login.xero.com Open in urlscan Pro
104.75.88.211  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

• https://6918231.fls.doubleclick.net/activityi;src=6918231;type=allpa0;cat=xerof000;ord=9711181394809;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F HTTP 302
• https://6918231.fls.doubleclick.net/activityi;dc_pre=CPyYhsKauu0CFYDFuwgd7aoLUw;src=6918231;type=allpa0;cat=xerof000;ord=9711181394809;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F

Request Chain 30

• https://6960706.fls.doubleclick.net/activityi;src=6960706;type=allpa0;cat=xerof000;ord=4907485738648;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F HTTP 302
• https://6960706.fls.doubleclick.net/activityi;dc_pre=CNGhhsKauu0CFcDJuwgd3kINhQ;src=6960706;type=allpa0;cat=xerof000;ord=4907485738648;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F

Request Chain 31

• https://4944433.fls.doubleclick.net/activityi;src=4944433;type=allpa0;cat=xerof00a;ord=8412097918241;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F HTTP 302
• https://4944433.fls.doubleclick.net/activityi;dc_pre=CJXu_sGauu0CFRThuwgdBvUFVw;src=4944433;type=allpa0;cat=xerof00a;ord=8412097918241;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F

Request Chain 32

• https://9401320.fls.doubleclick.net/activityi;src=9401320;type=pagev0;cat=globa0;ord=4778229165946;gtm=2wgb41;auiddc=1984534738.1607286959;u1=undefined;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F HTTP 302
• https://9401320.fls.doubleclick.net/activityi;dc_pre=CKKO_8Gauu0CFYfnuwgdVF4APQ;src=9401320;type=pagev0;cat=globa0;ord=4778229165946;gtm=2wgb41;auiddc=1984534738.1607286959;u1=undefined;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F

Request Chain 33

• https://9401320.fls.doubleclick.net/activityi;src=9401320;type=pagev0;cat=globa00;ord=3826571730160;gtm=2wgb41;auiddc=1984534738.1607286959;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F HTTP 302
• https://9401320.fls.doubleclick.net/activityi;dc_pre=CPqO_8Gauu0CFcFE5QodnHwOfQ;src=9401320;type=pagev0;cat=globa00;ord=3826571730160;gtm=2wgb41;auiddc=1984534738.1607286959;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F

Request Chain 39

• https://8690559.fls.doubleclick.net/activityi;src=8690559;type=conve0;cat=xerop0;ord=7911300970639;u=%2Flogin-iframe%2F;gtm=2wgb41;auiddc=1984534738.1607286959;u1=%2Flogin-iframe%2F;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F HTTP 302
• https://8690559.fls.doubleclick.net/activityi;dc_pre=COitgMKauu0CFdDGuwgd8YMAkw;src=8690559;type=conve0;cat=xerop0;ord=7911300970639;u=%2Flogin-iframe%2F;gtm=2wgb41;auiddc=1984534738.1607286959;u1=%2Flogin-iframe%2F;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F

Request Chain 45

• https://cm.everesttech.net/cm/dd?d_uuid=27975507763512125850641821276388398093 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=X81ArwAAAB3owh1P

Request Chain 63

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1607286959118&url=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%3A%2F%2Fin.xero.com%26wctx%3Drm%3D0%26id%3Dpassive%26ru%3D%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement%26wct%3D2020-12-06T20%3A30%3A49Z HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D206915%26time%3D1607286959118%26url%3Dhttps%253A%252F%252Flogin.xero.com%252F%253Fwa%253Dwsignin1.0%2526wtrealm%253Dhttps%253A%252F%252Fin.xero.com%2526wctx%253Drm%253D0%2526id%253Dpassive%2526ru%253D%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%2526wct%253D2020-12-06T20%253A30%253A49Z%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1607286959118&url=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%3A%2F%2Fin.xero.com%26wctx%3Drm%3D0%26id%3Dpassive%26ru%3D%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement%26wct%3D2020-12-06T20%3A30%3A49Z&liSync=true

Request Chain 74

• https://www.facebook.com/tr/?id=303901320544451&ev=PageView&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&rl=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&if=true&ts=1607286959185&sw=1600&sh=1200&v=2.9.29&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1607286959135.1749209905&it=1607286959066&coo=false&rqm=GET HTTP 302
• https://cx.atdmt.com/?c=8150322936120194776&f=AYw5JzAuk5RRJ-OCYvVU82bAuWs1HIUqjRkku-z8ahyUfc9wDl_T20NSaaRp-LAW4gRomxmd63E7L3MoQ4BviU2C&id=303901320544451&l=3&v=0

Request Chain 76

• https://www.facebook.com/tr/?id=303901320544451&ev=referrerSource&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&rl=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&if=true&ts=1607286959188&cd[utm_source]=organic&cd[hostname]=login.xero.com&sw=1600&sh=1200&v=2.9.29&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1607286959135.1749209905&it=1607286959066&coo=false&rqm=GET HTTP 302
• https://cx.atdmt.com/?c=11576527829137526919&f=AYx1SusreuBP6Q3asA1RSq90oJR8mpO5kkJyRUUljo2PPrXplXP5kF63eA_CyVir_LHSqbG3RAal-G2GKBlcvH0z&id=303901320544451&l=3&v=0

