urlscan.io logo urlscan.io
SecurityTrails logo

www.xumo.com Open in urlscan Pro
34.117.37.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xumo.com/
Effective URL: https://www.xumo.com/
Submission: On May 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 34.117.37.104, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.xumo.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 27th 2023. Valid for: a year.
This is the only time www.xumo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18 34.117.37.104 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.219.116.106 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
22 6
18    34.117.37.104 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 104.37.117.34.bc.googleusercontent.com
xumo.com
www.xumo.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.219.116.106 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-w.amazonaws.com
xumo-ops.s3.amazonaws.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 xumo.com
xumo.com — Cisco Umbrella Rank: 60406
www.xumo.com
204 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230
252 B
1 amazonaws.com
xumo-ops.s3.amazonaws.com
1 gstatic.com
fonts.gstatic.com
31 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
79 KB
22 6
Domain Requested by
16 www.xumo.com www.xumo.com
2 fonts.googleapis.com www.xumo.com
2 xumo.com 2 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 xumo-ops.s3.amazonaws.com www.xumo.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.xumo.com
22 7

This site contains no links.

Subject Issuer Validity Valid
*.xumo.com
COMODO RSA Organization Validation Secure Server CA		 2023-04-27 -
2024-04-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://www.xumo.com/
Frame ID: B15650C2357BE594DACF3B056F74AA41
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xumo

Page URL History Show full URLs

  1. http://xumo.com/ HTTP 301
    https://xumo.com/ HTTP 301
    https://www.xumo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

