMMdEUrTvdd5mgZvEVlZCPi8p1UD2mMCENvwBIv80oHh6_PmwQ==
3996865_0.jpg
cdn.hngr.co/performers/apple/
5 MB
5 MB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/3996865_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
172a8b8e74e952dc54c4b927097ebd03987e8188e4697df51206d663c265e559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
FHpWPjBMXf6O.qcYGHbJHfJcDW.j6Kko
date
Sat, 09 Mar 2024 15:52:05 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 22 Jun 2023 17:35:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11470
x-amz-server-side-encryption
AES256
etag
"dd397f293869bc8c084d4abbc1f389eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5506216
x-amz-cf-id
K-WnzRoP9tHx0KfoyULbThcOHiJ29JSz0X_Ebnhl51NCfxTE9_RLvg==
1436413980_0.jpg
cdn.hngr.co/performers/apple/
1 MB
1 MB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/1436413980_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f8bcc2025d2c56f2bf8e91b0026b850aa3eaf4807d983daa86dfd226609f4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id
4PjkF3l3QT3f2qO1n2S2anARR5.FCu.c
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 17:11:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
44772
etag
"5ec57c647098a8cd5750c28209d930fa"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
1344975
x-amz-cf-id
CicLOESvzfZLodyW3ctg-cMvjYqBJVY42pYLvqsb-k40zRIhxcaGIQ==
271256_0.jpg
cdn.hngr.co/performers/apple/
1 MB
1 MB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/271256_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
400482eecc81a1b6f6f45c03efea336730e798916f63f5a6aa82b542293b2c8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:16 GMT
x-amz-version-id
e71slgTOfghBekQRhanGyMpc9iRuQaE5
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 22 Jun 2023 17:33:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"b95c5869a29a59a9009755a0cf647d76"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
1094104
x-amz-cf-id
FlDPGHltFKywImI7sPRHqfKf9tGxsqc9Zlul0yUxsoGNdZJgGiYVbw==
14819-85d8d988-7e81-46aa-931d-f5a5006b21cb.jpg
cdn.hngr.co/xp/performer-images/
768 KB
770 KB
Image
General
Full URL
https://cdn.hngr.co/xp/performer-images/14819-85d8d988-7e81-46aa-931d-f5a5006b21cb.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa7c5ffa27b46017a62670d98b2b2afe177192d85a41080e7b4d81670595e0d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 06:37:03 GMT
x-amz-version-id
QIr1LZ8s4RcTwawG5LBTnT4OyOHepCYr
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 22:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
44772
etag
"37739912884910307066efe39563abb9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
786837
x-amz-cf-id
vDP7tSzEAdpD-9NCqwUJliVn3xkkXBI_k0F8PnJi9jn34PHPrdipVA==
815635315_0.jpg
cdn.hngr.co/performers/apple/
4 MB
4 MB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/815635315_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcca199ea7b457bf28257b9baea1671c76d9f993e06046319dbe65f7882ceb04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
rLuv5EOrW.jS6TpMtjI.AR6NQE3yqzF2
date
Sat, 09 Mar 2024 15:52:05 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 17:18:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11470
x-amz-server-side-encryption
AES256
etag
"8bf4c6a0634c6fec29b6958a22dbee0e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
4277171
x-amz-cf-id
r61YmXo5QuXbgkRexC2GBBqXGYBUZcZLlI1aEwGoXjdgR818jmOpyw==
129045039_0.jpg
cdn.hngr.co/performers/apple/
674 KB
675 KB
Image
General
Full URL
https://cdn.hngr.co/performers/apple/129045039_0.jpg
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a88f29729747fb24cb5fa9c592e1a7acb0c0888b0a9e8de7bf4ca67100ebfa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:16 GMT
x-amz-version-id
FGOlQnL7T8Y1D.rNC6zwHLjtAf.20nbS
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Thu, 22 Jun 2023 17:37:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"6bec46e8ac61715512e731cdc1aaec36"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
689854
x-amz-cf-id
U961faxU9GYnlZnrFU0PqbnPzNOjQUHSrog_TSTYlitUmt52SbdNMw==
Sequel100Black-85.b6e03c89c405e3d2409a.ttf
xp.xyz/static/media/
46 KB
23 KB
Font
General
Full URL
https://xp.xyz/static/media/Sequel100Black-85.b6e03c89c405e3d2409a.ttf