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response login.xero.com/	9 KB 6 KB	493ms 425ms	Document text/html	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash f8d59c0ddf9a0632931e8d21cb7af6cf568e6fcb7ff8733020966a2921582535 Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Host login.xero.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Cache-Control private Content-Encoding gzip Vary Accept-Encoding X-UA-Compatible IE=edge Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 X-Akamai-Transformed 9 3672 0 pmb=mTOE,1 Date Sun, 06 Dec 2020 20:35:57 GMT Content-Length 3266 Connection keep-alive Set-Cookie Device=7fb896d7-d966-4cd5-8474-e4c574a88068; domain=.xero.com; expires=Sat, 06-Dec-2025 20:35:57 GMT; path=/; HttpOnly ASP.NET_SessionId=e31gpzh3kznyjut30iczbrtt; path=/; HttpOnly; SameSite=Lax Device=7fb896d7-d966-4cd5-8474-e4c574a88068; domain=.xero.com; expires=Sat, 06-Dec-2025 20:35:57 GMT; path=/; HttpOnly ASP.NET_SessionId=e31gpzh3kznyjut30iczbrtt; path=/; HttpOnly; SameSite=Lax SessionId=; path=/; secure; HttpOnly GlobalSession=; path=/; secure; HttpOnly ApplicationToken=; path=/ __RequestVerificationToken=nx-zDU41KFXzGx2FQBkCkybT-yBkAAMBKCrCjI5tWk51iBSA3Qs6GcoOZtTYOFhVdJafVRsMgQBwcOYNVBHp0QmqqAxzOU65Gh5Wm2_sGXguGKdqdfGbdDXwFwLdTu6ey5r3eg2; path=/; HttpOnly ak_bmsc=BF3A202D551E3885B7F965214999F829B85666966B8B0000AD40CD5FD6F7C97A~plMHOZOrI00vA/Kb+6oReFvKv1SRenId2Lh3nLynPVtK0fvo3NmdCar5U8xdEW2RmebK9XLtNIoyFJuXCFn87Xnnz+89qdKAiAvtHWtmXgVmiiKoPRNP8o2n7Km+D1ld5tgdv6M8KgLgAjiqRYPaflKiQaEbSyqPnTYFz4Bhl7fP3E/Qb/3o3tyfXk0PkOb76YQB7Mr0RsEHdpwSbb8SfwC4+dHPT53C4mfY++c0KkCd4=; expires=Sun, 06 Dec 2020 22:35:57 GMT; max-age=7200; path=/; domain=.xero.com; HttpOnly bm_sz=E0C9ECAB8EA927E4D9FC0FB08412FC03~YAAQlmZWuDMI1KZ1AQAAXqXEOQol25mfv/tZXsG+UF4Bkzrws0YX1g1zccBkGBt0TPKaaVKtCXLIZnWbT+hG40PksqGw7qdM4lNgqUtOAFEmLKG8cRypM8kHhev0u6LW+y3t0BQxo06hL4yLZ83CmXFfVQsuTt9InUQ/FtpEla8e2pHINs1ygAkgb8/L; Domain=.xero.com; Path=/; Expires=Mon, 07 Dec 2020 00:35:57 GMT; Max-Age=14400; HttpOnly _abck=3AECF67D4AAB45BABEF95D6905236498~-1~YAAQlmZWuDQI1KZ1AQAAXqXEOQU6br2hhf/xGcfK7EUKxI5FmVDvmAV4Gz13xeZiFEHF8j0NcnFYHbPKIkvNFcRbDGoeuTCzUth4GZ56HjKNnKyTfVPZiT7gQVMPRYJ9qDO2c5gUJvaIkSc7gtQxq3X/TXtxRnqbQWbmSiFtFLkPo3staqsSeVWYTVVLBRytJOCUAiYZzWdm/JqOZAV+EBD7guWHOlm8zQI3Lzom8FLS0OO+Myq0U/vjknxN9fiARSVD+Jxt2eDaIt/zeWqDBP9ODDS76LOXVlkOK/wQVydULosd0Pj5pA==~-1~-1~-1; Domain=.xero.com; Path=/; Expires=Mon, 06 Dec 2021 20:35:57 GMT; Max-Age=31536000; Secure X-Client-IP 8330
GET H/1.1	200 OK	all-06b7a539.css login.xero.com/Content/all/	159 KB 39 KB	53ms 52ms	Stylesheet text/css	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/Content/all/all-06b7a539.css Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash 5f35133564c5d19efde49b009e52b9203e0ee2e6103c6afb00a98b131add5cd9 Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Content-Encoding gzip Last-Modified Wed, 18 Nov 2020 18:28:02 GMT ETag "0a5648cd8bdd61:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type text/css Cache-Control public, max-age=6383714 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 38877 X-Client-IP 8330 X-UA-Compatible IE=edge
GET H/1.1	200 OK	libs-8392bc17.js Show response login.xero.com/scripts/	694 KB 259 KB	148ms 73ms	Script application/javascript	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/scripts/libs-8392bc17.js Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash a82af958e16578625efb08fa2f0d30d05bd19bf813e1c7e8bc399009336295ca Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Content-Encoding gzip Last-Modified Wed, 19 Aug 2020 12:09:30 GMT ETag "03965972176d61:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type application/javascript Cache-Control public, max-age=1165892 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 264989 X-Client-IP 8352 X-UA-Compatible IE=edge
GET H/1.1	200 OK	login-e7fe2437.js Show response login.xero.com/Scripts/	3 KB 2 KB	117ms 41ms	Script application/javascript	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/Scripts/login-e7fe2437.js Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash 0ff6b3957a55f079ba2c1a02f415d68e8ee32fc7dae3051ecdccd385432b1630 Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Content-Encoding gzip Last-Modified Wed, 18 Nov 2020 18:28:04 GMT ETag "0d2958dd8bdd61:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type application/javascript Cache-Control public, max-age=6871981 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 1197 X-Client-IP 8350 X-UA-Compatible IE=edge
GET H/1.1	200 OK	spinner-5ada83ae.gif login.xero.com/content/shared/img/misc/	1 KB 2 KB	52ms 52ms	Image image/gif	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login.xero.com/content/shared/img/misc/spinner-5ada83ae.gif Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash 596719d8f25ddd1cc8d82184e2482f2a906690625500e631668310cbcd6993da Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Last-Modified Wed, 18 Nov 2020 18:28:02 GMT ETag "0a5648cd8bdd61:0" Strict-Transport-Security max-age=31536000 Content-Type image/gif Cache-Control public, max-age=6961115 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 1105 X-Client-IP 8350 X-UA-Compatible IE=edge
GET H/1.1	200 OK	67ddf196d5rn232c2a3a4217ef920e47 Show response login.xero.com/resources/	70 KB 18 KB	46ms 46ms	Script application/javascript	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/resources/67ddf196d5rn232c2a3a4217ef920e47 Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 06 Dec 2020 20:35:57 GMT Content-Encoding gzip Last-Modified Tue, 06 Oct 2020 20:27:15 GMT ETag "131722820cdab77a5ea6b28d67b3a69880fc6094dcb812a997c675b08ca2792f" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=21600 Connection keep-alive Content-Length 18338 X-Client-IP 8350
GET H/1.1	200 OK	header-330b898e.png login.xero.com/content/local/img/	41 KB 41 KB	49ms 48ms	Image image/png	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login.xero.com/content/local/img/header-330b898e.png Requested by Host: login.xero.com URL: https://login.xero.com/Content/all/all-06b7a539.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash 065ca7e0516e91f8d87d340fc38c5a9fe3bd4fbc19d98b3a243a7bdb7524b6fc Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Referer https://login.xero.com/Content/all/all-06b7a539.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Last-Modified Wed, 18 Nov 2020 18:28:02 GMT ETag "0a5648cd8bdd61:0" Strict-Transport-Security max-age=31536000 Content-Type image/png Cache-Control public, max-age=6377817 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 41518 X-Client-IP 8352 X-UA-Compatible IE=edge
GET H/1.1	200 OK	envelope-51933199.png login.xero.com/Content/images/marketing/	424 B 1 KB	51ms 50ms	Image image/png	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login.xero.com/Content/images/marketing/envelope-51933199.png Requested by Host: login.xero.com URL: https://login.xero.com/Content/all/all-06b7a539.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash c7a714db31948bdfe27054dd5abded6f3435dd71bd362a231c07a7d3a38e1161 Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Referer https://login.xero.com/Content/all/all-06b7a539.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Last-Modified Wed, 18 Nov 2020 18:28:02 GMT ETag "0a5648cd8bdd61:0" Strict-Transport-Security max-age=31536000 Content-Type image/png Cache-Control public, max-age=6988688 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 424 X-Client-IP 8330 X-UA-Compatible IE=edge
GET H/1.1	200 OK	padlock-ccc3dff1.png login.xero.com/Content/images/marketing/	233 B 897 B	105ms 53ms	Image image/png	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login.xero.com/Content/images/marketing/padlock-ccc3dff1.png Requested by Host: login.xero.com URL: https://login.xero.com/Content/all/all-06b7a539.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash 0a88045b745908668639dd623b754e2aa04a1f4f832951c95f4046fb10634539 Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Referer https://login.xero.com/Content/all/all-06b7a539.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Last-Modified Tue, 24 Nov 2020 17:28:30 GMT ETag "033cb3987c2d61:0" Strict-Transport-Security max-age=31536000 Content-Type image/png Cache-Control public, max-age=7200588 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 233 X-Client-IP 8330 X-UA-Compatible IE=edge
GET H/1.1	200 OK	NationalWeb-Regular.woff login.xero.com/content/local/fonts/woff/	68 KB 69 KB	57ms 56ms	Font font/x-woff	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/content/local/fonts/woff/NationalWeb-Regular.woff Requested by Host: login.xero.com URL: https://login.xero.com/Content/all/all-06b7a539.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash c8847c15e5b653a29869f4bf523291995a93a0ff684a1a19ed2d9e2062677a68 Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Origin https://login.xero.com Referer https://login.xero.com/Content/all/all-06b7a539.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Last-Modified Mon, 09 Nov 2020 12:22:44 GMT ETag "08287693b6d61:0" Strict-Transport-Security max-age=31536000 Content-Type font/x-woff Cache-Control public, max-age=6121448 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 69479 X-Client-IP 8350 X-UA-Compatible IE=edge
POST H/1.1	201 Created	67ddf196d5rn232c2a3a4217ef920e47 Show response login.xero.com/resources/	17 B 834 B	1093ms 1088ms	XHR application/json	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/resources/67ddf196d5rn232c2a3a4217ef920e47 Requested by Host: login.xero.com URL: https://login.xero.com/resources/67ddf196d5rn232c2a3a4217ef920e47 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 06 Dec 2020 20:35:58 GMT Vary Origin Content-Type application/json Access-Control-Allow-Origin https://login.xero.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type Content-Length 17 X-Client-IP 8352
GET H2	200	/ Show response www.xero.com/login-iframe/ Frame 3341	30 KB 6 KB	399ms 293ms	Document text/html	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/login-iframe/ Requested by Host: login.xero.com URL: https://login.xero.com/scripts/libs-8392bc17.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 52801e501195a95db15f04467dc0e7e9c9856e4465ef6dcec910dbe1ec1c9830 Request headers :method GET :authority www.xero.com :scheme https :path /login-iframe/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z accept-encoding gzip, deflate, br accept-language en-US cookie Device=7fb896d7-d966-4cd5-8474-e4c574a88068; ak_bmsc=BF3A202D551E3885B7F965214999F829B85666966B8B0000AD40CD5FD6F7C97A~plMHOZOrI00vA/Kb+6oReFvKv1SRenId2Lh3nLynPVtK0fvo3NmdCar5U8xdEW2RmebK9XLtNIoyFJuXCFn87Xnnz+89qdKAiAvtHWtmXgVmiiKoPRNP8o2n7Km+D1ld5tgdv6M8KgLgAjiqRYPaflKiQaEbSyqPnTYFz4Bhl7fP3E/Qb/3o3tyfXk0PkOb76YQB7Mr0RsEHdpwSbb8SfwC4+dHPT53C4mfY++c0KkCd4=; bm_sz=E0C9ECAB8EA927E4D9FC0FB08412FC03~YAAQlmZWuDMI1KZ1AQAAXqXEOQol25mfv/tZXsG+UF4Bkzrws0YX1g1zccBkGBt0TPKaaVKtCXLIZnWbT+hG40PksqGw7qdM4lNgqUtOAFEmLKG8cRypM8kHhev0u6LW+y3t0BQxo06hL4yLZ83CmXFfVQsuTt9InUQ/FtpEla8e2pHINs1ygAkgb8/L; _abck=3AECF67D4AAB45BABEF95D6905236498~-1~YAAQlmZWuDQI1KZ1AQAAXqXEOQU6br2hhf/xGcfK7EUKxI5FmVDvmAV4Gz13xeZiFEHF8j0NcnFYHbPKIkvNFcRbDGoeuTCzUth4GZ56HjKNnKyTfVPZiT7gQVMPRYJ9qDO2c5gUJvaIkSc7gtQxq3X/TXtxRnqbQWbmSiFtFLkPo3staqsSeVWYTVVLBRytJOCUAiYZzWdm/JqOZAV+EBD7guWHOlm8zQI3Lzom8FLS0OO+Myq0U/vjknxN9fiARSVD+Jxt2eDaIt/zeWqDBP9ODDS76LOXVlkOK/wQVydULosd0Pj5pA==~-1~-1~-1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Response headers server AmazonS3 content-type text/html set-cookie bm_sv=7B42CD960A29777BE80DD345E810B9C4~gdeXUFDZ3ohlm8Hwj/9GlhiL5IWuuzxxW7MvHITVkin6BozXS7abqf0Z6MaEzOcrQEb6iSfR7mWs6zLaeHFZdcxoqglCZ5n+ZEi+NB7H2MD3C20i7bCUQ9M8orkKgWSdP8X6kEkyRJGDfC7ZvD/jTA==; Domain=.xero.com; Path=/; Max-Age=7199; HttpOnly etag "50b3b79b13c2d7e270cad6a76b60a1ca" access-control-allow-origin * vary Accept-Encoding x-akamai-transformed 9 - 0 pmb=mTOE,1 x-amz-cf-id N8XOXajT83xYRrnjetNnDy-QL5R7QztTQrQEt6NqfbvHIKRPAZ4EKw== x-amz-cf-pop FRA56-C1 content-encoding gzip cache-control max-age=140 expires Sun, 06 Dec 2020 20:38:18 GMT date Sun, 06 Dec 2020 20:35:58 GMT content-length 5657