22
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

316 kB
Transfer

9606 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xumo.com/ HTTP 301
    https://xumo.com/ HTTP 301
    https://www.xumo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xumo.com/
Redirect Chain
  • http://xumo.com/
  • https://xumo.com/
  • https://www.xumo.com/
20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
dc2f89d87c4a991999e45441f0ba063d11e0bf1952d4619d80d95434f2d7a0e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy base-uri 'self'; default-src 'none'; child-src 'self'; connect-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://*.google-analytics.com *.google-analytics.com https://*.hsforms.com *.hsforms.com https://*.doubleclick.net *.doubleclick.net; font-src 'self' https://fonts.gstatic.com fonts.gstatic.com https://fonts.googleapis.com fonts.googleapis.com; form-action 'self' https://*.hsforms.com *.hsforms.com; frame-ancestors 'self'; frame-src 'self' https://*.hsforms.com *.hsforms.com https://*.youtube.com *.youtube.com https://*.google.com *.google.com; img-src 'self' https://new.xumo.com new.xumo.com https://*.google-analytics.com *.google-analytics.com https://*.googletagmanager.com *.googletagmanager.com https://*.google.com *.google.com https://*.hsappstatic.com *.hsappstatic.com https://*.hsforms.com *.hsforms.com https://*.hs-embed-reporting.com *.hs-embed-reporting.com https://*.ytimg.com *.ytimg.com blob: data:; media-src 'self' https://*.googleapis.com *.googleapis.com https://xumo-ops.s3.amazonaws.com xumo-ops.s3.amazonaws.com; object-src 'none'; script-src 'self' https://*.google-analytics.com *.google-analytics.com https://*.googletagmanager.com *.googletagmanager.com https://*.hsforms.net *.hsforms.net https://*.youtube.com *.youtube.com 'unsafe-inline'; style-src 'self' https://*.typekit.net *.typekit.net https://fonts.googleapis.com fonts.googleapis.com 'unsafe-inline'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
5193
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 25 May 2023 02:50:22 GMT
expect-ct
enforce, max-age=43200
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Google Frontend
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-cloud-trace-context
e6bfbe33de2fef9453fff081ce14ddfb
x-content-security-policy
base-uri 'self'; default-src 'none'; child-src 'self'; connect-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://*.google-analytics.com *.google-analytics.com https://*.hsforms.com *.hsforms.com https://*.doubleclick.net *.doubleclick.net; font-src 'self' https://fonts.gstatic.com fonts.gstatic.com https://fonts.googleapis.com fonts.googleapis.com; form-action 'self' https://*.hsforms.com *.hsforms.com; frame-ancestors 'self'; frame-src 'self' https://*.hsforms.com *.hsforms.com https://*.youtube.com *.youtube.com https://*.google.com *.google.com; img-src 'self' https://new.xumo.com new.xumo.com https://*.google-analytics.com *.google-analytics.com https://*.googletagmanager.com *.googletagmanager.com https://*.google.com *.google.com https://*.hsappstatic.com *.hsappstatic.com https://*.hsforms.com *.hsforms.com https://*.hs-embed-reporting.com *.hs-embed-reporting.com https://*.ytimg.com *.ytimg.com blob: data:; media-src 'self' https://*.googleapis.com *.googleapis.com https://xumo-ops.s3.amazonaws.com xumo-ops.s3.amazonaws.com; object-src 'none'; script-src 'self' https://*.google-analytics.com *.google-analytics.com https://*.googletagmanager.com *.googletagmanager.com https://*.hsforms.net *.hsforms.net https://*.youtube.com *.youtube.com 'unsafe-inline'; style-src 'self' https://*.typekit.net *.typekit.net https://fonts.googleapis.com fonts.googleapis.com 'unsafe-inline'; upgrade-insecure-requests
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-webkit-csp
base-uri 'self'; default-src 'none'; child-src 'self'; connect-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://*.google-analytics.com *.google-analytics.com https://*.hsforms.com *.hsforms.com https://*.doubleclick.net *.doubleclick.net; font-src 'self' https://fonts.gstatic.com fonts.gstatic.com https://fonts.googleapis.com fonts.googleapis.com; form-action 'self' https://*.hsforms.com *.hsforms.com; frame-ancestors 'self'; frame-src 'self' https://*.hsforms.com *.hsforms.com https://*.youtube.com *.youtube.com https://*.google.com *.google.com; img-src 'self' https://new.xumo.com new.xumo.com https://*.google-analytics.com *.google-analytics.com https://*.googletagmanager.com *.googletagmanager.com https://*.google.com *.google.com https://*.hsappstatic.com *.hsappstatic.com https://*.hsforms.com *.hsforms.com https://*.hs-embed-reporting.com *.hs-embed-reporting.com https://*.ytimg.com *.ytimg.com blob: data:; media-src 'self' https://*.googleapis.com *.googleapis.com https://xumo-ops.s3.amazonaws.com xumo-ops.s3.amazonaws.com; object-src 'none'; script-src 'self' https://*.google-analytics.com *.google-analytics.com https://*.googletagmanager.com *.googletagmanager.com https://*.hsforms.net *.hsforms.net https://*.youtube.com *.youtube.com 'unsafe-inline'; style-src 'self' https://*.typekit.net *.typekit.net https://fonts.googleapis.com fonts.googleapis.com 'unsafe-inline'; upgrade-insecure-requests
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
169
content-type
text/html
date
Thu, 25 May 2023 02:50:21 GMT
location
https://www.xumo.com/
server
Google Frontend
via
1.1 google
x-cloud-trace-context
43bd169048d0ef2bcd7557a64ecd770a
style.css
www.xumo.com/brix/css/ 		171 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/brix/css/style.css?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4ea32efbe02691ee6b32f8667569dd700d72c4f9652d48b37c76595163d082d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
11951950
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17257
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 06 Jan 2023 18:50:25 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-cloud-trace-context
f5964fd693af8f18d55be46650aa8c9a
cache-control
public, max-age=31536000
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
css2
fonts.googleapis.com/ 		5 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Raleway:wght@500;700&display=swap
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d9e568cc6aeb8b7909f6040340eaa28f895642e3583c2b7ebd8d4596898afe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 May 2023 02:50:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 May 2023 02:50:22 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