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/css/main.ac5cee37.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
938c4c5f11cc2bc38dba9a06da56853e654dccc7f35e33cb1b1cd9aa1ee8ebbf

Request headers

Referer
https://xp.xyz/static/css/main.ac5cee37.css
Origin
https://xp.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 20:32:08 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Mar 2024 20:23:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81066
etag
W/"31a9c9aa3bcd926ba76919938549cd33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
BPmYfGRBOQLG-B-bap3v-7o-55XNRdo8itgsc8GW85kzha7YZbDPbA==
reload
www.google.com/recaptcha/api2/ Frame 1494
19 KB
14 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b69c2738f3e33dfa085ddc33b5b4cf6845b2e1a3d02d8b74be0f272285db9c18
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 09 Mar 2024 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 09 Mar 2024 19:03:14 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1494
600 B
624 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 18:30:13 GMT
x-content-type-options
nosniff
age
433981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 11 Mar 2024 18:30:13 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1494
530 B
554 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:17:32 GMT
x-content-type-options
nosniff
age
431142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 11 Mar 2024 19:17:32 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1494
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 11:42:02 GMT
x-content-type-options
nosniff
age
199272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 14 Mar 2024 11:42:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1494
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 21:26:23 GMT
x-content-type-options
nosniff
age
423412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Mar 2025 21:26:23 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1494
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 04:50:44 GMT
x-content-type-options
nosniff
age
310351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Mar 2025 04:50:44 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1494
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 09:11:37 GMT
x-content-type-options
nosniff
age
381098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 09:11:37 GMT
IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js
www.google.com/js/bg/ Frame 1494
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 18:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6933
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Mar 2025 18:13:58 GMT
payload
www.google.com/recaptcha/api2/ Frame 1494
28 KB
28 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6mrMcnZ-XRe9BBle1_NT7_zgOb9CpqPEnPbhH28C17m4B4QbUJ2MqAa-kVB-hIM7mupoI9JwgtNRGy3FwHlQDrRgD6f4RrTAop1HJe4VfW0y7Enya3Zgu_yRktezGygnkzBHe_G3oF0DzN1QCcRQAf9hHqkZNkhTAEwvPYnc0-PzBnZGvYcoVDshmnupITjU3mc1bUpu48Ds6WaQlCRgLuSG5cHA&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
631e44e3a32f593b0d44d9564bfc99e0b4bfaa5c464c7ac90dc51b31c7de4b79
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:15 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 09 Mar 2024 19:03:15 GMT
b
r.stripe.com/ Frame D2BC
0
272 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 09 Mar 2024 19:03:15 GMT
x-stripe-server-envoy-start-time-us
1710010995757204
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1710010995756768
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame D2BC
0
274 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 09 Mar 2024 19:03:15 GMT
x-stripe-server-envoy-start-time-us
1710010995757154
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1710010995756794
access-control-allow-credentials
true
content-length
0
web-widget-chat-incoming-message-notification-a8e2471.js
static.zdassets.com/web_widget/classic/latest/ Frame FFB2
236 B
841 B
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-a8e2471.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a8e2471.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
1SQhkWkfVry4zKqC.d.MJhJxkoua2r26
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DCT7TXFJFAMBEJPX