GET H/1.1	200 OK	spinner-5ada83ae.gif login.xero.com/content/images/	1 KB 2 KB	50ms 50ms	Image image/gif	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login.xero.com/content/images/spinner-5ada83ae.gif Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash 596719d8f25ddd1cc8d82184e2482f2a906690625500e631668310cbcd6993da Security Headers Name Value Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Strict-Transport-Security max-age=31536000 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Security-Policy report-uri /cspreport; default-src 'self' https://*.xero.com https://www.google.com; style-src 'self' https://*.xero.com 'unsafe-inline' data: ; script-src 'self' https://*.xero.com https://www.google.com https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors *.xero.com; Last-Modified Mon, 21 Sep 2020 12:45:14 GMT ETag "069f3c1590d61:0" Strict-Transport-Security max-age=31536000 Content-Type image/gif Cache-Control public, max-age=2719284 Date Sun, 06 Dec 2020 20:35:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 1105 X-Client-IP 8330 X-UA-Compatible IE=edge
GET H2	200	modernizr.1.119.0.js Show response www.xero.com/etc/designs/xero-cms/clientlib/assets/js/vendor/polyfills/ Frame 3341	6 KB 3 KB	105ms 103ms	Script application/javascript	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/etc/designs/xero-cms/clientlib/assets/js/vendor/polyfills/modernizr.1.119.0.js Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 423ada5e717549213a22b58d6bd9fc6b92559d1fe775a263c0995b91344aea6d Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Wed, 18 Nov 2020 00:23:07 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 etag "7b577375b97fde36318bc7cac6a777d3" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=484 accept-ranges bytes content-length 2570 x-amz-cf-id Cjxu5TslSL4-aSvxZWkOlzlE6htOC8TtLI0lhwpXGvGzbWDVrPF53g== expires Sun, 06 Dec 2020 20:44:02 GMT
GET H2	200	screen.1.119.0.css www.xero.com/etc/designs/xero-cms/clientlib/assets/css/ Frame 3341	600 KB 87 KB	378ms 377ms	Stylesheet text/css	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/etc/designs/xero-cms/clientlib/assets/css/screen.1.119.0.css Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 086e8203698c98713cfc3e251387db0b57ac0066dae363c11bd8468981e76d62 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Wed, 18 Nov 2020 00:22:43 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "91a41cdac9253163bb4ee844c732197b" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=782 accept-ranges bytes x-amz-cf-id fjzCBtdQHuSPSOlXq7l9lE-WvaNoZZAkFBTaMqV76B-KT9LnDRYGJw== expires Sun, 06 Dec 2020 20:49:00 GMT
GET H2	200	head.min.js Show response www.xero.com/etc/designs/xero-cms/clientlib/personalization/ Frame 3341	195 KB 59 KB	107ms 106ms	Script application/javascript	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash bb202e49f6a662b0b10c9866f53938c430c7c3f999b23721265689cced2b56cd Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Wed, 18 Nov 2020 00:22:43 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "f7bc0fe9b2b3406c68d50deed3c5bb66" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=123 accept-ranges bytes content-length 59586 x-amz-cf-id bxALVnPiezTZ_611oDccJDhlDFRXQ618vYZNGCu9NZy18z4wqRwMGQ== expires Sun, 06 Dec 2020 20:38:01 GMT
GET H2	200	body.min.js Show response www.xero.com/etc/designs/xero-cms/clientlib/personalization/ Frame 3341	175 B 419 B	223ms 223ms	Script application/javascript	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/body.min.js Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 181c2fdc25ddf4d2049d9df1963343f751dda249fda379b28d3e00a6a0759e77 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Wed, 18 Nov 2020 00:22:45 GMT server AmazonS3 x-amz-cf-pop CPT50 etag "e9db2738ab1c3a512c5771aa72e950b4" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=176 accept-ranges bytes content-length 135 x-amz-cf-id o9eMWZEL1KD3Bj-aelYC8RCeS7qH45l2qO6OfczGUDyWBPXGyzVjmQ== expires Sun, 06 Dec 2020 20:38:54 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 3341	355 KB 73 KB	20ms 20ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8a9cf39461d7e45ea769c508eba0b5394f9d721417d2f3cccf8aa384d1a4563c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 75070 x-xss-protection 0 last-modified Sun, 06 Dec 2020 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 06 Dec 2020 20:35:58 GMT
GET H2	200	global.1.119.0.js Show response www.xero.com/etc/designs/xero-cms/clientlib/assets/js/ Frame 3341	1 MB 328 KB	206ms 205ms	Script application/javascript	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/etc/designs/xero-cms/clientlib/assets/js/global.1.119.0.js Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 0e7a1bcc9b543be7fde5f0121e271803d004bccc3a546974eaca6b64b0cb85c6 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Wed, 18 Nov 2020 01:20:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "a87e2e3cb89a3ea10e3e702eb8028cf9" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=84 accept-ranges bytes content-length 335019 x-amz-cf-id ezQbiruwaPAoSxzNHjfeB0H2hm1lSbXgKEcYq8Mb1NKhVU79sM-NWg== expires Sun, 06 Dec 2020 20:37:22 GMT
GET H2	200	bundle.js Show response www.xero.com/static/1606347088913/js/ Frame 3341	777 KB 219 KB	107ms 106ms	Script application/javascript	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/static/1606347088913/js/bundle.js Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 03a08c8bd44d065757f17480a527b1b00dedcf9593123dc64b99eef545d6c391 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Wed, 25 Nov 2020 23:33:08 GMT server AmazonS3 x-amz-request-id 98B4F8DD347F3AA4 etag "13ac846f190386761996971a79e8206a" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-amz-id-2 B+af0pGbs1+ZQWNAI2pbN+d7BY0nBDgz/EXNHsGJBeBTx4Mp3KGyJli+z/vlIsf9vfNSRjHfjTU= expires Mon, 06 Dec 2021 20:35:58 GMT
GET H2	200	app.1.119.0.js Show response www.xero.com/etc/designs/xero-cms/js/react/ Frame 3341	999 KB 265 KB	360ms 359ms	Script application/javascript	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/etc/designs/xero-cms/js/react/app.1.119.0.js Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 8af7410a052e2ec76c81d41da35b1943b92c7f7455503a697d2614daf40e81d2 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Wed, 18 Nov 2020 00:22:40 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "bed1e41139a614e009290882c6956c2d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=635 accept-ranges bytes x-amz-cf-id 2EDpfdEbn6jiPCsOr--98xkIUWHcBtB_VWybHwM-PY0XWie_p_KdIg== expires Sun, 06 Dec 2020 20:46:33 GMT
GET H2	200	2b3d4aa3e0rn1847bcd267c138ea59b9 Show response www.xero.com/resources/ Frame 3341	70 KB 18 KB	283ms 282ms	Script application/javascript	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/resources/2b3d4aa3e0rn1847bcd267c138ea59b9 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software / Resource Hash ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 20:27:15 GMT etag "131722820cdab77a5ea6b28d67b3a69880fc6094dcb812a997c675b08ca2792f" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=21600 content-length 18338 expires Sat, 26 Dec 2020 06:37:38 GMT
POST H/1.1	201 Created	67ddf196d5rn232c2a3a4217ef920e47 Show response login.xero.com/resources/	17 B 834 B	428ms 428ms	XHR application/json	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/resources/67ddf196d5rn232c2a3a4217ef920e47 Requested by Host: login.xero.com URL: https://login.xero.com/resources/67ddf196d5rn232c2a3a4217ef920e47 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 06 Dec 2020 20:35:58 GMT Vary Origin Content-Type application/json Access-Control-Allow-Origin https://login.xero.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type Content-Length 17 X-Client-IP 8330
GET H/1.1	200 OK	id Show response dpm.demdex.net/ Frame 3341	363 B 1 KB	263ms 66ms	XHR application/json	3.250.252.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=C593280E560020957F000101%40AdobeOrg&d_nsid=0&ts=1607286958659 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.250.252.43 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-250-252-43.eu-west-1.compute.amazonaws.com Software / Resource Hash 2fbaeec6b92ff9ef1d81914ab314d758c37787f00f597726eb21af4fcd041122 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-v086-06ec2cd55.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+0ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-TID n19HTkIoQFU= Vary Origin, Accept-Encoding, User-Agent P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.xero.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 300 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	National2Web-Medium.woff2 www.xero.com/etc/designs/xero-cms/clientlib/assets/fonts/ Frame 3341	37 KB 37 KB	63ms 63ms	Font application/octet-stream	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/etc/designs/xero-cms/clientlib/assets/fonts/National2Web-Medium.woff2 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/assets/css/screen.1.119.0.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash b2c7a738cd0fcd7d60b29f46383a391b615483d0b29b547b8a2757bbd68c831b Request headers Origin https://www.xero.com Referer https://www.xero.com/etc/designs/xero-cms/clientlib/assets/css/screen.1.119.0.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT last-modified Wed, 18 Nov 2020 00:23:03 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 etag "199abf7658c2227dfcbd70079cbb7a19" content-type application/octet-stream access-control-allow-origin * cache-control max-age=1734762 accept-ranges bytes content-length 37520 x-amz-cf-id H-eumeKRuu2UUEyb_5KVe0znghsrj9IUnw8sitCOgGUjKPkANBQk-g== expires Sat, 26 Dec 2020 22:28:40 GMT
POST H2	201	2b3d4aa3e0rn1847bcd267c138ea59b9 Show response www.xero.com/resources/ Frame 3341	17 B 599 B	449ms 449ms	XHR application/json	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/resources/2b3d4aa3e0rn1847bcd267c138ea59b9 Requested by Host: www.xero.com URL: https://www.xero.com/resources/2b3d4aa3e0rn1847bcd267c138ea59b9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software / Resource Hash b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.xero.com, * date Sun, 06 Dec 2020 20:35:59 GMT access-control-allow-credentials true access-control-allow-headers Content-Type content-length 17 vary Origin content-type application/json
GET H2	200	National2Web-Regular.woff2 www.xero.com/etc/designs/xero-cms/clientlib/assets/fonts/ Frame 3341	34 KB 34 KB	66ms 66ms	Font application/octet-stream	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/etc/designs/xero-cms/clientlib/assets/fonts/National2Web-Regular.woff2 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/assets/css/screen.1.119.0.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash b84c1765ea7a66d0442154107093e94221c50e0dcedc66a37411e56256cf77ac Request headers Origin https://www.xero.com Referer https://www.xero.com/etc/designs/xero-cms/clientlib/assets/css/screen.1.119.0.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT last-modified Wed, 18 Nov 2020 00:23:05 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 etag "3b08eff4e35f8664f766dc9a9ccb7c65" content-type application/octet-stream access-control-allow-origin * cache-control max-age=1734673 accept-ranges bytes content-length 34825 x-amz-cf-id zDGs2SjEshgJRB4iKHjJwV-wyvzopElCdw4fT00BR-0c2upcJpsOLw== expires Sat, 26 Dec 2020 22:27:11 GMT
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/ Frame 3341	132 KB 51 KB	44ms 28ms	Script application/javascript	2a00:1450:4001:818::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q622B96ZEQ&l=TagManagerDataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 949815fb0d20208926dad1c41bc670dfcd106f232731392778d1593dc830d974 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51892 x-xss-protection 0 expires Sun, 06 Dec 2020 20:35:58 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 3341	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 6368 date Sun, 06 Dec 2020 18:49:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Sun, 06 Dec 2020 20:49:50 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/ Frame 3341	965 B 761 B	20ms 6ms	Script application/x-javascript	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 06 Dec 2020 20:35:58 GMT Content-Encoding gzip Last-Modified Tue, 22 Sep 2020 22:01:48 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=65688 Connection keep-alive Accept-Ranges bytes Content-Length 448