735d23452911fee84d6dc55c7bdc4966663003894ac722deca63b064b2404a1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 May 2023 01:18:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 May 2023 02:50:22 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HBSRTTHTEG
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3224632fda6c858c990df396e9478098c2290d3201875da0c5186104d6ea41b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80452
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 May 2023 02:50:22 GMT
Core_Objectives%20_350x263_1(1).jpg
www.xumo.com/uploads/html/images/Objectives/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xumo.com/uploads/html/images/Objectives/Core_Objectives%20_350x263_1(1).jpg
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
fd0e596aa093980bb755ba57f4cecdeedaf31faecfa7baeb6effbaa4cedbf9f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
via
1.1 google
age
17585517
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45318
x-xss-protection
1; mode=block
last-modified
Tue, 01 Nov 2022 18:26:52 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
content-type
image/jpeg
x-cloud-trace-context
55c7cb9a1be8303931aa495782930281
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
Core_Objectives%20_350x263_2(1).jpg
www.xumo.com/uploads/html/images/Objectives/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xumo.com/uploads/html/images/Objectives/Core_Objectives%20_350x263_2(1).jpg
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
10de29ab93d81e792b37d46e928c886b0a774414c21fe34bf683c7ffaa2a2e28
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
via
1.1 google
age
17585346
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54741
x-xss-protection
1; mode=block
last-modified
Tue, 01 Nov 2022 18:26:51 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
content-type
image/jpeg
x-cloud-trace-context
a9fc4d2f551026b51341eb862b1ed4ed
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
Core_Objectives%20_350x263_3(1).jpg
www.xumo.com/uploads/html/images/Objectives/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xumo.com/uploads/html/images/Objectives/Core_Objectives%20_350x263_3(1).jpg
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b335adfb7ba2828a2405de9528c447249bf59e95ba35c32efd7844067124fc6b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
via
1.1 google
age
17585273
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55342
x-xss-protection
1; mode=block
last-modified
Tue, 01 Nov 2022 18:26:51 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
content-type
image/jpeg
x-cloud-trace-context
872e03a541a27f78012b09b6e8d5105d
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
bodyScrollLock.min.js
www.xumo.com/brix/js/vendor/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/brix/js/vendor/bodyScrollLock.min.js?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
de06f16a566524ac3d1a56905bbb82484f50ac11fd7860fe4a96535ae954fae0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
11951950
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1120
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Aug 2022 18:12:45 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
b950685c09d6b048f1f475187ea4cd01
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
smoothscroll.min.js
www.xumo.com/brix/js/vendor/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/brix/js/vendor/smoothscroll.min.js?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
19eab772c8cb2919d14d563774b249919f4989295f54cf64443470c9964931c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
11951498
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1383
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Aug 2022 18:12:45 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
1b9da446bb5f5dc4c48725640366f72a
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
ofi.min.js
www.xumo.com/brix/js/vendor/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/brix/js/vendor/ofi.min.js?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
11951707
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1428
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Aug 2022 18:12:45 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
c9aafc8676c39c4245fbbe021021ed97
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
lazyload.min.js
www.xumo.com/brix/js/vendor/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/brix/js/vendor/lazyload.min.js?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b0ee873dabe85e8efde99a7f6eaeadb38a873a812a7f2757117497e4da233f8f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
11951902
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Aug 2022 18:12:45 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
2d1ef496f5f6f123da8367a5b932e2e6
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
fslightbox.min.js
www.xumo.com/brix/js/vendor/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/brix/js/vendor/fslightbox.min.js?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4d72edbed2451e827a2ceac8aad598f6651324c1c9cadc7b2c6b4c93cff919b7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
1641922
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13701
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Aug 2022 18:12:45 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
28df21c4a83c2d54bea9fa78667f47c1
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
ga.min.js
www.xumo.com/brix/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/brix/js/ga.min.js?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1d9817cd9f50759aad420603302d754c988cad6af7e4d5600c966122b7067e4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
11951950
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1382
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Aug 2022 18:12:45 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
2b82493a759c98b6006b294138b4821d
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
utils.min.js
www.xumo.com/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/utils/utils.min.js?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
326ab97ce2a99621d964a749b65b0e6db194adb4702d79e1f565a86f6b1adec8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