age
290383
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
uBT82rJUq9fxREdrtYy8BQE+RlOzb0OgR2TSL+60RNWz3y9+KIu0D2VtFCRsNWYOqDlrRRH8Stk=
last-modified
Mon, 04 Mar 2024 13:52:16 GMT
server
cloudflare
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8x%2Fb7kfwV9qnImUNMrnzbSZVEMcoX7icBxS%2FeEzXF6uqZWfcv1IJH41rXWlU57qAyEE4h%2Bz31LgKKAhGsLz0ERtTeMdB1ifQ926Hm19yvxX9%2BWEz9h%2BwamQNHvje2lnUoO%2Fun8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
861d52f3fb906ae2-FRA
access-control-allow-headers
*
expires
Tue, 04 Mar 2025 13:52:15 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame FFB2
19 KB
20 KB
Media
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Requested by
Host: xp.xyz
URL: https://xp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 09 Mar 2024 19:03:15 GMT
x-amz-version-id
7mQmj5CjPPHXphZWB9MwFHsB8G6GZRZR
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
HT3YBWDSMX7GGWKJ
age
10164057
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
u4rjVl6bznOFELXxWcdEy4cxf3HS8QD5+1jVYrU8pTGZTnnUMyhwdvSjilQjVnwTrzYblOccmBE=
last-modified
Tue, 26 Sep 2023 06:59:46 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot7Qm0klpKE6fvi1el4Q9i8JwRYiR3vH640lnrIaquF9YeSvASK9nnW5CLG831T3cC2iHmykSYsEmIJOtWAem%2BNvmuyleAh%2FgRpG%2FhWnDbl%2BItAI5FE%2F3b4VB2GKEkCwn1Eak3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
861d52f43be66ae2-FRA
access-control-allow-headers
*
expires
Wed, 25 Sep 2024 06:59:45 GMT
/
o133761.ingest.sentry.io/api/4505557805563904/envelope/
41 B
368 B
Fetch
General
Full URL
https://o133761.ingest.sentry.io/api/4505557805563904/envelope/?sentry_key=6bb349aba87347d6b4af354ce446661e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.49.0
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
88895d105e5970e51e2836a364df66612653931e60c6f2375d67ed884a87f971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xp.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Mar 2024 19:03:16 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i
r.lr-ingest.io/ Frame
0
0
Preflight
General
Full URL
https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-ee55713e-6f2b-4c70-acf9-1e5748859796&t=a48b9e2c-6d89-42fc-a4a2-048a23f455aa&s=0&rs=0%2Cu&u=5f59f574-6767-41eb-889a-aae690357b81&is=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-logrocket-relay-version
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
content-length
0
date
Sat, 09 Mar 2024 19:03:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
i
r.lr-ingest.io/
6 KB
6 KB
XHR
General
Full URL
https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-ee55713e-6f2b-4c70-acf9-1e5748859796&t=a48b9e2c-6d89-42fc-a4a2-048a23f455aa&s=0&rs=0%2Cu&u=5f59f574-6767-41eb-889a-aae690357b81&is=1
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
f05ccfe88420175dc603d9b4702139773d1d2142a27144f72aa9c2378b089a7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xp.xyz/
X-LogRocket-Relay-Version
2023.12.0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"1734-YpqfunMGwLF9wmdZptRq1pfazfw"
x-powered-by
Express
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length
5940
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 825D
200 B
884 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
242664
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 19:03:18 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
61691
x-content-type-options
nosniff
x-request-id
e5fa71c7-e9eb-46fa-a343-40d91d069375
x-served-by
cache-fra-etou8220109-FRA
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 825D
526 B
449 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 19:03:18 GMT
via
1.1 varnish
age
305523
x-cache
HIT
content-length
315
x-request-id
fb2777dd-fbdd-465d-89aa-adbfde265eb0
x-served-by
cache-fra-etou8220109-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
58580
inner.html
m.stripe.network/ Frame BE5A
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
200
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 18:59:59 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
HkPx5ripdx7RIoVj5l3zFvx27hgrB96ouGJOGBQH1PdXyqb0GiatBA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
out-4.5.43.js
m.stripe.network/ Frame BE5A