GET H3-Q050	200	activityi;dc_pre=CPyYhsKauu0CFYDFuwgd7aoLUw;src=6918231;type=allpa0;cat=xerof000;ord=9711181394809;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F 6918231.fls.doubleclick.net/ Frame D6C9 Redirect Chain https://6918231.fls.doubleclick.net/activityi;src=6918231;type=allpa0;cat=xerof000;ord=9711181394809;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? https://6918231.fls.doubleclick.net/activityi;dc_pre=CPyYhsKauu0CFYDFuwgd7aoLUw;src=6918231;type=allpa0;cat=xerof000;ord=9711181394809;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fww...	0 0	94ms 90ms	Document text/html	172.217.22.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6918231.fls.doubleclick.net/activityi;dc_pre=CPyYhsKauu0CFYDFuwgd7aoLUw;src=6918231;type=allpa0;cat=xerof000;ord=9711181394809;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.22.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 6918231.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CPyYhsKauu0CFYDFuwgd7aoLUw;src=6918231;type=allpa0;cat=xerof000;ord=9711181394809;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.xero.com/login-iframe/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer about:blank Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT expires Sun, 06 Dec 2020 20:35:59 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 335 x-xss-protection 0 set-cookie IDE=AHWqTUmaCd0e-xGSEOCpcostwkisQ_28eKW-2zkcMV-UvMw1VnjFvdXWx8h1J2KX; expires=Fri, 31-Dec-2021 20:35:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://6918231.fls.doubleclick.net/activityi;dc_pre=CPyYhsKauu0CFYDFuwgd7aoLUw;src=6918231;type=allpa0;cat=xerof000;ord=9711181394809;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	activityi;dc_pre=CNGhhsKauu0CFcDJuwgd3kINhQ;src=6960706;type=allpa0;cat=xerof000;ord=4907485738648;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F 6960706.fls.doubleclick.net/ Frame D6BB Redirect Chain https://6960706.fls.doubleclick.net/activityi;src=6960706;type=allpa0;cat=xerof000;ord=4907485738648;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? https://6960706.fls.doubleclick.net/activityi;dc_pre=CNGhhsKauu0CFcDJuwgd3kINhQ;src=6960706;type=allpa0;cat=xerof000;ord=4907485738648;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fww...	0 0	172ms 172ms	Document text/html	172.217.16.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6960706.fls.doubleclick.net/activityi;dc_pre=CNGhhsKauu0CFcDJuwgd3kINhQ;src=6960706;type=allpa0;cat=xerof000;ord=4907485738648;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.16.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 6960706.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CNGhhsKauu0CFcDJuwgd3kINhQ;src=6960706;type=allpa0;cat=xerof000;ord=4907485738648;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.xero.com/login-iframe/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer about:blank Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT expires Sun, 06 Dec 2020 20:35:59 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 336 x-xss-protection 0 set-cookie IDE=AHWqTUkdcQXEY46ow0zfffZ5FQCbsacUHoWgNG9aiiH6f1Ol5piYD0tNyaZwKfzt; expires=Fri, 31-Dec-2021 20:35:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://6960706.fls.doubleclick.net/activityi;dc_pre=CNGhhsKauu0CFcDJuwgd3kINhQ;src=6960706;type=allpa0;cat=xerof000;ord=4907485738648;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	activityi;dc_pre=CJXu_sGauu0CFRThuwgdBvUFVw;src=4944433;type=allpa0;cat=xerof00a;ord=8412097918241;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F 4944433.fls.doubleclick.net/ Frame 0BCE Redirect Chain https://4944433.fls.doubleclick.net/activityi;src=4944433;type=allpa0;cat=xerof00a;ord=8412097918241;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? https://4944433.fls.doubleclick.net/activityi;dc_pre=CJXu_sGauu0CFRThuwgdBvUFVw;src=4944433;type=allpa0;cat=xerof00a;ord=8412097918241;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fww...	0 0	119ms 73ms	Document text/html	172.217.16.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://4944433.fls.doubleclick.net/activityi;dc_pre=CJXu_sGauu0CFRThuwgdBvUFVw;src=4944433;type=allpa0;cat=xerof00a;ord=8412097918241;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.16.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 4944433.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CJXu_sGauu0CFRThuwgdBvUFVw;src=4944433;type=allpa0;cat=xerof00a;ord=8412097918241;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.xero.com/login-iframe/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer about:blank Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 388 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Sun, 06-Dec-2020 20:50:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://4944433.fls.doubleclick.net/activityi;dc_pre=CJXu_sGauu0CFRThuwgdBvUFVw;src=4944433;type=allpa0;cat=xerof00a;ord=8412097918241;gtm=2wgb41;auiddc=1984534738.1607286959;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	activityi;dc_pre=CKKO_8Gauu0CFYfnuwgdVF4APQ;src=9401320;type=pagev0;cat=globa0;ord=4778229165946;gtm=2wgb41;auiddc=1984534738.1607286959;u1=undefined;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flog... 9401320.fls.doubleclick.net/ Frame 15E5 Redirect Chain https://9401320.fls.doubleclick.net/activityi;src=9401320;type=pagev0;cat=globa0;ord=4778229165946;gtm=2wgb41;auiddc=1984534738.1607286959;u1=undefined;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Fl... https://9401320.fls.doubleclick.net/activityi;dc_pre=CKKO_8Gauu0CFYfnuwgdVF4APQ;src=9401320;type=pagev0;cat=globa0;ord=4778229165946;gtm=2wgb41;auiddc=1984534738.1607286959;u1=undefined;u7=N%2FA;~o...	0 0	122ms 71ms	Document text/html	172.217.22.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9401320.fls.doubleclick.net/activityi;dc_pre=CKKO_8Gauu0CFYfnuwgdVF4APQ;src=9401320;type=pagev0;cat=globa0;ord=4778229165946;gtm=2wgb41;auiddc=1984534738.1607286959;u1=undefined;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.22.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 9401320.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CKKO_8Gauu0CFYfnuwgdVF4APQ;src=9401320;type=pagev0;cat=globa0;ord=4778229165946;gtm=2wgb41;auiddc=1984534738.1607286959;u1=undefined;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.xero.com/login-iframe/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer about:blank Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 405 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Sun, 06-Dec-2020 20:50:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://9401320.fls.doubleclick.net/activityi;dc_pre=CKKO_8Gauu0CFYfnuwgdVF4APQ;src=9401320;type=pagev0;cat=globa0;ord=4778229165946;gtm=2wgb41;auiddc=1984534738.1607286959;u1=undefined;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	activityi;dc_pre=CPqO_8Gauu0CFcFE5QodnHwOfQ;src=9401320;type=pagev0;cat=globa00;ord=3826571730160;gtm=2wgb41;auiddc=1984534738.1607286959;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F 9401320.fls.doubleclick.net/ Frame 7B18 Redirect Chain https://9401320.fls.doubleclick.net/activityi;src=9401320;type=pagev0;cat=globa00;ord=3826571730160;gtm=2wgb41;auiddc=1984534738.1607286959;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? https://9401320.fls.doubleclick.net/activityi;dc_pre=CPqO_8Gauu0CFcFE5QodnHwOfQ;src=9401320;type=pagev0;cat=globa00;ord=3826571730160;gtm=2wgb41;auiddc=1984534738.1607286959;u7=N%2FA;~oref=https%3A...	0 0	120ms 72ms	Document text/html	172.217.22.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9401320.fls.doubleclick.net/activityi;dc_pre=CPqO_8Gauu0CFcFE5QodnHwOfQ;src=9401320;type=pagev0;cat=globa00;ord=3826571730160;gtm=2wgb41;auiddc=1984534738.1607286959;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.22.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 9401320.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CPqO_8Gauu0CFcFE5QodnHwOfQ;src=9401320;type=pagev0;cat=globa00;ord=3826571730160;gtm=2wgb41;auiddc=1984534738.1607286959;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.xero.com/login-iframe/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer about:blank Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 396 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Sun, 06-Dec-2020 20:50:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://9401320.fls.doubleclick.net/activityi;dc_pre=CPqO_8Gauu0CFcFE5QodnHwOfQ;src=9401320;type=pagev0;cat=globa00;ord=3826571730160;gtm=2wgb41;auiddc=1984534738.1607286959;u7=N%2FA;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	20923.js Show response www.dwin1.com/ Frame 3341	18 KB 7 KB	44ms 16ms	Script application/javascript	2600:9000:2104:5200:f:8ce2:fb80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.dwin1.com/20923.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:5200:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 13f41a99bd0d32fd0ad4725c6a11e7d58cd154f5055f16b646f69e1dff2c6586 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id LZwTHmVAkASsl6b5Eg8jx4VPkgVnIde3 content-encoding gzip etag "704753002e87aeca7d85a45c42769aad" age 167 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Fri, 27 Nov 2020 11:04:56 GMT server AmazonS3 date Sun, 06 Dec 2020 20:33:12 GMT access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 via 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront) cache-control max-age=600, s-maxage=600 x-amz-cf-pop AMS1-C1 x-amz-cf-id IIWQlCI9swGzUQM8gCn5o5qEEvjLXMYOUiGKGTgQ3hWY_0-cd3qblw==
GET H2	200	bat.js Show response bat.bing.com/ Frame 3341	27 KB 9 KB	49ms 29ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip last-modified Tue, 20 Oct 2020 22:19:32 GMT x-msedge-ref Ref A: ACD39BAF368B4D6A857F3E4C4766AD5D Ref B: FRAEDGE1419 Ref C: 2020-12-06T20:35:58Z etag "0b27f152fa7d61:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 accept-ranges bytes content-length 8454
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/ Frame 3341	89 KB 24 KB	23ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23320 x-xss-protection 0 pragma public x-fb-debug L2o0FnxBI/zWPWMnPO86OL8QWqrhqnzv1hchPif3jQk0xG8kbL6jbXPfzmKrKLEr9XyluuJzD/Z3p2HHRdEyHQ== x-fb-trip-id 664085054 x-frame-options DENY date Sun, 06 Dec 2020 20:35:58 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tfa.js Show response cdn.taboola.com/libtrc/unip/1112426/ Frame 3341	62 KB 21 KB	147ms 35ms	Script application/javascript	199.232.57.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/unip/1112426/tfa.js Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a572c2b7a951dc88406abd05803336e9ab685c0fd88d34b51b39f12c543460ce Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id bQ4aDNqIIFQhhq0Amqp4hoXKzL4hQ4up content-encoding gzip etag "0711217f461749b306b2dda331d1d42d" age 26 x-cache HIT x-amz-replication-status COMPLETED content-length 21415 x-amz-id-2 U2RbrqHqGXeL+pv3WE4y/YtWJ+TnPZ1cHgy10TCWqhe4vJuYSNV3CtPKdNF8zyygSCMB11/pgGk= x-served-by cache-lon4281-LON last-modified Mon, 23 Nov 2020 22:21:24 GMT server AmazonS3 x-timer S1607286959.081863,VS0,VE1 date Sun, 06 Dec 2020 20:35:59 GMT vary Accept-Encoding x-amz-request-id 411E4E5EC97594D2 via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 55 x-cache-hits 1
GET H2	200	ld.js Show response static.criteo.net/js/ld/ Frame 3341	36 KB 12 KB	67ms 23ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/ld.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:59 GMT content-encoding gzip last-modified Mon, 14 Sep 2020 13:03:43 GMT server nginx etag W/"5f5f6a2f-90a2" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public timing-allow-origin * expires Mon, 07 Dec 2020 20:35:59 GMT