3282099
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2965
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Aug 2022 18:20:46 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
d0aa2e42410800cbb073100d799a0054
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
brix.min.js
www.xumo.com/brix/js/ 		2 KB
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xumo.com/brix/js/brix.min.js?cache=41
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ebab7dce634b19761fe74e2d23b73ee3f2dbc52c68a2a3802cc657742fd992bc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
11951902
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
699
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Oct 2022 18:22:14 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
a965473895606ec7e426ab018573bae3
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
logo.svg
www.xumo.com/brix/images/ 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xumo.com/brix/images/logo.svg?cache=4
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/brix/css/style.css?cache=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
92a26ad04c5a9ce9092333899153cb29926ca1e4101a1da7a87d803df7a21fec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/brix/css/style.css?cache=41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
17585276
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
714
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 06 Oct 2022 22:38:34 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
image/svg+xml
x-cloud-trace-context
e9484f9c423ed6f4fa788bd8df885fae
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
x-turbo-charged-by
LiteSpeed
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
logoHover.svg
www.xumo.com/brix/images/ 		1 KB
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xumo.com/brix/images/logoHover.svg?cache=4
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/brix/css/style.css?cache=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
361685d6a95a20fefc3b3c3668c71b73e64c70accb0d9f13f16cafa1c346d725
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/brix/css/style.css?cache=41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
17585346
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
705
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 06 Oct 2022 22:38:34 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
image/svg+xml
x-cloud-trace-context
3ac3782460bf4b342a801580c2b1795c
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
x-turbo-charged-by
LiteSpeed
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
topArrow.svg
www.xumo.com/brix/images/ 		438 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xumo.com/brix/images/topArrow.svg?cache=4
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/brix/css/style.css?cache=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.37.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.37.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
de06f47b298df28577ddced67321ac2a31d82af99ac90b16beff2350b996f750
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/brix/css/style.css?cache=41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 25 May 2023 02:50:22 GMT
content-encoding
gzip
age
17585276
via
1.1 google
x-cache
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Aug 2022 18:12:45 GMT
server
Google Frontend
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
content-type
image/svg+xml
x-cloud-trace-context
e4bd9ef40bd2ee375eace1431264aa5a
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(),autoplay=*,camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=*,geolocation=*,gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=*,publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
x-turbo-charged-by
LiteSpeed
platform
hostinger
expires
Fri, 24 May 2024 02:50:22 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.xumo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 14:34:09 GMT
x-content-type-options
nosniff
age
389773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 14:34:09 GMT
Xumo%20Website%20Video%20Loop_720-2.mp4
xumo-ops.s3.amazonaws.com/XUMO_WebsiteVideo/ 		9 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://xumo-ops.s3.amazonaws.com/XUMO_WebsiteVideo/Xumo%20Website%20Video%20Loop_720-2.mp4
Requested by
Host: www.xumo.com
URL: https://www.xumo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.116.106 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.xumo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 25 May 2023 02:50:23 GMT
x-amz-version-id
SCcoUVOgZP3440YckKaVlUeftGT_RlcK
Last-Modified
Fri, 23 Sep 2022 21:55:25 GMT
Server
AmazonS3
x-amz-request-id
NJ25B58NHNT89XT0
ETag
"2135112cc10903bc851195c6cb8f2aa4"
x-amz-server-side-encryption
AES256
Content-Type
video/mp4
Content-Range
bytes 0-17700026/17700027
Accept-Ranges
bytes
Content-Length
17700027
x-amz-id-2
GjBHL4z5o6JoLSWpWGNyHuf1EkzTa14klozjvgI1isAGUMZ7Qf+fxKYIXRsP48iGIkU+DFc/V04=
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HBSRTTHTEG&gtm=45je35m0&_p=1053878488&cid=2049847952.1684983022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684983022&sct=1&seg=0&dl=https%3A%2F%2Fwww.xumo.com%2F&dt=Xumo&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBSRTTHTEG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 May 2023 02:50:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xumo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| gtag object| dataLayer function| revealAllDivs object| blockLinks object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| bodyScrollLock function| objectFitImages function| LazyLoad function| fsLightboxClass object| fsLightboxInstances object| fsLightboxHelpers object| $jscomp function| submitGAEvent function| gaListeners object| gaPercs number| gaLastPerc function| gaScrollPerc function| scrollWindow function| anchorHandler function| disableRightClick function| checkEnter function| getQueryVariable function| throttle function| removeHoverCSSRule function| withinViewport function| imagePulldown function| postToFacebook function| postToTwitter function| postToPinterest function| postToLinkedIn function| fsLightboxBgClose function| flktyRevalidate function| copyToClipboard function| dismissCookiesConsent function| isElementInViewport function| subNavScrollTo function| subNavIntoView function| responsiveNav function| pageInit