87 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:01:49 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
90
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
zUjlXinfOXSPQ3jvo7tOTds8NVw1MAZpglFo3t5N2EyIS2MuKYrzTQ==
6
m.stripe.com/ Frame BE5A
156 B
668 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.84.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-84-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
aa1ba0a0d51048667dc23ac16debc42c169505ab5fa61f271005b2d1fe1dcdec
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 09 Mar 2024 19:03:19 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1710010999159029
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1710010999158372
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45be4360v9130944946za201&_p=1710010993566&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1577528411.1710010994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1710010994&sct=1&seg=0&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=scroll&epn.percent_scrolled=90&tfd=5798
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11351563070&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 19:03:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FNW94WS062&gtm=45je4360v9130944946za200&_p=1710010993566&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1577528411.1710010994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1710010994&sct=1&seg=0&dl=https%3A%2F%2Fxp.xyz%2F&dt=XP-%20Access%20your%20favorite%20shows&en=scroll&epn.percent_scrolled=90&_et=18&tfd=5801
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FNW94WS062&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 19:03:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
r.stripe.com/ Frame D2BC
0
272 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e5fa3fec3ae52e82c9dbe99744d9674a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 09 Mar 2024 19:03:19 GMT
x-stripe-server-envoy-start-time-us
1710010999618674
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1710010999618220
access-control-allow-credentials
true
content-length
0
i
r.lr-ingest.io/
0
435 B
XHR
General
Full URL
https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-ee55713e-6f2b-4c70-acf9-1e5748859796&t=a48b9e2c-6d89-42fc-a4a2-048a23f455aa&s=0&des=true&rs=0%2Ct&u=5f59f574-6767-41eb-889a-aae690357b81&is=1
Requested by
Host: xp.xyz
URL: https://xp.xyz/static/js/main.707bf606.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xp.xyz/
X-LogRocket-Relay-Version
2023.12.0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 19:03:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length
0
i
r.lr-ingest.io/ Frame
0
0
Preflight
General
Full URL
https://r.lr-ingest.io/i?a=ivunb2%2Fhngr&r=5-ee55713e-6f2b-4c70-acf9-1e5748859796&t=a48b9e2c-6d89-42fc-a4a2-048a23f455aa&s=0&des=true&rs=0%2Ct&u=5f59f574-6767-41eb-889a-aae690357b81&is=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-logrocket-relay-version
Access-Control-Request-Method
POST
Origin
https://xp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
content-length
0
date
Sat, 09 Mar 2024 19:03:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| dataLayer object| webpackDvmModuleManager_v1_11_7 object| DVM object| google_tag_manager object| google_tag_data string| _d_site object| webpackChunkticketdex object| regeneratorRuntime function| Arweave function| keccak256 object| _ethers function| _lrMutationObserver object| __SDKCONFIG__ object| core function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __SENTRY__ function| _lrXMLHttpRequest function| fbq function| _fbq object| webpackChunkprivy object| SENTRY_RELEASE object| SENTRY_RELEASES object| PrivyWidget object| zEWebpackACJsonp function| zE function| zEmbed function| onYouTubeIframeAPIReady object| GooglebQhCsO object| gaGlobal function| _LRLogger boolean| _lr_loaded object| webpackChunkStripeJSouter function| noop function| Stripe object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| zEACLoaded string| PRIVY_ELEMENT object| PrivyClipboard function| Privy object| privySettings object| recaptcha object| closure_lm_871098 function| $zopim

14 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AI0kreJKJYMbE3cSxs1ZBMB1Ar1hbj3n4NZoGPLBQsk0iec8nmBGJBu8OwdPa9Kd8cYMQI51dbf3OgnyglMyYwY