GET H3-Q050	200	activityi;dc_pre=COitgMKauu0CFdDGuwgd8YMAkw;src=8690559;type=conve0;cat=xerop0;ord=7911300970639;u=%2Flogin-iframe%2F;gtm=2wgb41;auiddc=1984534738.1607286959;u1=%2Flogin-iframe%2F;~oref=https%3A%2F... 8690559.fls.doubleclick.net/ Frame 7A1A Redirect Chain https://8690559.fls.doubleclick.net/activityi;src=8690559;type=conve0;cat=xerop0;ord=7911300970639;u=%2Flogin-iframe%2F;gtm=2wgb41;auiddc=1984534738.1607286959;u1=%2Flogin-iframe%2F;~oref=https%3A%... https://8690559.fls.doubleclick.net/activityi;dc_pre=COitgMKauu0CFdDGuwgd8YMAkw;src=8690559;type=conve0;cat=xerop0;ord=7911300970639;u=%2Flogin-iframe%2F;gtm=2wgb41;auiddc=1984534738.1607286959;u1=...	0 0	111ms 60ms	Document text/html	172.217.16.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8690559.fls.doubleclick.net/activityi;dc_pre=COitgMKauu0CFdDGuwgd8YMAkw;src=8690559;type=conve0;cat=xerop0;ord=7911300970639;u=%2Flogin-iframe%2F;gtm=2wgb41;auiddc=1984534738.1607286959;u1=%2Flogin-iframe%2F;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MXLB2&l=TagManagerDataLayer Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.16.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 8690559.fls.doubleclick.net :scheme https :path /activityi;dc_pre=COitgMKauu0CFdDGuwgd8YMAkw;src=8690559;type=conve0;cat=xerop0;ord=7911300970639;u=%2Flogin-iframe%2F;gtm=2wgb41;auiddc=1984534738.1607286959;u1=%2Flogin-iframe%2F;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.xero.com/login-iframe/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer about:blank Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 398 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Sun, 06-Dec-2020 20:50:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Dec 2020 20:35:59 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://8690559.fls.doubleclick.net/activityi;dc_pre=COitgMKauu0CFdDGuwgd8YMAkw;src=8690559;type=conve0;cat=xerop0;ord=7911300970639;u=%2Flogin-iframe%2F;gtm=2wgb41;auiddc=1984534738.1607286959;u1=%2Flogin-iframe%2F;~oref=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	hotjar-11035.js Show response static.hotjar.com/c/ Frame 3341	148 KB 12 KB	436ms 69ms	Script application/javascript	65.9.73.2 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-11035.js?sv=5 Requested by Host: login.xero.com URL: https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.2 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d49e996edf55d6350da87ecaf7d2e39da4a50b946224c591fe591f918ffc0ce5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:38 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 age 21 etag W/d9f604da7a0fb69a94fcdec0b25dbc15 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * x-cache-hit 1 x-amz-cf-pop AMS1-C1 x-amz-cf-id NWFo8pBiWwfAZSSTDtoOz79Xj7pvugEKXxTta5bGuQATdYBS1AxvVQ== via 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
GET H/1.1	200 OK	pixel q.quora.com/_/ad/dec3291f0c4c40c4a6777240b5ed0e74/ Frame 3341	43 B 422 B	737ms 123ms	Image image/gif	3.227.227.165 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://q.quora.com/_/ad/dec3291f0c4c40c4a6777240b5ed0e74/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.227.227.165 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-227-227-165.compute-1.amazonaws.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 06 Dec 2020 20:35:59 GMT Server nginx Connection keep-alive Content-Length 43 Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Q-Stat ,1585e5bd20d2341c70718eac8bdda5ec,10.0.0.132,32078,45.152.181.220,,50435716179,1,1607286959.645,0.002,,.,0,0,0.000,0.000,-,0,0,197,120,60,10,26847,,,,,,-, Content-Type image/gif
GET H/1.1	200 OK	id Show response dpm.demdex.net/ Frame 3341	368 B 1 KB	63ms 63ms	XHR application/json	3.250.252.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA3E35E75C07F28E0A495C7C%40AdobeOrg&d_nsid=0&ts=1607286958999 Requested by Host: www.xero.com URL: https://www.xero.com/static/1606347088913/js/bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.250.252.43 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-250-252-43.eu-west-1.compute.amazonaws.com Software / Resource Hash a6aa9f3f38279b68ef0a060b498c8097b8f17e065e41b9f6bd2ee2ba46f7975a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-v086-086833d0d.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+0ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-TID oX2AfpPbQj4= Vary Origin, Accept-Encoding, User-Agent P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.xero.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 301 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	Cookie set dest5.html xero.demdex.net/ Frame B7EA	0 0	199ms 52ms	Document text/html	52.18.91.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xero.demdex.net/dest5.html?d_nsid=0 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.91.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-91-199.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Host xero.demdex.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.xero.com/login-iframe/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie demdex=27975507763512125850641821276388398093 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.xero.com/login-iframe/ Response headers Accept-Ranges bytes Cache-Control max-age=21600 Content-Encoding gzip Content-Type text/html Expires Thu, 01 Jan 1970 00:00:00 GMT Last-Modified Thu, 19 Nov 2020 14:53:31 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Set-Cookie demdex=27975507763512125850641821276388398093;Path=/;Domain=.demdex.net;Expires=Fri, 04-Jun-2021 20:35:59 GMT;Max-Age=15552000;Secure;SameSite=None Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding, User-Agent X-TID O6YIZPcjSf8= Content-Length 2785 Connection keep-alive
GET H2	200	id Show response xerolimited.sc.omtrdc.net/ Frame 3341	2 B 315 B	175ms 58ms	XHR application/x-javascript	35.181.18.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerolimited.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=C593280E560020957F000101%40AdobeOrg&mid=28005340747429711670641673269049412411&ts=1607286959017 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-181-18-61.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 06 Dec 2020 20:35:58 GMT x-content-type-options nosniff server jag xserver anedge-f7bfdfcfd-z97tr vary Origin x-c master-1404.I1e61f9.M0-468 p3p CP="This is not a P3P policy" access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-type application/x-javascript;charset=utf-8 content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=X81ArwAAAB3owh1P dpm.demdex.net/ Frame 3341 Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=27975507763512125850641821276388398093 https://dpm.demdex.net/ibs:dpid=411&dpuuid=X81ArwAAAB3owh1P	42 B 915 B	59ms 59ms	Image image/gif	3.250.252.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=X81ArwAAAB3owh1P Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.250.252.43 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-250-252-43.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers DCS dcs-prod-irl1-v086-0415ad50a.edge-irl1.demdex.com 5.80.1.20201111130852 1ms (+0ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-TID OVFBCj7yTVA= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=X81ArwAAAB3owh1P Date Sun, 06 Dec 2020 20:35:59 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H/1.1	200 OK	insight.beta.min.js Show response snap.licdn.com/li.lms-analytics/ Frame 3341	4 KB 2 KB	6ms 6ms	Script application/x-javascript	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 06 Dec 2020 20:35:59 GMT Content-Encoding gzip Last-Modified Tue, 22 Sep 2020 22:01:48 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=43420 Connection keep-alive Accept-Ranges bytes Content-Length 1799
GET H3-Q050	200	linkid.js Show response www.google-analytics.com/plugins/ua/ Frame 3341	2 KB 1 KB	28ms 14ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 19:41:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 3281 vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 expires Sun, 06 Dec 2020 20:41:18 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/ Frame 3341	2 B 192 B	33ms 13ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Login&el=Login&_u=YEBAAAAjAAAAAC~&jid=561653412&gjid=1959067649&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&_r=1&gtm=2wgb415MXLB2&cd21=Attempt%20Login&z=1044871418 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/ Frame 3341	74 B 534 B	34ms 14ms	XHR application/json	2a00:1450:4001:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Sun, 06 Dec 2020 20:35:59 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.xero.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 94 x-xss-protection 0
GET H2	204	0 bat.bing.com/action/ Frame 3341	0 148 B	28ms 28ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4009585&Ver=2&mid=99195494-52a1-40f3-a0bd-fa604bd28cb9&sid=a5f8dfa0380211ebac1313f2dd7b15c5&vid=a5f90320380211eb820677f2a184fe73&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=login-iframe%20%7C%20Xero&p=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&r=&lt=1023&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=547999 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Sun, 06 Dec 2020 20:35:58 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: FE28AF67A4734EBCA84B9D4522FA963C Ref B: FRAEDGE1419 Ref C: 2020-12-06T20:35:59Z expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	284470139063732 Show response connect.facebook.net/signals/config/ Frame 3341	239 KB 69 KB	8ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/284470139063732?v=2.9.29&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e26677c6d27c70d58695f478ac723ec69905e1fc0d8cc2f43160144ba84e7ff6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 70358 x-xss-protection 0 pragma public x-fb-debug VrlsL9LX4UbuDd9R1jzuoXiH/Y7ncvtoWYktJyDrLwjwQjybD248e0keRAI4MxTQxzwZWyVszW8lGbLIn0Rqyg== x-fb-trip-id 664085054 x-frame-options DENY date Sun, 06 Dec 2020 20:35:59 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-content-id 1488763420 expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/ Frame 3341	0 148 B	15ms 12ms	Other text/plain	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-Q622B96ZEQ&gtm=2oeb41&_p=1432659149&sr=1600x1200&_gaz=1&ul=en-us&cid=525614166.1607286959&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&dt=login-iframe%20%7C%20Xero&sid=1607286958&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q622B96ZEQ&l=TagManagerDataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/ Frame 3341	0 72 B	15ms 15ms	Other text/plain	2a00:1450:400c:c02::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q622B96ZEQ&cid=525614166.1607286959&gtm=2oeb41&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q622B96ZEQ&l=TagManagerDataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Frame 3341	42 B 107 B	32ms 31ms	Image image/gif	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q622B96ZEQ&cid=525614166.1607286959&gtm=2oeb41&aip=1&z=1464822456 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Cookie set dest5.html xerostage.demdex.net/ Frame C2C0	0 0	209ms 64ms	Document text/html	34.249.128.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerostage.demdex.net/dest5.html?d_nsid=0 Requested by Host: www.xero.com URL: https://www.xero.com/static/1606347088913/js/bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-128-36.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Host xerostage.demdex.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.xero.com/login-iframe/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie demdex=27975507763512125850641821276388398093 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.xero.com/login-iframe/ Response headers Accept-Ranges bytes Cache-Control max-age=21600 Content-Encoding gzip Content-Type text/html Expires Thu, 01 Jan 1970 00:00:00 GMT Last-Modified Thu, 19 Nov 2020 14:52:08 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Set-Cookie demdex=27975507763512125850641821276388398093;Path=/;Domain=.demdex.net;Expires=Fri, 04-Jun-2021 20:35:59 GMT;Max-Age=15552000;Secure;SameSite=None Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding, User-Agent X-TID u1ESYNVPQak= Content-Length 2785 Connection keep-alive
GET H2	200	id Show response xerostageclient.sc.omtrdc.net/ Frame 3341	2 B 316 B	164ms 58ms	XHR application/x-javascript	35.181.18.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerostageclient.sc.omtrdc.net/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=EA3E35E75C07F28E0A495C7C%40AdobeOrg&mid=33751901541183989820066926203411158050&ts=1607286959092 Requested by Host: www.xero.com URL: https://www.xero.com/static/1606347088913/js/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-181-18-61.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 06 Dec 2020 20:35:58 GMT x-content-type-options nosniff server jag xserver anedge-f7bfdfcfd-pr7nz vary Origin x-c master-1404.I1e61f9.M0-468 p3p CP="This is not a P3P policy" access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-type application/x-javascript;charset=utf-8 content-length 2 x-xss-protection 1; mode=block