3 Cookies

Domain/Path Name / Value
www.xumo.com/ Name: __Secure-PHPSESSID
Value: 4bmhfo42ilmp0duq5b4a5636r0
.xumo.com/ Name: _ga
Value: GA1.1.2049847952.1684983022
.xumo.com/ Name: _ga_HBSRTTHTEG
Value: GS1.1.1684983022.1.0.1684983022.0.0.0

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy base-uri 'self'; default-src 'none'; child-src 'self'; connect-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://*.google-analytics.com *.google-analytics.com https://*.hsforms.com *.hsforms.com https://*.doubleclick.net *.doubleclick.net; font-src 'self' https://fonts.gstatic.com fonts.gstatic.com https://fonts.googleapis.com fonts.googleapis.com; form-action 'self' https://*.hsforms.com *.hsforms.com; frame-ancestors 'self'; frame-src 'self' https://*.hsforms.com *.hsforms.com https://*.youtube.com *.youtube.com https://*.google.com *.google.com; img-src 'self' https://new.xumo.com new.xumo.com https://*.google-analytics.com *.google-analytics.com https://*.googletagmanager.com *.googletagmanager.com https://*.google.com *.google.com https://*.hsappstatic.com *.hsappstatic.com https://*.hsforms.com *.hsforms.com https://*.hs-embed-reporting.com *.hs-embed-reporting.com https://*.ytimg.com *.ytimg.com blob: data:; media-src 'self' https://*.googleapis.com *.googleapis.com https://xumo-ops.s3.amazonaws.com xumo-ops.s3.amazonaws.com; object-src 'none'; script-src 'self' https://*.google-analytics.com *.google-analytics.com https://*.googletagmanager.com *.googletagmanager.com https://*.hsforms.net *.hsforms.net https://*.youtube.com *.youtube.com 'unsafe-inline'; style-src 'self' https://*.typekit.net *.typekit.net https://fonts.googleapis.com fonts.googleapis.com 'unsafe-inline'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
www.googletagmanager.com
www.xumo.com
xumo-ops.s3.amazonaws.com
xumo.com
2001:4860:4802:34::36
2a00:1450:4001:800::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2008
34.117.37.104
52.219.116.106
10de29ab93d81e792b37d46e928c886b0a774414c21fe34bf683c7ffaa2a2e28
19eab772c8cb2919d14d563774b249919f4989295f54cf64443470c9964931c4
1d9817cd9f50759aad420603302d754c988cad6af7e4d5600c966122b7067e4a
3224632fda6c858c990df396e9478098c2290d3201875da0c5186104d6ea41b1
326ab97ce2a99621d964a749b65b0e6db194adb4702d79e1f565a86f6b1adec8
361685d6a95a20fefc3b3c3668c71b73e64c70accb0d9f13f16cafa1c346d725
4d72edbed2451e827a2ceac8aad598f6651324c1c9cadc7b2c6b4c93cff919b7
4ea32efbe02691ee6b32f8667569dd700d72c4f9652d48b37c76595163d082d1
6d9e568cc6aeb8b7909f6040340eaa28f895642e3583c2b7ebd8d4596898afe9
735d23452911fee84d6dc55c7bdc4966663003894ac722deca63b064b2404a1d
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b
92a26ad04c5a9ce9092333899153cb29926ca1e4101a1da7a87d803df7a21fec
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b0ee873dabe85e8efde99a7f6eaeadb38a873a812a7f2757117497e4da233f8f
b335adfb7ba2828a2405de9528c447249bf59e95ba35c32efd7844067124fc6b
dc2f89d87c4a991999e45441f0ba063d11e0bf1952d4619d80d95434f2d7a0e1
de06f16a566524ac3d1a56905bbb82484f50ac11fd7860fe4a96535ae954fae0
de06f47b298df28577ddced67321ac2a31d82af99ac90b16beff2350b996f750
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebab7dce634b19761fe74e2d23b73ee3f2dbc52c68a2a3802cc657742fd992bc
fd0e596aa093980bb755ba57f4cecdeedaf31faecfa7baeb6effbaa4cedbf9f7