.xp.xyz/ Name: _gcl_au
Value: 1.1.1467846874.1710010994
.xp.xyz/ Name: _ga
Value: GA1.1.1577528411.1710010994
.xp.xyz/ Name: _ga_FNW94WS062
Value: GS1.1.1710010994.1.0.1710010994.0.0.0
xp.xyz/ Name: _lr_tabs_-ivunb2%2Fhngr
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-ee55713e-6f2b-4c70-acf9-1e5748859796%22%2C%22webViewID%22:null%2C%22lastActivity%22:1710010994101}
xp.xyz/ Name: _lr_hb_-ivunb2%2Fhngr
Value: {%22heartbeat%22:1710010994101}
xp.xyz/ Name: _lr_uf_-ivunb2
Value: ec2f94ae-6ed2-45dc-b98a-8dbfda58caff
.xp.xyz/ Name: _privy_AF7240E62E5BB1F64E2D0FA3
Value: %7B%22uuid%22%3A%223cd9775a-a530-476e-a071-a7f041aa5e78%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22DE%22%2C%22region_code%22%3A%22DE_%22%2C%22postal_code%22%3A%22%22%7D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: oDlCbt8rDiVQt++sToV5Y0n+ntDoNYKZpUgfGf8G/rLlF9lJVaHQRK5s2aceJEDHbfxvcHo/7S++doqYoujD8gJxpDVm/BeRLvbP7xwWGZbGenwT6sNIKQfFcQg8
.xp.xyz/ Name: __zlcmid
Value: 1KhmYZM31F7XONX
m.stripe.com/ Name: m
Value: 0d786c44-4581-44b9-b08b-9a521c0e480206d8f4
.xp.xyz/ Name: __stripe_mid
Value: c3ee492a-8f62-4ad1-9fca-97f85da716c17c1d9c
.xp.xyz/ Name: __stripe_sid
Value: 139109fc-c06e-47e5-976c-a9ac8a2f7a71da1625

5 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1514233069351079?v=2.9.148&r=stable&domain=xp.xyz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://xp.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xp.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xp.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xp.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.privy.com
api.xp.xyz
assets.privy.com
cdn.hngr.co
cdn.lr-ingest.io
connect.facebook.net
ekr.zdassets.com
events.privy.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hngr-icons.s3.amazonaws.com
js.stripe.com
m.stripe.com
m.stripe.network
o133761.ingest.sentry.io
r.lr-ingest.io
r.stripe.com
region1.google-analytics.com
static.zdassets.com
tk3d.tk3dapi.com
widget.privy.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
xp.xyz
xpsupport.zendesk.com
104.16.51.111
104.18.72.113
104.198.23.205
151.101.64.176
172.217.23.98
18.66.122.25
18.66.97.11
2001:4860:4802:34::36
2600:9000:2057:e400:19:7d10:bd80:93a1
2606:4700:10::6816:146c
2606:4700:10::6816:156c
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2002
2a03:2880:f084:105:face:b00c:0:3
2a06:98c1:3120::3
3.5.6.179
34.120.195.249
34.212.84.166
52.222.139.124
52.55.175.18
54.187.159.182
001da1ce5207c9ebe4af62fb5f9ef224d98ba2bd9957543195cac1da83bf46c6
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
11bd041ab0fc6de3bb51707ba58f50f1a6f7dd273d4506ff5abb91a29377d6fe
153771fa4bd1db6b3dbce81e61081312d9ebe1cc8dc80379d0cefabfda339ac9
172a8b8e74e952dc54c4b927097ebd03987e8188e4697df51206d663c265e559
173a14a0d6085072cb655a381aae7949612c0d76c1e7de780288b74939363fdb
1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6
181fe485ffdfce46542d6d1dd5063b7bc4110deabb3b2ad9026aca860aef2466
19e3336736fd2eacc993e742f8b846b2d0baa56612914c33928b1ad9cb8a3ca1
1afd4c14480421a77cec441591c9fb3368c64fc39a4234cf5f29c6d5a5e47483
1b8b5e61808de5a49a7390d1ea88700c98e190aa6457e35804aa0cc7a17f014a
1bfb181330911e3736a1fe85f14a2ca94b4728ce86887d11e6b4fea110cd1292
1e0f340f831eb085c8bd435cb1b0aeda4b354a21cef0fdcd513bda168df5d234
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
228606fc973e515df5c25fdb162fc458ed708b36998343ed11213dbfef9d39d3
25b56ccb76e9fd9c4f51c3a640d62e35ac3bfc203f1877f410f5425836707f7b
26cf3c16397342eaa58df6d157cacc134ce77593f2acaa699c2fff22fd16b1db
2991fb5c323d90ecb01e1da10b1e67193af2af30f99eadc8f65df19a21491f5f
2c0a75d7e84a90aba9d68dc5b54e7afedf58b4bbf7221aa78dcb9c4f26f87364
2fcb59c1b2732bb975f8bd6bce13b68402952a0f17b12d9f56f16cee9110448d
31b2d04446fd5c796d194d3ee3813374224f9a1f66c0f31164d4ada352758a22
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3c1c1b5b523a4a35824c5ebf0b8f56b003dc1ccbef4e654cc459face31659445
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
400482eecc81a1b6f6f45c03efea336730e798916f63f5a6aa82b542293b2c8e
416a7a95985905a45a20c475aed096a6f14be534d65ca46135128a32c13c02b9
41773beda8273a4d80ece7b051f2887484aed8d6c49d2bb59b6bc01c46e5afbd