POST H/1.1	200 OK	event Show response xerostage.demdex.net/ Frame 3341	152 B 957 B	224ms 77ms	XHR application/json	34.249.128.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerostage.demdex.net/event?_ts=1607286959004 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-128-36.eu-west-1.compute.amazonaws.com Software / Resource Hash 20bda9c9cb4fc6755fe48ac4563119046087e41ad91a448775aa567166189fba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-v086-0dbb80368.edge-irl1.demdex.com 5.80.1.20201111130852 4ms (+0ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID nRo8cSeAQow= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.xero.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 152 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	event Show response sslwidget.criteo.com/ Frame 3341	1 KB 1 KB	135ms 50ms	Script application/x-javascript	178.250.2.151 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://sslwidget.criteo.com/event?a=70220&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Flogin.xero.com&p1=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p2=e%3Ddis&adce=1&tld=xero.com&dtycbr=16490 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/ld.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 33988708496563e0774f119259051d3189c624a8d133287e4dd55b99a844b945 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip content-type application/x-javascript server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache server-processing-duration-in-ticks 7152 timing-allow-origin * content-length 863 expires 0
GET H2	200	event Show response sslwidget.criteo.com/ Frame 3341	1 KB 1 KB	132ms 49ms	Script application/x-javascript	178.250.2.151 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://sslwidget.criteo.com/event?a=70220&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Flogin.xero.com&p1=e%3Dvh%26loggedin%3D1&p2=e%3Ddis%26a%3D%255B70220%252C70220%255D&adce=1&tld=xero.com&dtycbr=1583 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/ld.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 33988708496563e0774f119259051d3189c624a8d133287e4dd55b99a844b945 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:58 GMT content-encoding gzip content-type application/x-javascript server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache server-processing-duration-in-ticks 7919 timing-allow-origin * content-length 863 expires 0
POST H3-Q050	200	collect Show response stats.g.doubleclick.net/j/ Frame 3341	4 B 422 B	43ms 16ms	XHR text/plain	2a00:1450:400c:c02::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-3776042-30&cid=525614166.1607286959&jid=561653412&gjid=1959067649&_gid=749340883.1607286959&_u=YEBAAAAiAAAAAC~&z=1973658431 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 06 Dec 2020 20:35:59 GMT content-type text/plain access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	publisher:getClientId Show response ampcid.google.de/v1/ Frame 3341	3 B 212 B	15ms 14ms	XHR application/json	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Sun, 06 Dec 2020 20:35:59 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.xero.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 23 x-xss-protection 0
GET H2	200	syncframe gum.criteo.com/ Frame 3678	0 0	70ms 23ms	Document text/html	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=login.xero.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/ld.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority gum.criteo.com :scheme https :path /syncframe?topUrl=login.xero.com pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.xero.com/login-iframe/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.xero.com/login-iframe/ Response headers cache-control private, max-age=0 content-type text/html; charset=utf-8 strict-transport-security max-age=31536000 server-processing-duration-in-ticks 666 date Sun, 06 Dec 2020 20:35:58 GMT content-length 0
GET H2	200	collect px.ads.linkedin.com/ Frame 3341 Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1607286959118&url=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%3A%2F%2Fin.xero.com%26wctx%3Drm%3D0%26id%3Dpassi... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D206915%26time%3D1607286959118%26url%3Dhttps%253A%252F%252Flogin.xero.com%252F%253... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1607286959118&url=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%3A%2F%2Fin.xero.com%26wctx%3Drm%3D0%26id%3Dpassi...	0 58 B	180ms 179ms	Image application/javascript	2a05:f500:11:101::b93f:9005 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1607286959118&url=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%3A%2F%2Fin.xero.com%26wctx%3Drm%3D0%26id%3Dpassive%26ru%3D%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement%26wct%3D2020-12-06T20%3A30%3A49Z&liSync=true Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US), Reverse DNS Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:59 GMT server Play linkedin-action 1 x-li-fabric prod-lor1 x-li-proto http/2 x-li-pop prod-tln1 content-type application/javascript content-length 0 x-li-uuid JT3UVfk6ThZg7Sw61CoAAA== Redirect headers content-security-policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l x-content-type-options nosniff linkedin-action 1 content-length 0 x-li-uuid TyxKTvk6ThbAsETVuSoAAA== pragma no-cache x-li-pop afd-prod-esv5 x-msedge-ref Ref A: 009392799BBD4A31A9F435E2AEC5BF9A Ref B: FRAEDGE0907 Ref C: 2020-12-06T20:35:59Z x-frame-options sameorigin date Sun, 06 Dec 2020 20:35:59 GMT expect-ct max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct" strict-transport-security max-age=2592000 x-li-fabric prod-lor1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1607286959118&url=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%3A%2F%2Fin.xero.com%26wctx%3Drm%3D0%26id%3Dpassive%26ru%3D%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement%26wct%3D2020-12-06T20%3A30%3A49Z&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	303901320544451 Show response connect.facebook.net/signals/config/ Frame 3341	239 KB 69 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/303901320544451?v=2.9.29&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa07654fda8f558f912014d9ef27f097755e3573db878810cc12a056c0a9b0f7 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 70303 x-xss-protection 0 pragma public x-fb-debug 8epalxprXriWk5+ZXXYpstmENthh4UJZkaRG31Ie4klYKL07foq67Sz3u+l+uQuBtCzqCR3QhkwQ1MPvwSNg9A== x-fb-trip-id 664085054 x-frame-options DENY date Sun, 06 Dec 2020 20:35:59 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-content-id 1153069475 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/ Frame 3341	44 B 379 B	18ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=284470139063732&ev=PageView&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&rl=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&if=true&ts=1607286959137&sw=1600&sh=1200&v=2.9.29&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1607286959135.1749209905&it=1607286959066&coo=false&rqm=GET Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:59 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Sun, 06 Dec 2020 20:35:59 GMT
POST H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 69 B	14ms 13ms	Other image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response stats.g.doubleclick.net/j/ Frame 3341	4 B 28 B	17ms 16ms	XHR text/plain	2a00:1450:400c:c02::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-3776042-30&cid=525614166.1607286959&jid=966526328&gjid=578370541&_gid=749340883.1607286959&_u=aGDAgUAjAAQCAG~&z=1315475370 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 06 Dec 2020 20:35:59 GMT content-type text/plain access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	13ms 13ms	Other image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	json Show response trc.taboola.com/1112426/trc/3/ Frame 3341	784 B 893 B	188ms 90ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1112426/trc/3/json?tim=1607286959157&data=%7B%22id%22%3A978%2C%22ii%22%3A%22%2Flogin-iframe%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1607286959154%2C%22cv%22%3A%2220201123-29-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dxero-us-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1607286959157%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F%22%2C%22supv%22%3Atrue%7D%7D&pubit=i Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1112426/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash cd55171c8f9a7bc9842c7bd70863bc2c7772e11df2fc694ff18a4f312b90c50a Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 27 date Sun, 06 Dec 2020 20:35:59 GMT content-encoding gzip server nginx x-timer S1607286959.305164,VS0,VE27 x-served-by cache-fra19163-FRA vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes content-type application/javascript; charset=utf-8 via 1.1 varnish x-cache-hits 0
GET H2	200	ga-audiences www.google.com/ads/ Frame 3341	42 B 107 B	31ms 30ms	Image image/gif	2a00:1450:4001:81a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3776042-30&cid=525614166.1607286959&jid=561653412&_u=YEBAAAAiAAAAAC~&z=268720931 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.de/ads/ Frame 3341	42 B 483 B	52ms 38ms	Image image/gif	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3776042-30&cid=525614166.1607286959&jid=561653412&_u=YEBAAAAiAAAAAC~&z=268720931 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/ Frame 3341	42 B 107 B	29ms 29ms	Image image/gif	2a00:1450:4001:81a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3776042-30&cid=525614166.1607286959&jid=966526328&_u=aGDAgUAjAAQCAG~&z=874751664 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.de/ads/ Frame 3341	42 B 65 B	51ms 39ms	Image image/gif	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3776042-30&cid=525614166.1607286959&jid=966526328&_u=aGDAgUAjAAQCAG~&z=874751664 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ cx.atdmt.com/ Frame 3341 Redirect Chain https://www.facebook.com/tr/?id=303901320544451&ev=PageView&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&rl=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.x... https://cx.atdmt.com/?c=8150322936120194776&f=AYw5JzAuk5RRJ-OCYvVU82bAuWs1HIUqjRkku-z8ahyUfc9wDl_T20NSaaRp-LAW4gRomxmd63E7L3MoQ4BviU2C&id=303901320544451&l=3&v=0	43 B 288 B	41ms 27ms	Image image/gif	2a03:2880:f01c:8004:face:b00c:0:8c FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://cx.atdmt.com/?c=8150322936120194776&f=AYw5JzAuk5RRJ-OCYvVU82bAuWs1HIUqjRkku-z8ahyUfc9wDl_T20NSaaRp-LAW4gRomxmd63E7L3MoQ4BviU2C&id=303901320544451&l=3&v=0 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public x-fb-debug 4W2j5FowWfpUcOgPW9VDK8Zp917X/RNSXWRheVjXMx/qBY2djadyGp8CWm2RGf9ttp1D7TXyYd2auTN03POMBg== content-encoding br x-content-type-options nosniff date Sun, 06 Dec 2020 12:35:59 PST x-frame-options DENY content-type image/gif cache-control public, max-age=0 cross-origin-resource-policy cross-origin vary Accept-Encoding expires Sun, 06 Dec 2020 12:35:59 PST Redirect headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT server proxygen-bolt content-type text/plain location https://cx.atdmt.com/?c=8150322936120194776&f=AYw5JzAuk5RRJ-OCYvVU82bAuWs1HIUqjRkku-z8ahyUfc9wDl_T20NSaaRp-LAW4gRomxmd63E7L3MoQ4BviU2C&id=303901320544451&l=3&v=0 cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0 expires 0
GET H2	200	/ www.facebook.com/tr/ Frame 3341	44 B 100 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=284470139063732&ev=referrerSource&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&rl=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&if=true&ts=1607286959187&cd[utm_source]=organic&cd[hostname]=login.xero.com&sw=1600&sh=1200&v=2.9.29&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1607286959135.1749209905&it=1607286959066&coo=false&rqm=GET Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:59 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Sun, 06 Dec 2020 20:35:59 GMT