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4a6e42b5f0f0a24733687fdda3750590330295a2737047621a2f6ea9e81d8256
4bd95f91baabd29b68d8b2a9fcc69b334fb08dbcbd6e74c34551990974d264c6
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5525d5961de144e10b645a51812010a937ae8512146a39f1887feb701d847e17
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
55cf313f6b5cfc7b15b38fb6e04f48c09430d5a3073a492155c57925720b2941
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
58d85ba8e53eddc3d87dc3d8c114812bc7cfd1d49f658d7a0827a898b708d6ec
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6000da7742d628c23e3cd593a7bba296e12a941bb0001ca82595308350c15c3e
631e44e3a32f593b0d44d9564bfc99e0b4bfaa5c464c7ac90dc51b31c7de4b79
6b12dfb45966def07bc06ba651c5b58b92d4c491ded04df206f33f6683cae782
6f8bcc2025d2c56f2bf8e91b0026b850aa3eaf4807d983daa86dfd226609f4fe
6f9e1f7d958504bda830cee98f04be515a1ff456440678873a69be15499505b2
7007e23ccf56e65c61987411b19cdf4d00805d248e9fa5d7792893a7d22a0f54
711c03b2458e6f86906e934135cc87eb182de911086fe97209468d5f1181cae8
738e5280b8e9abc67656062da2943c575aeecf731a06388f615b94df4b2d8526
754b8757b0b21fbbf8665b79b69d06c4fddfaffad4b33be480c0cb92ed639016
756cd5368e3bf22664232c8228b5d7d572cf4b6b8f912ff17da005caea7790c0
7641dd581b49197ec3e16b4ffc870e8bcc65dde3f9566452c729b43a6af14b7f
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
7f82b072aaad42586193d77e42da8a7429d285c23c4e1216159fd4f71f67e448
7fbe8a94ecb5d03772bd3de4e36a8b484d905a8be393f49201932f4521725ff4
7fcd7c9a055e8565e3191344be5ba42d563c5fe2b944ca0dd259783db192b8df
8798694de163b0d0fb659a75ec2c8065c4e20858256edaa4a4710161b3e708bc
88895d105e5970e51e2836a364df66612653931e60c6f2375d67ed884a87f971
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a88f29729747fb24cb5fa9c592e1a7acb0c0888b0a9e8de7bf4ca67100ebfa6
92ba422186fcdf423baaae445c3535672f485c5bf9b0a40b4eb6dd4a2222bb2c
938c4c5f11cc2bc38dba9a06da56853e654dccc7f35e33cb1b1cd9aa1ee8ebbf
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9520b2cb671d613ff9f2ae92c8de2305abfc8ad6a24cd7ad5d89203c60aa8432
95ed9f1c3f7ca7107140863bcd0ca2349eaf412734dbf27702e9a31fd3ec329a
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a588343e33efac9f375d8a1f704e96a77f0397cf1c1e0a0dcdfc2dfbd939b726
a7e433db6a5e93d9fd34379bf9d3dee291b8bc60fc0cfebb86dfc66b23270e5f
a8a9df836dd171e25a9d1ce224d0f56547b6b06d079eeb3015536cf71ff4b4a7
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
aa1ba0a0d51048667dc23ac16debc42c169505ab5fa61f271005b2d1fe1dcdec
b04f320935e6af2fb98db96fedbcf673fc29db197f3af31066fa187fad8ac879
b3820e0459f9097db723db1f155653dbcf7d3a91be374e104db2dc3d67f55c4d
b40f6b8d5873db73881656441cc18c4ffa42010a32add6733f0e6d913ba5f32d
b69c2738f3e33dfa085ddc33b5b4cf6845b2e1a3d02d8b74be0f272285db9c18
b9a03f78d4fdbf1c14ebc2771b7a048a83ed1698705a2c16db2afd0fb34f8bba
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc2dd9fb17a446efda2af3332c80f861f9b5d8f313201e452d45fbd8bdd79522
c07c6b0d23cf877e90e0a11ca66f62be222e0209896ddadb5dee9b8965be1212
c6401271f271365b2b9b0402a3f77240c6b13453893ef5331ee247b28297b759
c6916492b79e293bea696f469dfdc4ee3c3cb32b0e7d4e88463a7efc504074e2
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9b1c975871e139ec3dce8ca5d2cea862edf5572c930da5952c31a0e72a71ba2
c9c15065d3d64c404a86c89dda2b7720f72ae7a755b248435af94cde1f790a5b
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d40b07c587acdc51adb1b5f200b3586054d61637fd7d76a45f61bb330eae0eef
d492fb6ef3f5ff87d9f2121102e08ad06456088dc639db43bff5b16abc9a4eed
d5c9826032018406a861a5e1666b795fdb83d1c5f727ca63b2a98466261ed257
dcca199ea7b457bf28257b9baea1671c76d9f993e06046319dbe65f7882ceb04
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ccfe88420175dc603d9b4702139773d1d2142a27144f72aa9c2378b089a7d
f28f3a085b5b313f188dac78cb183da7831fa11d65939b93edd959e8057bebb1
f559328fc7464c8eba42a44881a16ada9e72d8a11b1598dc0ffa9d4325653e88
f6369864f88c35b1302ab28dbaa8944f4f275f11a3e43bd96187cc79bf82699d
f74af822db7aa4ed1c03da76062e7909ff2aae04d06ed5c15277d938eb7de383
fa7c5ffa27b46017a62670d98b2b2afe177192d85a41080e7b4d81670595e0d8
fd001e1bc3113a96f7c6aa411b4e56ab3caf4c9f92f8f6212bf3ead688472a8c
ffae9431def3390a1dc09d80a41f9c224affd01ad64970dc157790e9dbdf7721