GET H2	200	/ cx.atdmt.com/ Frame 3341 Redirect Chain https://www.facebook.com/tr/?id=303901320544451&ev=referrerSource&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&rl=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%25... https://cx.atdmt.com/?c=11576527829137526919&f=AYx1SusreuBP6Q3asA1RSq90oJR8mpO5kkJyRUUljo2PPrXplXP5kF63eA_CyVir_LHSqbG3RAal-G2GKBlcvH0z&id=303901320544451&l=3&v=0	43 B 633 B	40ms 27ms	Image image/gif	2a03:2880:f01c:8004:face:b00c:0:8c FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://cx.atdmt.com/?c=11576527829137526919&f=AYx1SusreuBP6Q3asA1RSq90oJR8mpO5kkJyRUUljo2PPrXplXP5kF63eA_CyVir_LHSqbG3RAal-G2GKBlcvH0z&id=303901320544451&l=3&v=0 Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public x-fb-debug S3/0ifktZijsc8h1KJUsvGpjfV8bNsxgWuvQbGtfqVS14TD0oypQotxEQnr5/1qGS2rrUCFkjzRxhUIxrSzjjw== content-encoding br x-content-type-options nosniff cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sun, 06 Dec 2020 12:35:59 PST x-frame-options DENY report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type image/gif cache-control public, max-age=0 cross-origin-resource-policy cross-origin vary Accept-Encoding expires Sun, 06 Dec 2020 12:35:59 PST Redirect headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT server proxygen-bolt content-type text/plain location https://cx.atdmt.com/?c=11576527829137526919&f=AYx1SusreuBP6Q3asA1RSq90oJR8mpO5kkJyRUUljo2PPrXplXP5kF63eA_CyVir_LHSqbG3RAal-G2GKBlcvH0z&id=303901320544451&l=3&v=0 cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0 expires 0
POST H/1.1	201 Created	67ddf196d5rn232c2a3a4217ef920e47 Show response login.xero.com/resources/	17 B 812 B	447ms 447ms	XHR application/json	104.75.88.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://login.xero.com/resources/67ddf196d5rn232c2a3a4217ef920e47 Requested by Host: login.xero.com URL: https://login.xero.com/resources/67ddf196d5rn232c2a3a4217ef920e47 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.75.88.211 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-211.deploy.static.akamaitechnologies.com Software / Resource Hash b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4 Request headers Referer https://login.xero.com/?wa=wsignin1.0&wtrealm=https%3a%2f%2fin.xero.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%252fStatement&wct=2020-12-06T20%3a30%3a49Z User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 06 Dec 2020 20:35:59 GMT Vary Origin Content-Type application/json Access-Control-Allow-Origin https://login.xero.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type Content-Length 17 X-Client-IP 8352
GET H2	200	json Show response xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/ Frame 3341	96 B 395 B	208ms 70ms	XHR application/json	34.241.211.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/json?mbox=target-global-mbox&mboxSession=59c6530b85e045ae9d8e6e68c5366b1d&mboxPC=&mboxPage=7396690e7bc0418f89b36a4d340ae5af&mboxRid=b3042dce09094f7583a389bbaa69416e&mboxVersion=1.7.1&mboxCount=1&mboxTime=1607290558674&mboxHost=www.xero.com&mboxURL=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&mboxReferrer=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&browserHeight=388&browserWidth=414&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&mboxMCSDID=7ABF376C90D63053-6EE774F11874524D&vst.trk=xerolimited.sc.omtrdc.net&mboxMCGVID=28005340747429711670641673269049412411&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.211.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-211-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e9b52e5d9398aff23d06062ef5848a16a24231f61c3639078f74222e7160b7c7 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true timing-allow-origin * content-length 96 x-request-id b3042dce09094f7583a389bbaa69416e
GET H2	200	json Show response xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/ Frame 3341	96 B 394 B	208ms 71ms	XHR application/json	34.241.211.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/json?mbox=geo-mbox&mboxSession=59c6530b85e045ae9d8e6e68c5366b1d&mboxPC=&mboxPage=7396690e7bc0418f89b36a4d340ae5af&mboxRid=1a5e7867e9d943a4b90b59841a50c23d&mboxVersion=1.7.1&mboxCount=2&mboxTime=1607290558683&mboxHost=www.xero.com&mboxURL=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&mboxReferrer=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&browserHeight=388&browserWidth=414&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&mboxMCSDID=7ABF376C90D63053-6EE774F11874524D&vst.trk=xerolimited.sc.omtrdc.net&mboxMCGVID=28005340747429711670641673269049412411&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.211.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-211-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e9b52e5d9398aff23d06062ef5848a16a24231f61c3639078f74222e7160b7c7 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true timing-allow-origin * content-length 96 x-request-id 1a5e7867e9d943a4b90b59841a50c23d
GET H2	200	json Show response xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/ Frame 3341	96 B 394 B	217ms 80ms	XHR application/json	34.241.211.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/json?mbox=ACQ00336&mboxSession=59c6530b85e045ae9d8e6e68c5366b1d&mboxPC=&mboxPage=7396690e7bc0418f89b36a4d340ae5af&mboxRid=f237ae4711494016901b625302060dd5&mboxVersion=1.7.1&mboxCount=3&mboxTime=1607290558686&mboxHost=www.xero.com&mboxURL=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&mboxReferrer=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&browserHeight=388&browserWidth=414&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&mboxMCSDID=7ABF376C90D63053-6EE774F11874524D&vst.trk=xerolimited.sc.omtrdc.net&mboxMCGVID=28005340747429711670641673269049412411&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.211.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-211-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e9b52e5d9398aff23d06062ef5848a16a24231f61c3639078f74222e7160b7c7 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true timing-allow-origin * content-length 96 x-request-id f237ae4711494016901b625302060dd5
GET H2	200	json Show response xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/ Frame 3341	96 B 394 B	208ms 71ms	XHR application/json	34.241.211.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/json?mbox=ACQ00337LG&mboxSession=59c6530b85e045ae9d8e6e68c5366b1d&mboxPC=&mboxPage=7396690e7bc0418f89b36a4d340ae5af&mboxRid=6d4a358d6454442c8b2c3de5c9953f50&mboxVersion=1.7.1&mboxCount=4&mboxTime=1607290558702&mboxHost=www.xero.com&mboxURL=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&mboxReferrer=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&browserHeight=388&browserWidth=414&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&mboxMCSDID=7ABF376C90D63053-6EE774F11874524D&vst.trk=xerolimited.sc.omtrdc.net&mboxMCGVID=28005340747429711670641673269049412411&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.211.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-211-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e9b52e5d9398aff23d06062ef5848a16a24231f61c3639078f74222e7160b7c7 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true timing-allow-origin * content-length 96 x-request-id 6d4a358d6454442c8b2c3de5c9953f50
GET H2	200	json Show response xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/ Frame 3341	96 B 393 B	208ms 72ms	XHR application/json	34.241.211.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xerolimited.tt.omtrdc.net/m2/xerolimited/mbox/json?mbox=ACQ00331LG&mboxSession=59c6530b85e045ae9d8e6e68c5366b1d&mboxPC=&mboxPage=7396690e7bc0418f89b36a4d340ae5af&mboxRid=11a0b1f2b0b84e0c93e467b67211ce7c&mboxVersion=1.7.1&mboxCount=5&mboxTime=1607290558705&mboxHost=www.xero.com&mboxURL=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&mboxReferrer=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&browserHeight=388&browserWidth=414&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&mboxMCSDID=7ABF376C90D63053-6EE774F11874524D&vst.trk=xerolimited.sc.omtrdc.net&mboxMCGVID=28005340747429711670641673269049412411&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.211.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-211-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e9b52e5d9398aff23d06062ef5848a16a24231f61c3639078f74222e7160b7c7 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true timing-allow-origin * content-length 96 x-request-id 11a0b1f2b0b84e0c93e467b67211ce7c
POST H2	201	2b3d4aa3e0rn1847bcd267c138ea59b9 Show response www.xero.com/resources/ Frame 3341	17 B 561 B	452ms 450ms	XHR application/json	104.109.58.17 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.xero.com/resources/2b3d4aa3e0rn1847bcd267c138ea59b9 Requested by Host: www.xero.com URL: https://www.xero.com/resources/2b3d4aa3e0rn1847bcd267c138ea59b9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.58.17 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-58-17.deploy.static.akamaitechnologies.com Software / Resource Hash b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.xero.com, * date Sun, 06 Dec 2020 20:35:59 GMT access-control-allow-credentials true access-control-allow-headers Content-Type content-length 17 vary Origin content-type application/json
GET H/1.1	200 OK	id Show response dpm.demdex.net/ Frame 3341	368 B 1 KB	74ms 74ms	XHR application/json	3.250.252.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EA3E35E75C07F28E0A495C7C%40AdobeOrg&d_nsid=0&d_mid=33751901541183989820066926203411158050&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=xero_id%01b6c978b6-da19-4193-835d-918322f209eb%012&ts=1607286959281 Requested by Host: www.xero.com URL: https://www.xero.com/static/1606347088913/js/bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.250.252.43 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-250-252-43.eu-west-1.compute.amazonaws.com Software / Resource Hash e314df3fc79e89d8f693eaf88451ecf81cbe47b76882ac6995e975dbc7bb54b1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-v086-018be5565.edge-irl1.demdex.com 5.80.1.20201111130852 4ms (+0ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-TID 8b1FnggQRTA= Vary Origin, Accept-Encoding, User-Agent P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.xero.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 302 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	json Show response trc.taboola.com/1102674/trc/3/ Frame 3341	784 B 611 B	87ms 86ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1102674/trc/3/json?tim=1607286959351&data=%7B%22id%22%3A435%2C%22ii%22%3A%22%2Flogin-iframe%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f%22%2C%22vi%22%3A1607286959154%2C%22cv%22%3A%2220201123-29-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dxero-us-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1607286959165%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F%22%2C%22supv%22%3Atrue%7D%7D&pubit=i Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1112426/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 5eeb33ddd3a31f883bd2cb0c4c90ca77d3c309de3847caf02ecc7cfc3ccfe965 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 29 date Sun, 06 Dec 2020 20:35:59 GMT content-encoding gzip server nginx x-timer S1607286959.398917,VS0,VE29 x-served-by cache-fra19163-FRA vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes content-type application/javascript; charset=utf-8 via 1.1 varnish x-cache-hits 0
GET H2	200	modules.b95238168e0f39a591d4.js Show response script.hotjar.com/ Frame 3341	221 KB 58 KB	170ms 57ms	Script application/javascript	65.9.73.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.b95238168e0f39a591d4.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-11035.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.19 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 354aea47aa82c8186cfef1b83949d1170cfbd416b0657680ed6326144956db51 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 04 Dec 2020 17:51:57 GMT content-encoding br x-content-type-options nosniff age 182642 x-cache Hit from cloudfront content-length 58986 access-control-allow-origin * last-modified Fri, 04 Dec 2020 17:44:00 GMT etag "c8a0429ce3ffc814abca813a097a6f33" vary Accept-Encoding content-type application/javascript via 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop AMS1-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id u9K_JaqsV-XFtZ7TB1eyf7WjQvhXKDzg3eMJ7woAAkNMdbb8f216fQ==
GET H2	200	box-469cf41adb11dc78be68c1ae7f9457a4.html vars.hotjar.com/ Frame 1E75	0 0	162ms 57ms	Document text/html	65.9.73.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-11035.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.103 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-469cf41adb11dc78be68c1ae7f9457a4.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.xero.com/login-iframe/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.xero.com/login-iframe/ Response headers content-type text/html content-length 851 date Wed, 04 Nov 2020 19:00:32 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br etag "d594f1d4c3e5dbd6b556c60d34e0daea" last-modified Wed, 04 Nov 2020 16:31:53 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-C1 x-amz-cf-id XyprjxaaoVsKDnqUzVOJPQEyvaNcw0LTHBUz-JM1ChxRpqlFxl24ZQ== age 2770527
GET H2	200	/ www.facebook.com/tr/ Frame 3341	44 B 100 B	6ms 5ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=284470139063732&ev=Microdata&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&rl=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&if=true&ts=1607286959653&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22login-iframe%20%7C%20Xero%20%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Xero%22%2C%22og%3Atitle%22%3A%22login-iframe%20%7C%20Xero%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.xero.com%2Fetc%2Fdesigns%2Fxero-cms%2Fclientlib%2Fassets%2Fimg%2Flogo%2Flogo-opengraph.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.29&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1607286959135.1749209905&it=1607286959066&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:59 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Sun, 06 Dec 2020 20:35:59 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/11035/ Frame 3341	178 B 321 B	177ms 61ms	XHR application/json	52.51.24.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/11035/visit-data?sv=5 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.b95238168e0f39a591d4.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.24.70 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-24-70.eu-west-1.compute.amazonaws.com Software / Resource Hash 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Sun, 06 Dec 2020 20:35:59 GMT content-encoding br access-control-allow-credentials true vary Accept-Encoding access-control-max-age 86400 content-type application/json
GET H2	200	/ www.facebook.com/tr/ Frame 3341	44 B 100 B	6ms 5ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=303901320544451&ev=Microdata&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&rl=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&if=true&ts=1607286959687&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22login-iframe%20%7C%20Xero%20%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Xero%22%2C%22og%3Atitle%22%3A%22login-iframe%20%7C%20Xero%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.xero.com%2Fetc%2Fdesigns%2Fxero-cms%2Fclientlib%2Fassets%2Fimg%2Flogo%2Flogo-opengraph.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.29&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1607286959135.1749209905&it=1607286959066&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: www.xero.com URL: https://www.xero.com/login-iframe/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 20:35:59 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Sun, 06 Dec 2020 20:35:59 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 111 B	8ms 6ms	Image image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Scroll%20Depth&el=25%25%20horizontal&_u=aGDAAUAjAAQCAG~&jid=&gjid=&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&gtm=2wgb415MXLB2&z=1613775162 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 15:17:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 19080 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	8ms 6ms	Image image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Scroll%20Depth&el=50%25%20horizontal&_u=aGDAAUAjAAQCAG~&jid=&gjid=&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&gtm=2wgb415MXLB2&z=1820687639 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 15:17:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 19080 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	11ms 9ms	Image image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Scroll%20Depth&el=75%25%20horizontal&_u=aGDAAUAjAAQCAG~&jid=&gjid=&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&gtm=2wgb415MXLB2&z=1800178020 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 15:17:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 19080 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	11ms 9ms	Image image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Scroll%20Depth&el=100%25%20horizontal&_u=aGDAAUAjAAQCAG~&jid=&gjid=&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&gtm=2wgb415MXLB2&z=1639523065 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 15:17:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 19080 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	11ms 9ms	Image image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Scroll%20Depth&el=25%25%20vertical&_u=aGDAAUAjAAQCAG~&jid=&gjid=&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&gtm=2wgb415MXLB2&z=1790039743 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 15:17:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 19080 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	11ms 9ms	Image image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Scroll%20Depth&el=50%25%20vertical&_u=aGDAAUAjAAQCAG~&jid=&gjid=&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&gtm=2wgb415MXLB2&z=848257698 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 15:17:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 19080 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	11ms 9ms	Image image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Scroll%20Depth&el=75%25%20vertical&_u=aGDAAUAjAAQCAG~&jid=&gjid=&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&gtm=2wgb415MXLB2&z=1447002830 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 15:17:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 19080 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	11ms 9ms	Image image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1432659149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&ul=en-us&de=UTF-8&dt=login-iframe%20%7C%20Xero&sd=24-bit&sr=1600x1200&vp=414x388&je=0&ec=Main%20Action&ea=Scroll%20Depth&el=100%25%20vertical&_u=aGDAAUAjAAQCAG~&jid=&gjid=&cid=525614166.1607286959&tid=UA-3776042-30&_gid=749340883.1607286959&gtm=2wgb415MXLB2&z=483578644 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 15:17:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 19080 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	event Show response xero.demdex.net/ Frame 3341	190 B 995 B	58ms 58ms	XHR application/json	52.18.91.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xero.demdex.net/event?_ts=1607286959796 Requested by Host: www.xero.com URL: https://www.xero.com/etc/designs/xero-cms/clientlib/personalization/head.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.91.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-91-199.eu-west-1.compute.amazonaws.com Software / Resource Hash 1992cabddfb7c1c3714d4a27f5aa91c43f3f3f49bd005d209b1e84a434de067c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-v086-08a64485e.edge-irl1.demdex.com 5.80.1.20201111130852 5ms (+1ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID gx3YsnshSOU= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.xero.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 190 Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	13ms 13ms	Other image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	13ms 13ms	Other image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	13ms 13ms	Other image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect www.google-analytics.com/ Frame 3341	35 B 58 B	13ms 13ms	Other image/gif	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:35:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	unip Show response trc-events.taboola.com/1102674/log/3/ Frame 3341	0 290 B	128ms 38ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1102674/log/3/unip?en=pre_d_eng_tb&tos=1501&scd=100&ssd=1&est=1607286959156&ver=27&isls=true&src=i&invt=1500&tim=1607286960657&vi=1607286959154&ri=451105d91745647ab0e6cde97aa8d486&sd=v2_4c5caea1ee2709c948c0e4295caaef3e_cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f_1607286959_1607286959_CNawjgYQ0qZDGLLYks7jLiABKAQwSjjE1whA6osQSNr61wNQy6EPWAFgAGjipqqRsq2X4nA&ui=cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f&ref=null&cv=20201123-29-RELEASE Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1112426/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:36:00 GMT server nginx x-fastly-to-nlb-rtt 16187 p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true tbl-x-upstream 10.40.0.111:10213
GET H2	204	unip Show response trc-events.taboola.com/1112426/log/3/ Frame 3341	0 291 B	127ms 37ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1112426/log/3/unip?en=pre_d_eng_tb&tos=1501&scd=100&ssd=1&est=1607286959156&ver=27&isls=true&src=i&invt=1500&tim=1607286960658&vi=1607286959154&ri=c8d2d9debb8e44b54a167f8740533b3e&sd=v2_c09ae3cf5d15675a71e512d446251a2d_cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f_1607286959_1607286959_CNawjgYQ6vJDGLLYks7jLiABKAEwSjjE1whA6osQSNr61wNQy6EPWAFgAGjipqqRsq2X4nA&ui=cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f&ref=null&cv=20201123-29-RELEASE Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1112426/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:36:00 GMT server nginx x-fastly-to-nlb-rtt 16187 p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true tbl-x-upstream 10.40.20.11:10213
GET H2	204	unip Show response trc-events.taboola.com/1102674/log/3/ Frame 3341	0 290 B	32ms 31ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1102674/log/3/unip?en=pre_d_eng_tb&tos=4503&scd=100&ssd=1&est=1607286959156&ver=27&isls=true&src=i&invt=3000&tim=1607286963659&vi=1607286959154&ri=451105d91745647ab0e6cde97aa8d486&sd=v2_4c5caea1ee2709c948c0e4295caaef3e_cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f_1607286959_1607286959_CNawjgYQ0qZDGLLYks7jLiABKAQwSjjE1whA6osQSNr61wNQy6EPWAFgAGjipqqRsq2X4nA&ui=cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f&ref=null&cv=20201123-29-RELEASE Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1112426/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:36:03 GMT server nginx x-fastly-to-nlb-rtt 16224 p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true tbl-x-upstream 10.41.30.18:10213
GET H2	204	unip Show response trc-events.taboola.com/1112426/log/3/ Frame 3341	0 290 B	34ms 33ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1112426/log/3/unip?en=pre_d_eng_tb&tos=4503&scd=100&ssd=1&est=1607286959156&ver=27&isls=true&src=i&invt=3000&tim=1607286963660&vi=1607286959154&ri=c8d2d9debb8e44b54a167f8740533b3e&sd=v2_c09ae3cf5d15675a71e512d446251a2d_cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f_1607286959_1607286959_CNawjgYQ6vJDGLLYks7jLiABKAEwSjjE1whA6osQSNr61wNQy6EPWAFgAGjipqqRsq2X4nA&ui=cb163e57-7ae8-4287-bdaa-eed0c4627531-tuct6c6c62f&ref=null&cv=20201123-29-RELEASE Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1112426/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 06 Dec 2020 20:36:03 GMT server nginx x-fastly-to-nlb-rtt 16224 p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://www.xero.com cache-control no-cache access-control-allow-credentials true tbl-x-upstream 10.40.0.117:10213
POST H2	204	collect analytics.google.com/g/ Frame 3341	0 45 B	13ms 13ms	Other text/plain	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-Q622B96ZEQ&gtm=2oeb41&_p=1432659149&sr=1600x1200&ul=en-us&cid=525614166.1607286959&_s=2&dl=https%3A%2F%2Fwww.xero.com%2Flogin-iframe%2F&dr=https%3A%2F%2Flogin.xero.com%2F%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fin.xero.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fsU9UzU6qdidKmfTOclalJXagtpDC3szCqiJCwAwy%25252fStatement%26wct%3D2020-12-06T20%253a30%253a49Z&dt=login-iframe%20%7C%20Xero&sid=1607286958&sct=1&seg=0&en=scroll&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q622B96ZEQ&l=TagManagerDataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xero.com/login-iframe/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Dec 2020 20:36:04 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.xero.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT