in.xero.com Open in urlscan Pro
2.19.224.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-eu.mimecast.com/s/dJkBCrRpRSAoARnCzRXiL?domain=in.xero.com
Effective URL:
https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Submission: On November 13 via manual (November 13th 2023, 4:59:48 pm UTC) from GB — Scanned from GB

Summary HTTP 132 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 132 HTTP transactions. The main IP is 2.19.224.185, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is in.xero.com. The Cisco Umbrella rank of the primary domain is 78481.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 18th 2023. Valid for: a year.

This is the only time in.xero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	91.220.42.63 91.220.42.63	42427 (MIMECAST-UK) (MIMECAST-UK)
36	2.19.224.185 2.19.224.185	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2.19.225.77 2.19.225.77	16625 (AKAMAI-AS) (AKAMAI-AS)
14	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	199.15.214.243 199.15.214.243	15224 (OMNITURE) (OMNITURE)
30	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:fc00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
1	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
1	52.30.58.64 52.30.58.64	16509 (AMAZON-02) (AMAZON-02)
3	44.239.145.201 44.239.145.201	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
5	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
132	20

2 91.220.42.63 (United Kingdom) 2 redirects

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com

protect-eu.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2.19.224.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-185.deploy.static.akamaitechnologies.com

in.xero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
product-analytics-bff.xero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.225.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-225-77.deploy.static.akamaitechnologies.com

edge.xero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.15.214.243 (United States)

ASN15224 (OMNITURE, US)

109-rsd-113.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:fc00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.58.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-58-64.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.239.145.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-145-201.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203 m.stripe.com — Cisco Umbrella Rank: 1249 r.stripe.com — Cisco Umbrella Rank: 3546	742 KB
39	xero.com in.xero.com — Cisco Umbrella Rank: 78481 edge.xero.com — Cisco Umbrella Rank: 45960 static.xero.com — Cisco Umbrella Rank: 102827 product-analytics-bff.xero.com — Cisco Umbrella Rank: 60550	1 MB
16	google.com pay.google.com — Cisco Umbrella Rank: 2685 play.google.com — Cisco Umbrella Rank: 28	421 KB
7	paypal.com www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com — Cisco Umbrella Rank: 3468	27 KB
5	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	2 KB
4	gstatic.com www.gstatic.com	101 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	536 KB
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 562	57 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	18 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3497	7 KB
2	mimecast.com 2 redirects protect-eu.mimecast.com — Cisco Umbrella Rank: 32961	3 KB
1	mixpanel.com api.mixpanel.com — Cisco Umbrella Rank: 1168	342 B
1	mktoresp.com 109-rsd-113.mktoresp.com	121 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	44 KB
132	14

	Domain	Requested by
33	in.xero.com	in.xero.com
22	r.stripe.com	js.stripe.com
14	js.stripe.com	in.xero.com js.stripe.com
12	play.google.com	www.gstatic.com
8	q.stripe.com	in.xero.com
6	www.paypal.com	in.xero.com www.paypalobjects.com
5	bam.nr-data.net	in.xero.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com in.xero.com www.gstatic.com
3	m.stripe.com	m.stripe.network
3	www.paypalobjects.com	in.xero.com www.paypal.com
3	edge.xero.com	in.xero.com
2	js-agent.newrelic.com	in.xero.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	static.xero.com	in.xero.com
2	munchkin.marketo.net	in.xero.com
2	protect-eu.mimecast.com	2 redirects
1	merchant-ui-api.stripe.com	js.stripe.com
1	api.mixpanel.com	in.xero.com
1	t.paypal.com	in.xero.com
1	109-rsd-113.mktoresp.com	munchkin.marketo.net
1	product-analytics-bff.xero.com	edge.xero.com
1	www.googletagmanager.com	in.xero.com
132	23

This site contains links to these domains. Also see Links.

Domain
www.xero.com

Subject Issuer	Validity	Valid
*.xero.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-18` - `2024-07-18`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Frame ID: F6FDCD0FAC8155789FF3DC4FF6849E6C
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: DC94EECB0193B65584E781A457B60CE6
Requests: 4 HTTP requests in this frame

Frame: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
Frame ID: 24D14A53D636736250775CA425844229
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-40215e40827dd438f51a3d10642828c3.html
Frame ID: EEDA621A1E1956461091B9DC5361EA20
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-b81a98634f4976aa8c102d782ddf9a01.html
Frame ID: 4E60D2C925829D1E3363D644FDB9DA77
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-882d9ef13e6ab5d701909a021c5686a6.html
Frame ID: 3511038E9A8F73AD5A82C0F5DC5C6802
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 032F7CB56170D648437CEDAEDCB8C2CA
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 788DDC66CB9DCD406FD3462490670967
Requests: 13 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&style.label=paypal&style.layout=vertical&style.size=responsive&style.shape=rect&style.color=white&style.tagline=false&funding.disallowed=credit%2Ccard%2Cvenmo&domain=in.xero.com&sessionID=uid_f4277213a0_mty6ntk6ndi&buttonSessionID=uid_6d7c95bbc9_mty6ntk6ndm&renderedButtons=paypal&storageID=uid_9fbafbe8be_mty6ntk6ndi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=f4593a88cb&version=4&xcomponent=1
Frame ID: 20D2C317EA2B7F026E4D69E9506BC65D
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 15DC27F41B56C64B39958E127EB1DE92
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tech Recycle | Invoice INV-9350

Page URL History Show full URLs

https://protect-eu.mimecast.com/s/dJkBCrRpRSAoARnCzRXiL?domain=in.xero.com HTTP 307
https://protect-eu.mimecast.com/r/GwUSC3QvRPk1ZeD4JqlPXY79E_sRM0fKF_W78zSVOTIHfZQ2rM-5YsqZki5-cSv6CDkNWvmXrF... HTTP 307
https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Mixpanel (Analytics) Expand

Overall confidence: 100%
Detected patterns

api\.mixpanel\.com/track

Page Statistics

132
Requests

99 %
HTTPS

25 %
IPv6

14
Domains

23
Subdomains

20
IPs

5
Countries

3096 kB
Transfer

12970 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xero.com/try-now/manage-invoices/?utm_source=xero-invoice&utm_medium=referral&utm_campaign=global-d-lf-xeroinvoicereferrals

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-eu.mimecast.com/s/dJkBCrRpRSAoARnCzRXiL?domain=in.xero.com HTTP 307
https://protect-eu.mimecast.com/r/GwUSC3QvRPk1ZeD4JqlPXY79E_sRM0fKF_W78zSVOTIHfZQ2rM-5YsqZki5-cSv6CDkNWvmXrFVJguHPYTExsxybcuzS9I4lQQ3_xSLUW1p3mjK1Dhj3_ERsliD0tq3TS72Lcm1i2USD81qMu5kFx7uGRWlAy9WavSdAy0fDU05ZkY_uu5RGnGC4YEBhpuQuB2sEc0N70ycP4kVuzyy2mK80pyGSEcrmVJjtJ2DFFeeSSmEUSPss5_2qDdDG91jKft_k03b2uTUXHTrN1tqX3g6hN33rZxijfG4NeRrlL8TaXaoPVznI7nXoiQc9czuut8Q9p2RtKK3aQ9QuPdVSDqUEDHY6yBQZ4wr7weJwOAog_pPjGLPI8tDijnRML4OgkwQ9TXZmliL4SmpECQiFStDsmVCO62vuq61CUZAjo55GcIE4k9TEv2vGDHS-AafDhAYglV52hkjBfMq4wC5iet7JVLgD4p5S7qB1UaDTakddU9-GPpD8AenAQZwQqxUAmI-0PcBabx7tx7AqYzJ5aKiVDWABKyaU2dKlR649a-1ff4uQZfv_HZMJRPh6PVhf6CW8cI1wf_vN8s2wNK92I3jDuVcAhqGrqUQ4JCXfH7LPS3lkcvxUHkb2vOyMVTL-i0F5sKG3xpAiJJPr5yf08jhLlWIDKNjUsZUE-KbwHc0hDlAypK_MrQfL61q3ffY8KIpljiqeqsDdkh3aSmNY_dukJ_rYG-Z-u4xyZyWFw_r5xTdHzcDWkzquDghMUfuef9bzQxQin0K65_KGqONrGNurJ0wMRiyHLR-9wycPduL0TVhX0CYKEYQwlhu5VDFaJYVNPpsBk11Jirqm0RxrnJvlz0vAwHC-9S-Rd4UuvbUDK73GIjJA67LTGtxp6yfNMIECgtIlwewv9s7CrQzjRV99z6EPhqxVIynqfy2Xap-_1cT0hLJwAuK2pTLXJ1QUVFu9Z5lkuvoYywkHXLLx5B6QU8h0NorZ5OCNzEh-H9GPbI2Gqlc6jxypRq8HFT6aU7FiDTZU0sYkuBlAMH-QHFx-crHUc0YVeKXEgtkU4BI5og3lI3v3RBMqFNKGc_c1TJ72PkueyQPP7n8OTmPQOA_36Ny7Zlqt7M2mCwghEZG-SntcncayhG-Sc7WQ6MaWa04xdGJ7gBMhsnVrQ4olfCZHIN9Kf3qNbDlVDUtMQkMXujJJP1nk0_eza1Ed-TBaQ9OZC2SNIlkxnn-2AXaWEwG7vR0HW1Z_tPyMLs8-B2z3HrIt2BiDWaLOU75Rvs9jB9EAOEnc9PQTqwY5CuI-j2KXtWUejynEObf45h-kul91yfExqDSC9If929MYTP6jztEWdfy2fOnol0rzbr_OJEf5HnXLoiiDVGTo6WvosRFecD8j7Cf8ILyHthhXzY7e_bI8yKGRNARlL_jZHRfzhkTYKVe785Ff9T9MukW5zR_P2hfUlm7F-LAi58-dW2XbknUylzab7ioIF5F6qAJQEne5KjLEitri7Iov2jwWDcmZb24iX-RzwMpmR6RGBHzkLvkVOg959H9MM1MLvGv-dsCXNM7mruOZ6C8-Q-k4XzVvo0v2TuafGigR-yoomnPqPPCXrX0LqRxXSBcJXuuifEx9nx8pe05kr37xdps16rsQpgl7nq5fKVCAjYe5xAcsUk-O-MdZrhGgIWsAvFH67d-e2EwekLC57NEReo0R1cGwTR2TAsowQwwUa2WZhp58P2k8Bv6UGdRPBbWEkrsW4p_N5mOX74tYFnp7czcNknFSSCbBeU0EENX0ACFqY9mSYrJdXNPMbICfsYwhZV0Nc8SEybo5VFNqVaPjxPrOrSCxX9GrnQkvunohSiCaaH5Rt80pACFEMFAVvbWcQ94xvRGISnTAj1zr1s5AB32VG_omQJR9CoBdEfWxNPzSAiOD7cSeQWT9-QP5fpITJc2TJ2QFu95ZR3X4H1rjgAga3IV6iR6hvifwrshHo4hL7BuWs_p2Held1AsfvwIORXSN0PKZFmZfeLoQd0hG9s9-FkeHR3Rr_4zjxox9U_j2HMRS-DRUcl11Y33sDl3zq_JIcpInQiP6-FJXrXrVZq5mxlBTRpwU25X9GOoWhZ8Utq5aOP_ogyua5aKm4c-y_Ty-WUCG4oC2yfp8TWOSngZ5qnCi2bwJSZS52Lwc4yEGaSslnIVoSf2JFIRP0N91uqHc3JhCptpjY48m_ZOdxOVL70h3RWuujM4hhO7CWz2-l4nL HTTP 307
https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

132 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG Show response
in.xero.com/
Redirect Chain

https://protect-eu.mimecast.com/s/dJkBCrRpRSAoARnCzRXiL?domain=in.xero.com
https://protect-eu.mimecast.com/r/GwUSC3QvRPk1ZeD4JqlPXY79E_sRM0fKF_W78zSVOTIHfZQ2rM-5YsqZki5-cSv6CDkNWvmXrFVJguHPYTExsxybcuzS9I4lQQ3_xSLUW1p3mjK1Dhj3_ERsliD0tq3TS72Lcm1i2USD81qMu5kFx7uGRWlAy9WavSd...
https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

85 KB
28 KB

1318ms
708ms

Document
text/html

2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b7e490e1d1e1f7730d58c5c6ca1add6aed33448b5aae674743b60563f365ab4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 26875
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 16:59:41 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-envoy-upstream-service-time: 283
x-frame-options: SAMEORIGIN SAMEORIGIN
x-s: EC2AMAZ-N3CF9O8
x-ua-compatible: IE=edge

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 13 Nov 2023 16:59:40 GMT
Location: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton#paynow
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow

GET
H2 200 xui.min.css
edge.xero.com/style/xui/9.9.0/ 46 KB
7 KB 229ms
63ms Stylesheet
text/css 2.19.225.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.xero.com/style/xui/9.9.0/xui.min.css
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.225.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-225-77.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 05bbf566b931c2301f3b5cbe6b0b05a2ce01a3092807069b3fa0170c619bcc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
date: Mon, 13 Nov 2023 16:59:42 GMT
last-modified: Wed, 31 May 2023 03:32:36 GMT
server: Akamai Resource Optimizer
x-amz-request-id: JKG4DVR7ZP3CA92E
etag: "85f0997bae15f1834d3967045d9aa043"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=6502456
accept-ranges: bytes
content-length: 6530
x-amz-id-2: KHSYSJ8LpJpWVE9yRQ3F2XqAN6CrNVVG5F5ZkeeY1DSkikx/rxdpcosJsc9EgtrTH5tnlcdWiMkvuaGbQxyDAukmN3zC0eircBBd0YCqcqU=

GET
H2 200 a32c39c411e3eefe9c2c---resources--styles--invoice_base.css
in.xero.com/Resources/build/ 57 KB
13 KB 66ms
63ms Stylesheet
text/css 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/build/a32c39c411e3eefe9c2c---resources--styles--invoice_base.css

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1ef62cf4316036f992144a105da24c8a62e7067ac4f51e263a003854e81074b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:41 GMT
last-modified: Mon, 17 Jul 2023 15:36:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 6
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 12918
x-ua-compatible: IE=edge

GET
H2 200 93fba1ead3bceb397939---resources--styles--theme--standard.css
in.xero.com/Resources/build/ 4 KB
1 KB 140ms
137ms Stylesheet
text/css 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/build/93fba1ead3bceb397939---resources--styles--theme--standard.css

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

21d1b9b92b8f1d6aaca6997e6449b6f80c9bad859e62befc994be3501cb6e533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:41 GMT
last-modified: Thu, 02 Feb 2023 04:22:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 6
accept-ranges: bytes
content-length: 1007
x-ua-compatible: IE=edge

GET
H2 200 hash-db57587996f58a3800e7---resources--scripts--libs.js Show response
in.xero.com/Resources/build/ 1 MB
339 KB 141ms
138ms Script
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/build/hash-db57587996f58a3800e7---resources--scripts--libs.js

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

9d46b36e16b443e593bc763d2af41d26f567687b2213df72fc35a96902d8ba97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:41 GMT
last-modified: Mon, 24 Jul 2023 02:27:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 7
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 346858
x-ua-compatible: IE=edge

GET
H2 200 hash-189b0a8a78d8911ebc64---resources--scripts--xero--lang--en-gb.js Show response
in.xero.com/Resources/build/ 4 KB
2 KB 231ms
228ms Script
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/build/hash-189b0a8a78d8911ebc64---resources--scripts--xero--lang--en-gb.js

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

71e14a7277d0dd446c1af3d3063f44c7034a03efb9aefbddf44a37af38a61054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:41 GMT
last-modified: Sun, 12 Feb 2023 23:32:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 63
accept-ranges: bytes
content-length: 1659
x-ua-compatible: IE=edge

GET
H2 200 hash-87398d82f27b1d33c2d4---resources--scripts--xero.js Show response
in.xero.com/Resources/build/ 389 KB
102 KB 73ms
71ms Script
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/build/hash-87398d82f27b1d33c2d4---resources--scripts--xero.js

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

47879f1f9fc69e1f6f5f85132da156a494dfc2acba29dd1eececa26897d9fb09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:41 GMT
last-modified: Wed, 11 Oct 2023 14:25:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 5
accept-ranges: bytes
x-s: EC2AMAZ-VAK0LAO
content-length: 103686
x-ua-compatible: IE=edge

GET
H2 200 / Show response
js.stripe.com/v3/ 552 KB
153 KB 163ms
52ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

97ad5db971366096746a029a6060f3c0b1e478192c8f86e3d81207590afd7dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:41 GMT
via: 1.1 varnish
age: 15
x-cache: HIT
content-length: 156367
x-request-id: 2e277b92-c757-4a08-9759-013fbc1243ac
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 10 Nov 2023 21:38:56 GMT
server: Fastly
etag: "ded59f1f2f98aff73b8768101c88a305"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
230 KB 231ms
56ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D06) /

Resource Hash

3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e908ca6ac98e5
dc: ccg11-origin-www-1.paypal.com
content-length: 235351
last-modified: Wed, 24 May 2023 16:43:28 GMT
server: ECAcc (frc/4D06)
traceparent: 00-0000000000000000000e908ca6ac98e5-afb7380ea1cd3d43-01
etag: "646e3eb0-16d204+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Tue, 14 Nov 2023 16:59:42 GMT

GET
H2 200 analytics.js Show response
edge.xero.com/beanie/1.x/ 11 KB
5 KB 229ms
66ms Script
application/javascript 2.19.225.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.xero.com/beanie/1.x/analytics.js
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.225.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-225-77.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e805975d189ff499df9585e51b116491fcd32794723aebc525fb4fb29a988161

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: BLrHwAZe.Ssdom8M7rcsCpkWMhAdl4Yp
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:42 GMT
x-amz-request-id: JTJB2SJQ1GH53YTQ
x-amz-replication-status: PENDING
content-length: 4460
x-amz-id-2: othSmR7IzL5dcboB6y+NpuYiyHUqoWEKOwwiU1dlP0WyFippnqbSCYZdY2vdq+4nhnUzfy27EoI=
last-modified: Tue, 28 Jun 2022 01:23:52 GMT
server: AmazonS3
etag: "712e644a4675937142b069480215a9a0"
vary: Accept-Encoding
access-control-max-age: 3000
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=363
accept-ranges: bytes

GET
H2 200 polyfills.min.js Show response
edge.xero.com/common/polyfills/1.0.0-beta.3/ 18 KB
6 KB 231ms
68ms Script
application/javascript 2.19.225.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.xero.com/common/polyfills/1.0.0-beta.3/polyfills.min.js
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.225.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-225-77.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: b5c708cf49fb722bce9fa5d5871d747dd91e37976abc4b8adc824691686c12bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: celxjh9Ji3OdMjBejXR3UVxdBL_Yd6Ku
content-encoding: br
date: Mon, 13 Nov 2023 16:59:42 GMT
x-amz-request-id: GPC4K362DK12J05G
x-amz-replication-status: COMPLETED
content-length: 5901
x-amz-id-2: zUSQgnxndVKOs3ypfP0p9mLsW27M6VLwNeEs9rExHSD0KSwMb4lXctv+jJBnbejSBH1o+Sd1omY=
last-modified: Mon, 18 Sep 2023 00:28:59 GMT
server: Akamai Resource Optimizer
etag: "22f5450ee65eec61299d3305897eb2b2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5849661
accept-ranges: bytes

GET
H2 200 hash-d0f6ef5f00af7c0d8175---resources--scripts--invoice.js Show response
in.xero.com/Resources/build/ 1 KB
768 B 234ms
233ms Script
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/build/hash-d0f6ef5f00af7c0d8175---resources--scripts--invoice.js

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dfcb5353af46bce3e232fd57dac1ca9580844d10a925741f0ff1e99dcd3982e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:41 GMT
last-modified: Tue, 27 Jun 2023 00:57:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 6
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 535
x-ua-compatible: IE=edge

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 226ms
82ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 16:59:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 182ms
68ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPTNFV7

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba8306a0873b7d847042b86181fca94a7866184d724dcc825d376fad1da914d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:59:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44307
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Nov 2023 16:59:42 GMT

GET
H2 200 e7e2131e8ee7f228180e5299ba106486.png
in.xero.com/Resources/build/ 23 KB
23 KB 68ms
67ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/build/e7e2131e8ee7f228180e5299ba106486.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/build/a32c39c411e3eefe9c2c---resources--styles--invoice_base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

15ebb4ab92fa45eee4e8d930c6a2637c81c4837dabb620f5d35ecd98aff0f2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/build/a32c39c411e3eefe9c2c---resources--styles--invoice_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:42 GMT
last-modified: Wed, 26 Jul 2023 12:29:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-envoy-upstream-service-time: 6
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 23436
x-ua-compatible: IE=edge

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 184ms
63ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=in.xero.com&source=checkoutjs&t=xo&v=4.0.338

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+cEJPnuDKCNRHIK1cg7JfW7ZihU9Ogvd/IPbFCso5DQ8YNsX' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+cEJPnuDKCNRHIK1cg7JfW7ZihU9Ogvd/IPbFCso5DQ8YNsX' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2802
x-cache: HIT, MISS
paypal-debug-id: f985163e42c19
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4333
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230115-FRA, cache-fra-eddf8230115-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f985163e42c19-8d36e2a07df1460a-01
x-timer: S1699894783.523528,VS0,VE7
etag: W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 analytics.min.js Show response
static.xero.com/analytics/2.8.0-x3/ 96 KB
21 KB 154ms
113ms Script
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xero.com/analytics/2.8.0-x3/analytics.min.js
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-224-185.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: f4a557e588f9bee2020d68cef29b7be6914e680ab2fc27d528dcd6b0be1f751f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:59:42 GMT
content-encoding: br
last-modified: Tue, 18 Jul 2023 07:40:46 GMT
server: Akamai Resource Optimizer
etag: "19f677f7865fd01:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 20926

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 53ms
53ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 16:59:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Wed, 21 Feb 2024 16:59:42 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame DC94 200 B
841 B 55ms
55ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://in.xero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5686504
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 16:59:42 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 440141
x-content-type-options: nosniff
x-request-id: df1f47b4-63d9-4bb9-afaa-e17199a693f5
x-served-by: cache-fra-eddf8230077-FRA

GET
H2 200 viewer.html Show response
in.xero.com/Resources/PdfViewer/Web/ Frame 24D1 71 KB
22 KB 590ms
588ms Document
text/html 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

33674c7451576ffb6552e4841976d3ecb2c53bddc5982c197d853fb4ed7feab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=31536000
content-encoding: gzip
content-length: 21717
content-type: text/html
date: Mon, 13 Nov 2023 16:59:42 GMT
last-modified: Tue, 24 Oct 2023 04:32:00 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-envoy-upstream-service-time: 5
x-frame-options: SAMEORIGIN
x-s: EC2AMAZ-N3CF9O8
x-ua-compatible: IE=edge

GET
H2 200 GetGeo Show response
in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Organisation/ 172 B
370 B 589ms
588ms XHR
application/x-javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Organisation/GetGeo?_dc=1699894782421

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2c829a38fcb316e004b295d2ae7528c27d821a4e3fe7b797ff715078479a2106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQ8BU1ZRDBAFVlNXBggPUlU=
tracestate: 2990187@nr=0-1-1962024-780617245-84d247b45ecb94de----1699894782421
traceparent: 00-c74ddbe0852d490cd9baca989cf63700-84d247b45ecb94de-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6Ijc4MDYxNzI0NSIsImlkIjoiODRkMjQ3YjQ1ZWNiOTRkZSIsInRyIjoiYzc0ZGRiZTA4NTJkNDkwY2Q5YmFjYTk4OWNmNjM3MDAiLCJ0aSI6MTY5OTg5NDc4MjQyMSwidGsiOiIyOTkwMTg3In19
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
X-Requested-With: XMLHttpRequest

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private, max-age=0
x-envoy-upstream-service-time: 78
x-s: EC2AMAZ-N3CF9O8
content-length: 152
x-ua-compatible: IE=edge

GET
H2 200 GetFiles Show response
in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Docs/ 53 B
285 B 264ms
263ms XHR
application/x-javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Docs/GetFiles?_dc=1699894782423&associatedWith=2484F936-3924-489F-95EF-AF9AEDB62950&page=1&start=0&limit=50&sort=uploadedOn&dir=DESC

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1abdd1e018db118595e704698480ce223b50544c69bd1ef55472fc8027cfb9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQ8BU1ZRDBAFVlNXBggPUlU=
tracestate: 2990187@nr=0-1-1962024-780617245-9ab8e8df5054b163----1699894782424
traceparent: 00-754794ca7b6445eeeb1b910263037600-9ab8e8df5054b163-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6Ijc4MDYxNzI0NSIsImlkIjoiOWFiOGU4ZGY1MDU0YjE2MyIsInRyIjoiNzU0Nzk0Y2E3YjY0NDVlZWViMWI5MTAyNjMwMzc2MDAiLCJ0aSI6MTY5OTg5NDc4MjQyNCwidGsiOiIyOTkwMTg3In19
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
X-Requested-With: XMLHttpRequest

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private, max-age=0
x-envoy-upstream-service-time: 59
x-s: EC2AMAZ-N3CF9O8
content-length: 67
x-ua-compatible: IE=edge

POST
H2 200 events
product-analytics-bff.xero.com/ 1 B
615 B 587ms
542ms Ping
text/plain 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://product-analytics-bff.xero.com/events
Requested by: Host: edge.xero.com
URL: https://edge.xero.com/beanie/1.x/analytics.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-224-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://in.xero.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 16:59:42 GMT
x-rate-limit-limit: 1s
server: nginx
api-supported-versions: 1.0
x-rate-limit-remaining: 9
xero-correlation-id: e0d2ae8e-eb84-47d5-85cd-88deb0817a00
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://in.xero.com
x-rate-limit-reset: 2023-11-13T16:59:43.6993526Z
cache-control: max-age=0, no-cache, no-store
content-length: 1
expires: Mon, 13 Nov 2023 16:59:42 GMT

GET
H2 200 IsAuthenticated Show response
in.xero.com/ 20 B
532 B 377ms
376ms XHR
application/json 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/IsAuthenticated?_dc=1699894782427

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cc7fbc2ef1ce855af8865ac68cea2a82796a06be279d098f19ab8545ba0b3bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQ8BU1ZRDBAFVlNXBggPUlU=
tracestate: 2990187@nr=0-1-1962024-780617245-8874e929aa4f2501----1699894782427
traceparent: 00-ec18257d0c74040d8433c0cf657c1000-8874e929aa4f2501-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6Ijc4MDYxNzI0NSIsImlkIjoiODg3NGU5MjlhYTRmMjUwMSIsInRyIjoiZWMxODI1N2QwYzc0MDQwZDg0MzNjMGNmNjU3YzEwMDAiLCJ0aSI6MTY5OTg5NDc4MjQyNywidGsiOiIyOTkwMTg3In19
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
X-Requested-With: XMLHttpRequest

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
x-envoy-upstream-service-time: 5
x-s: EC2AMAZ-N3CF9O8
content-length: 20
x-ua-compatible: IE=edge

GET
H2 200 GetProfile Show response
in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Organisation/ 20 B
556 B 494ms
494ms XHR
text/html 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Organisation/GetProfile?_dc=1699894782427

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7dcf122b3c1030b4c6ce56e9c6d37d55fbec08f1c93d5ab6e4de5b6486e0d068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQ8BU1ZRDBAFVlNXBggPUlU=
tracestate: 2990187@nr=0-1-1962024-780617245-4647cbd4951f6291----1699894782427
traceparent: 00-642e553df1bebcea69dc9db1ea6e7500-4647cbd4951f6291-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6Ijc4MDYxNzI0NSIsImlkIjoiNDY0N2NiZDQ5NTFmNjI5MSIsInRyIjoiNjQyZTU1M2RmMWJlYmNlYTY5ZGM5ZGIxZWE2ZTc1MDAiLCJ0aSI6MTY5OTg5NDc4MjQyNywidGsiOiIyOTkwMTg3In19
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
X-Requested-With: XMLHttpRequest

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private, max-age=0
x-envoy-upstream-service-time: 91
x-s: EC2AMAZ-N3CF9O8
content-length: 24
x-ua-compatible: IE=edge

GET
H2 200 controller-40215e40827dd438f51a3d10642828c3.html Show response
js.stripe.com/v3/ Frame EEDA 325 B
692 B 53ms
52ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-40215e40827dd438f51a3d10642828c3.html

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bd13cab116285ae118e49f6276d3d9c083c4448279fb0698f4665a72bc2a4676

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://in.xero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 57
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 16:59:42 GMT
etag: "40215e40827dd438f51a3d10642828c3"
last-modified: Fri, 10 Nov 2023 21:04:26 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 22
x-content-type-options: nosniff
x-request-id: ced2ca38-8f24-4f0c-9ccf-c75f415070e1
x-served-by: cache-fra-eddf8230077-FRA

GET
H2 200 payment-request-inner-google-pay-b81a98634f4976aa8c102d782ddf9a01.html Show response
js.stripe.com/v3/ Frame 4E60 408 B
1 KB 52ms
52ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-b81a98634f4976aa8c102d782ddf9a01.html

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

42d22ccbbf63e4d56a5acd3076b63c8504f130c2852777f3c5c10cbface471af

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://in.xero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 244314
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 16:59:42 GMT
etag: "b81a98634f4976aa8c102d782ddf9a01"
last-modified: Fri, 10 Nov 2023 21:04:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2723
x-content-type-options: nosniff
x-request-id: 84fc129a-954c-4703-a6de-3e8f52d23811
x-served-by: cache-fra-eddf8230077-FRA

GET
H2 200 payment-request-inner-browser-882d9ef13e6ab5d701909a021c5686a6.html Show response
js.stripe.com/v3/ Frame 3511 344 B
1 KB 52ms
52ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-882d9ef13e6ab5d701909a021c5686a6.html

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

efdfcf3c304ff31aecbd16d423219821f5fa96c24cd50202c3c61975efbb713e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://in.xero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 57
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 16:59:42 GMT
etag: "882d9ef13e6ab5d701909a021c5686a6"
last-modified: Fri, 10 Nov 2023 21:04:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 94eec8f7-e1c7-40e7-b929-d67b907d6e29
x-served-by: cache-fra-eddf8230077-FRA

POST
H/1.0 200
OK visitWebPage
109-rsd-113.mktoresp.com/webevents/ 43 B
121 B 1081ms
176ms Ping
image/gif 199.15.214.243
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://109-rsd-113.mktoresp.com/webevents/visitWebPage?_mchNc=1699894782441&_mchCn=&_mchId=109-RSD-113&_mchTk=_mch-xero.com-1699894782441-91586&_mchHo=in.xero.com&_mchPo=&_mchRu=%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=%23paynow&_mchRe=&_mchQp=utm_source%3DinvoiceEmailPayNowButton
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.15.214.243 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: BigIP /
Resource Hash: cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 43
Server: BigIP

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DC94 631 B
568 B 53ms
52ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish
age: 1161679
x-cache: HIT
content-length: 399
x-request-id: 22290e15-c447-40c6-9092-5db72e04b240
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 420651

POST
H2 200 csp-report
q.stripe.com/ Frame DC94 0
717 B 820ms
408ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783169930
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699894783169480
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DC94 0
718 B 815ms
404ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783169816
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699894783169356
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-c575c7a277a567f4e3576ad3c584d4d6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EEDA 533 KB
129 KB 56ms
55ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-40215e40827dd438f51a3d10642828c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1fb8d3f69fe8ece47793a46f98e163195d6fde2ad52464e856dd1b2f94a4dd0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/controller-40215e40827dd438f51a3d10642828c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish
age: 244445
x-cache: HIT
content-length: 131831
x-request-id: 5178a2e7-c636-41d1-94bb-004c6276ac06
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 10 Nov 2023 21:04:40 GMT
server: Fastly
etag: "3d7bcd9dfb7a8b3560c2967554ca10f5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10366

GET
H2 200 controller-dc43c737398d6271fb21842f4b494cd1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EEDA 658 KB
171 KB 55ms
54ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-dc43c737398d6271fb21842f4b494cd1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-40215e40827dd438f51a3d10642828c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a1dd8d1b8f87c32fba50d82e2c7a1f1e2e042f8131d399da4274669cba517df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/controller-40215e40827dd438f51a3d10642828c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish
age: 244445
x-cache: HIT
content-length: 175081
x-request-id: 210f21c4-40a3-4cdb-9837-e875e9668b6e
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 10 Nov 2023 21:04:38 GMT
server: Fastly
etag: "c3a2f03781ee6d217d29dc397956ddd5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9499

POST
H2 200 csp-report
q.stripe.com/ Frame EEDA 0
717 B 783ms
413ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783172785
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699894783171420
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 4E60 118 KB
37 KB 235ms
102ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b81a98634f4976aa8c102d782ddf9a01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc4362efc6bd4d8465c502b0d02913278f94a0ed11be4e66dbc84a2d4978a47

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-F9Sspl28OX3KeYJ-b2mqZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:59:42 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-F9Sspl28OX3KeYJ-b2mqZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 13 Nov 2023 16:59:42 GMT

GET
H2 200 shared-c575c7a277a567f4e3576ad3c584d4d6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4E60 533 KB
129 KB 114ms
114ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b81a98634f4976aa8c102d782ddf9a01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1fb8d3f69fe8ece47793a46f98e163195d6fde2ad52464e856dd1b2f94a4dd0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b81a98634f4976aa8c102d782ddf9a01.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish
age: 244445
x-cache: HIT
content-length: 131831
x-request-id: 14d9c4f8-a53f-48df-b482-7dbcaea468a1
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 10 Nov 2023 21:04:40 GMT
server: Fastly
etag: "3d7bcd9dfb7a8b3560c2967554ca10f5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10367

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4E60 10 KB
4 KB 53ms
53ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b81a98634f4976aa8c102d782ddf9a01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b81a98634f4976aa8c102d782ddf9a01.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish
age: 1726664
x-cache: HIT
content-length: 4272
x-request-id: 8e0e0fd6-4a69-44e1-b446-6beaa44f3c79
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13903

GET
H2 200 shared-c575c7a277a567f4e3576ad3c584d4d6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3511 533 KB
129 KB 123ms
122ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-882d9ef13e6ab5d701909a021c5686a6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1fb8d3f69fe8ece47793a46f98e163195d6fde2ad52464e856dd1b2f94a4dd0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-882d9ef13e6ab5d701909a021c5686a6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish
age: 244445
x-cache: HIT
content-length: 131831
x-request-id: 0db2ffe6-8447-4fbb-8219-9bc7d17bd438
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 10 Nov 2023 21:04:40 GMT
server: Fastly
etag: "3d7bcd9dfb7a8b3560c2967554ca10f5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10368

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3511 12 KB
5 KB 123ms
122ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-882d9ef13e6ab5d701909a021c5686a6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-882d9ef13e6ab5d701909a021c5686a6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish
age: 2987652
x-cache: HIT
content-length: 4877
x-request-id: 32d79c27-c76e-4465-82c4-b569765005bd
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22871

POST
H2 200 csp-report
q.stripe.com/ Frame 4E60 0
717 B 815ms
451ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783172525
x-envoy-upstream-service-time: 9
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699894783170299
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4E60 0
717 B 800ms
437ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783172655
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699894783171421
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3511 0
717 B 785ms
423ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783170778
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699894783170279
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3511 0
717 B 801ms
439ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783172924
x-envoy-upstream-service-time: 9
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699894783170274
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 032F 930 B
2 KB 170ms
51ms Document
text/html 2600:9000:206f:fc00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 230
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 16:55:52 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-id: ZH4we4nqDJKAMuE-PnJ3LO30BtyRBkwyrmqM9kq_eR8yFIldmrNxyA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 mixpanel-2.2-XERO.min.js Show response
static.xero.com/content/2.16/mixpanel/ 26 KB
8 KB 66ms
65ms Script
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xero.com/content/2.16/mixpanel/mixpanel-2.2-XERO.min.js
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-224-185.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 061c731a7b470a6d6458931158b08fe7176e7f61b93bf38d96a546939d94e148

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:59:42 GMT
content-encoding: br
last-modified: Sun, 14 May 2023 16:12:48 GMT
server: Akamai Resource Optimizer
etag: "aa73532d144d01:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=5863188
accept-ranges: bytes
content-length: 8480

GET
H2 200 ts
t.paypal.com/ 42 B
808 B 340ms
198ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Tech%20Recycle%20%7C%20Invoice%20INV-9350&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1699894782596&g=0&completeurl=https%3A%2F%2Fin.xero.com%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%3Futm_source%3DinvoiceEmailPayNowButton%23paynow&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ad7a15a9b7981
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230086-FRA
pragma: no-cache
correlation-id: ad7a15a9b7981
traceparent: 00-0000000000000000000ad7a15a9b7981-5f88df7a80119680-01
x-timer: S1699894783.766660,VS0,VE146
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 16:59:42 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame EEDA 474 B
614 B 159ms
53ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

563ec28bfd1c836b097d2ccb17c4bcee4143cd3fbdb12296e8b4599afc7c2ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-40215e40827dd438f51a3d10642828c3.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Nov 2023 16:59:42 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 22
x-cache: HIT
content-length: 298
x-request-id: 32fdec65-265a-4f01-87cd-cd12872ede44
x-served-by: cache-fra-eddf8230135-FRA
last-modified: Fri, 10 Nov 2023 21:40:36 GMT
server: Fastly
etag: "bfe8871f934e9482f1ebf379d30dee05"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame EEDA 474 B
369 B 145ms
54ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

563ec28bfd1c836b097d2ccb17c4bcee4143cd3fbdb12296e8b4599afc7c2ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-40215e40827dd438f51a3d10642828c3.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Nov 2023 16:59:42 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 22
x-cache: HIT
content-length: 298
x-request-id: c666a5e3-38c9-4112-bcb6-37d19c169c18
x-served-by: cache-fra-eddf8230135-FRA
last-modified: Fri, 10 Nov 2023 21:40:36 GMT
server: Fastly
etag: "bfe8871f934e9482f1ebf379d30dee05"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 / Show response
api.mixpanel.com/track/ 1 B
342 B 302ms
167ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGJjOTlmZWFmMjc5Ny0wNzM2NTZkNTJkOTRjLTY2Mzg1ZTUzLTFkNGMwMC0xOGJjOTlmZWFmM2U4ZSIsInV0bV9zb3VyY2UiOiAiaW52b2ljZUVtYWlsUGF5Tm93QnV0dG9uIiwiJGluaXRpYWxfcmVmZXJyZXIiOiAiJGRpcmVjdCIsIiRpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiAiJGRpcmVjdCIsIm1wX3BhZ2UiOiAiaHR0cHM6Ly9pbi54ZXJvLmNvbS9VSU1mbHpIbFVTbGtwRTFVRkJhTzQzVjBJVXlVUzg2dHhIQ2ZyM0dHIiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiMTQ2NmNmNjQ5YzBhOWU3YjYyY2VjN2Q0NTQxMmUyNWUifX0%3D&ip=1&_=1699894782710

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Mon, 13 Nov 2023 16:59:42 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://in.xero.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 csp-report
q.stripe.com/ Frame 032F 0
492 B 582ms
438ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783171999
x-envoy-upstream-service-time: 10
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699894783169473
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 032F 87 KB
16 KB 65ms
65ms Script
text/javascript 2600:9000:206f:fc00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:58:44 GMT
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 59
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: xFP3wM0-9GTmLBpVITbLfT85VMgj0iLtntN0NcdCmf0KMxvF9qMNWg==

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame EEDA 2 KB
3 KB 482ms
341ms Fetch
application/json 52.30.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.30.58.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-58-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

14cbed92115cd085564f02510b53de60bf59bb48f1ccdec03fa4831ea9eec049

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2150
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 032F 156 B
671 B 618ms
208ms XHR
application/json 44.239.145.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.145.201 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-145-201.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fed238fa454c45d6e53130065931c04b897067212168107da176d23873376190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783437571
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699894783437249
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 788D 19 KB
8 KB 111ms
110ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4575143ebf2e1ec1d3ad39f4453690bd4302520eaa718eacc8961713de8af15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vENKPgrGEsv_8w2ayXtFMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vENKPgrGEsv_8w2ayXtFMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 13 Nov 2023 16:59:42 GMT
expires: Mon, 13 Nov 2023 16:59:42 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 386ms
350ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172232
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 8
x-stripe-client-envoy-start-time-us: 1699894783171682
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 358ms
322ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172579
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699894783171696
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 356ms
321ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172220
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699894783171844
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 371ms
336ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172462
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699894783171882
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 353ms
318ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783171593
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699894783171389
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 345ms
311ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172063
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699894783171890
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 356ms
321ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783171785
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699894783171597
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 352ms
318ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172285
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699894783171493
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 356ms
322ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172220
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699894783171577
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 345ms
311ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172117
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699894783171659
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 383ms
350ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172425
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 8
x-stripe-client-envoy-start-time-us: 1699894783171849
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 352ms
323ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783172679
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699894783171790
access-control-allow-credentials: true
content-length: 0

GET
H2 200 viewer.css
in.xero.com/Resources/PdfViewer/Web/ Frame 24D1 55 KB
9 KB 80ms
79ms Stylesheet
text/css 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

13101fb8fe32be9c27da9ec31573170e5074af0ba1d25e30166ccf35e86840cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Fri, 03 Jun 2022 13:39:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=4404217
accept-ranges: bytes
content-length: 9325
x-ua-compatible: IE=edge

GET
H2 200 pdf.js Show response
in.xero.com/Resources/PdfViewer/build/ Frame 24D1 602 KB
110 KB 71ms
70ms Script
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/PdfViewer/build/pdf.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5fa8c6c94367bb8d325d73bee5e30021be78ee37ada658751f707acaf4d66317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Sun, 12 Feb 2023 22:52:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=4696781
x-envoy-upstream-service-time: 6
accept-ranges: bytes
content-length: 112778
x-ua-compatible: IE=edge

GET
H2 200 viewer.js Show response
in.xero.com/Resources/PdfViewer/Web/ Frame 24D1 365 KB
67 KB 65ms
65ms Script
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/PdfViewer/Web/viewer.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b8ae94791913bb950eda482c5fea1cf1576758c7ccf7278b0e250d33f96985cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Wed, 19 Jul 2023 01:24:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=4404177
x-envoy-upstream-service-time: 11
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 68180
x-ua-compatible: IE=edge

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 788D 158 KB
57 KB 165ms
52ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri6SV2ufDDxlUxTHYuOrR7exl8RAQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e07582566d18a91f2cd6df34e8d5913c2bdb333e2df7bf272d5e57556707511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 17:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57295
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 02:37:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 17:18:25 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 788D 2 KB
2 KB 154ms
153ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 texture.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 2 KB
3 KB 124ms
120ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/texture.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

161fb247ede7ecb867d864863b8e3de3a93daae6286fce1ab7c3700f55112c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Fri, 09 Dec 2022 13:26:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=6022007
x-envoy-upstream-service-time: 7
accept-ranges: bytes
content-length: 2417
x-ua-compatible: IE=edge

GET
H2 200 toolbarButton-viewThumbnail.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 185 B
405 B 185ms
182ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/toolbarButton-viewThumbnail.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

32170f852e6761cbbcfbb87175bfd6d84ed73823def767b1a7bdd058c6a3030a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Thu, 04 May 2023 14:05:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=5495262
x-envoy-upstream-service-time: 4
accept-ranges: bytes
x-s: WIN-QVFMOQU9E50
content-length: 185
x-ua-compatible: IE=edge

GET
H2 200 toolbarButton-viewOutline.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 178 B
397 B 127ms
123ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/toolbarButton-viewOutline.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f4bf8e4b3ddd92edaa4f3d39da434aa55ca52f487964cfe139242a29cfb596bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Fri, 02 Jun 2023 00:37:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=4696818
x-envoy-upstream-service-time: 5
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 178
x-ua-compatible: IE=edge

GET
H2 200 toolbarButton-viewAttachments.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 384 B
603 B 123ms
120ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/toolbarButton-viewAttachments.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0bce5882a5b8caabd453fcc98c3d017f5663c845f50a00dcc78df854248b7d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Wed, 19 Jul 2023 01:24:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=4498050
x-envoy-upstream-service-time: 5
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 384
x-ua-compatible: IE=edge

GET
H2 200 toolbarButton-zoomOut.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 88 B
287 B 121ms
119ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/toolbarButton-zoomOut.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bea530f1ac565fe3b95be3d4599508b9947fa6ef50114bc33216802342ff5187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Fri, 09 Dec 2022 13:26:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=6022007
x-envoy-upstream-service-time: 5
accept-ranges: bytes
content-length: 88
x-ua-compatible: IE=edge

GET
H2 200 toolbarButton-zoomIn.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 136 B
311 B 121ms
119ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/toolbarButton-zoomIn.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1f18129857ba039238716c12d5dab4e23e30ff73e3e4d217cf7b65bc058fb22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Fri, 03 Jun 2022 13:39:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=5894487
accept-ranges: bytes
content-length: 136
x-ua-compatible: IE=edge

GET
H2 200 toolbarButton-print.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 257 B
476 B 138ms
136ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/toolbarButton-print.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f09068d019819fca961f6f1fbe02a267a83186e8a503857291b75c9360c63433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Thu, 08 Jun 2023 16:07:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=6022007
x-envoy-upstream-service-time: 6
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 257
x-ua-compatible: IE=edge

GET
H2 200 toolbarButton-download.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 259 B
461 B 147ms
146ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/toolbarButton-download.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6f44f96517c6ced760ede55714c5e7e1e259783974fcba750f53880a932ecd50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Sun, 12 Feb 2023 22:52:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=4696799
x-envoy-upstream-service-time: 593
accept-ranges: bytes
content-length: 259
x-ua-compatible: IE=edge

GET
H2 200 locale.properties Show response
in.xero.com/Resources/PdfViewer/Web/locale/ Frame 24D1 5 KB
1 KB 118ms
118ms XHR
text/plain 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/PdfViewer/Web/locale/locale.properties

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

295c2331b9b19a7dea3f754ef3ee66eff542edd8202b6a452573713c6f6dbe61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQ8BU1ZRDBAFVlNXBggPUlU=
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
tracestate: 2990187@nr=0-1-1962024-780617245-446cf50a97251c12----1699894783128
traceparent: 00-3b1c25fb8933e22047d23085e099ac00-446cf50a97251c12-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6Ijc4MDYxNzI0NSIsImlkIjoiNDQ2Y2Y1MGE5NzI1MWMxMiIsInRyIjoiM2IxYzI1ZmI4OTMzZTIyMDQ3ZDIzMDg1ZTA5OWFjMDAiLCJ0aSI6MTY5OTg5NDc4MzEyOCwidGsiOiIyOTkwMTg3In19

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Fri, 03 Jun 2022 13:39:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain
cache-control: max-age=28456824
accept-ranges: bytes
content-length: 686
x-ua-compatible: IE=edge

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 211ms
211ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783316576
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1699894783316244
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
275 B 218ms
217ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783317977
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 14
x-stripe-client-envoy-start-time-us: 1699894783317371
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 207ms
207ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783322040
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699894783321774
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 257ms
257ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783371901
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699894783370883
access-control-allow-credentials: true
content-length: 0

GET
H2 200 viewer.properties Show response
in.xero.com/Resources/PdfViewer/Web/locale/en-US/ Frame 24D1 8 KB
3 KB 66ms
66ms XHR
text/plain 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/PdfViewer/Web/locale/en-US/viewer.properties

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

82b88456d942937c40149588225a0b7bc90b8bbdda440711e24d7acd5cddcc14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQ8BU1ZRDBAFVlNXBggPUlU=
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
tracestate: 2990187@nr=0-1-1962024-780617245-f63ca0cb1b37f3a8----1699894783250
traceparent: 00-50ab826e58814a001324a43a21c2b800-f63ca0cb1b37f3a8-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6Ijc4MDYxNzI0NSIsImlkIjoiZjYzY2EwY2IxYjM3ZjNhOCIsInRyIjoiNTBhYjgyNmU1ODgxNGEwMDEzMjRhNDNhMjFjMmI4MDAiLCJ0aSI6MTY5OTg5NDc4MzI1MCwidGsiOiIyOTkwMTg3In19

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Fri, 09 Dec 2022 13:26:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain
cache-control: max-age=28354668
x-envoy-upstream-service-time: 9
accept-ranges: bytes
content-length: 2604
x-ua-compatible: IE=edge

GET
H2 200 nr-spa-1.246.1.min.js Show response
js-agent.newrelic.com/ Frame 24D1 86 KB
29 KB 170ms
52ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.246.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ef22ef08df2e0a1183eb6c0652641745892a6e6100289caca8d1a8da173d197

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: YYfIXhQaf2yM3tlTfH7xiASp7e7IUG9W
content-encoding: br
via: 1.1 varnish
date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=300
x-amz-request-id: AVPVYCQ2YBN2BHHB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 28993
x-amz-id-2: ERzE38I0o0uowHoj6keIzhlf1RMbWajsl76daKCeJ7d7ps014z892o2hF0c+dPTGonv2JyARJfg=
x-served-by: cache-fra-etou8220072-FRA
last-modified: Tue, 31 Oct 2023 15:33:55 GMT
server: AmazonS3
x-timer: S1699894783.461880,VS0,VE0
etag: "fe135b6e7222948159657c8cf35dedab"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 494349

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLG... Frame 788D 73 KB
27 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjtqKczxZtsB4bexUUuNhQczOW2qw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri6SV2ufDDxlUxTHYuOrR7exl8RAQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5995b48b00fce74948c12f26a61f4d1b85c7c2a46ea6529bea9da3bde4f001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 17:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27316
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 17:37:58 GMT

GET
H2 200 pdf.worker.js
in.xero.com/Resources/PdfViewer/build/ Frame 24D1 1 MB
279 KB 66ms
65ms Other
application/javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/Resources/PdfViewer/build/pdf.worker.js

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

df1399a32341437ed4ecc8a24acc93b77a973502182987dcc8081c21197b8ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Thu, 02 Feb 2023 03:34:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=4696721
x-envoy-upstream-service-time: 8
accept-ranges: bytes
content-length: 285430
x-ua-compatible: IE=edge

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 788D 1 MB
374 KB 114ms
113ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c74ecd68961069f30438551a8e2af0d4de726eeb8821b45528ec77056addf094

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zjDV_WiHSxzgZoFexZoWqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zjDV_WiHSxzgZoFexZoWqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 13 Nov 2023 16:59:43 GMT

GET
H2 200 nr-spa-1.246.1.min.js Show response
js-agent.newrelic.com/ 86 KB
28 KB 80ms
52ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.246.1.min.js

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ef22ef08df2e0a1183eb6c0652641745892a6e6100289caca8d1a8da173d197

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: YYfIXhQaf2yM3tlTfH7xiASp7e7IUG9W
content-encoding: br
via: 1.1 varnish
date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=300
x-amz-request-id: AVPVYCQ2YBN2BHHB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 28993
x-amz-id-2: ERzE38I0o0uowHoj6keIzhlf1RMbWajsl76daKCeJ7d7ps014z892o2hF0c+dPTGonv2JyARJfg=
x-served-by: cache-fra-etou8220072-FRA
last-modified: Tue, 31 Oct 2023 15:33:55 GMT
server: AmazonS3
x-timer: S1699894783.461916,VS0,VE0
etag: "fe135b6e7222948159657c8cf35dedab"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 494350

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLG... Frame 788D 9 KB
4 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjtqKczxZtsB4bexUUuNhQczOW2qw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5596dabef7968e5a623e25636c4e6650eab10c47f45d968cb7f8b79abee2435e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3730
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:30:10 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLG... Frame 788D 37 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VeyDxYylUdM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjtqKczxZtsB4bexUUuNhQczOW2qw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29e79e866219a34d4406c17ac289e8724276953f2f5b2025beeab9c02e73357f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 17:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14182
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 17:37:58 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 207ms
86ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 13 Nov 2023 16:59:43 GMT
expires: Mon, 13 Nov 2023 16:59:43 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 788D 131 B
155 B 212ms
101ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 16:59:43 GMT

POST
H3 200 log Show response
play.google.com/ Frame 788D 131 B
155 B 213ms
100ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 16:59:43 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 204ms
85ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 13 Nov 2023 16:59:43 GMT
expires: Mon, 13 Nov 2023 16:59:43 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 788D 131 B
155 B 214ms
102ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 16:59:43 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 203ms
86ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 13 Nov 2023 16:59:43 GMT
expires: Mon, 13 Nov 2023 16:59:43 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 788D 131 B
155 B 214ms
102ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 16:59:43 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 200ms
86ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 13 Nov 2023 16:59:43 GMT
expires: Mon, 13 Nov 2023 16:59:43 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 788D 131 B
155 B 225ms
114ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 16:59:43 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 199ms
86ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 13 Nov 2023 16:59:43 GMT
expires: Mon, 13 Nov 2023 16:59:43 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 207ms
206ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783533004
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699894783532804
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 788D 131 B
155 B 236ms
125ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 16:59:43 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 192ms
87ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 13 Nov 2023 16:59:43 GMT
expires: Mon, 13 Nov 2023 16:59:43 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 209ms
209ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783539795
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699894783539182
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 208ms
208ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783539485
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699894783539272
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 212ms
212ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783575383
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699894783575176
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 211ms
211ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783575754
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699894783575208
access-control-allow-credentials: true
content-length: 0

POST
H2 200 OnlineInvoiceEventCapture Show response
in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Payments/ 16 B
215 B 302ms
301ms XHR
application/x-javascript 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Payments/OnlineInvoiceEventCapture

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQ8BU1ZRDBAFVlNXBggPUlU=
tracestate: 2990187@nr=0-1-1962024-780617245-63a9c45b926d570b----1699894783463
traceparent: 00-7df24f38f2684d245c4d285429a6e300-63a9c45b926d570b-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6Ijc4MDYxNzI0NSIsImlkIjoiNjNhOWM0NWI5MjZkNTcwYiIsInRyIjoiN2RmMjRmMzhmMjY4NGQyNDVjNGQyODU0MjlhNmUzMDAiLCJ0aSI6MTY5OTg5NDc4MzQ2MywidGsiOiIyOTkwMTg3In19
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
X-Requested-With: XMLHttpRequest
X-CSRFToken: 7pykJ6ckuj8dO7z8PBRzlk1BFGHNe2JM_SJKIn2RIBRmF56KtS4jMIT2OE1OicMrheScUsGsNrshSBjCPLcEtQGjBT6tn5RxUo-e9loOsCgAmveT0

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: private, max-age=0
x-envoy-upstream-service-time: 104
x-s: EC2AMAZ-N3CF9O8
content-length: 16
x-ua-compatible: IE=edge

GET
H2 200 cbe8aa9896aff1659c8708ca34f30a03.svg
in.xero.com/Resources/build/ 3 KB
1 KB 199ms
198ms Image
image/svg+xml 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/build/cbe8aa9896aff1659c8708ca34f30a03.svg

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/build/a32c39c411e3eefe9c2c---resources--styles--invoice_base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

195f820292b5e1a2c93cb0887452d4ae81e53be9d08c1bfb3874ed9ecc0261e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/build/a32c39c411e3eefe9c2c---resources--styles--invoice_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Tue, 24 Oct 2023 04:56:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-envoy-upstream-service-time: 5
accept-ranges: bytes
x-s: EC2AMAZ-VAK0LAO
content-length: 767
x-ua-compatible: IE=edge

GET
H2 200 6fcc166c9dea56997b19dc41e6c13fb7.svg
in.xero.com/Resources/build/ 5 KB
1 KB 219ms
218ms Image
image/svg+xml 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/build/6fcc166c9dea56997b19dc41e6c13fb7.svg

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/build/a32c39c411e3eefe9c2c---resources--styles--invoice_base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

679db6b48866fe64ecfcbc6ed147274e296b855777d9cdf8eba7110635888ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/build/a32c39c411e3eefe9c2c---resources--styles--invoice_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 13 Nov 2023 16:59:43 GMT
last-modified: Tue, 24 Oct 2023 04:56:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-envoy-upstream-service-time: 130
accept-ranges: bytes
x-s: EC2AMAZ-VAK0LAO
content-length: 1170
x-ua-compatible: IE=edge

GET
H2 200 button Show response
www.paypal.com/smart/ Frame 20D2 60 KB
14 KB 322ms
321ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/button?env=production&style.label=paypal&style.layout=vertical&style.size=responsive&style.shape=rect&style.color=white&style.tagline=false&funding.disallowed=credit%2Ccard%2Cvenmo&domain=in.xero.com&sessionID=uid_f4277213a0_mty6ntk6ndi&buttonSessionID=uid_6d7c95bbc9_mty6ntk6ndm&renderedButtons=paypal&storageID=uid_9fbafbe8be_mty6ntk6ndi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=f4593a88cb&version=4&xcomponent=1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b25b519a787670aded3d9c2e69636d4d16971de672f98cdba9ab3add73e4bc3

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://in.xero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 16:59:43 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f38155381e7e1
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f38155381e7e1-14ef80e485d79105-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f38155381e7e1-beb532e18b2195dd-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230115-FRA, cache-fra-eddf8230115-FRA
x-timer: S1699894784.544390,VS0,VE266
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 15DC 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 15DC 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 0 Show response
r.stripe.com/ Frame EEDA 0
274 B 206ms
206ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c575c7a277a567f4e3576ad3c584d4d6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 13 Nov 2023 16:59:43 GMT
x-stripe-server-envoy-start-time-us: 1699894783642287
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699894783642090
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 368ms
256ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Access-Control-Request-Method: POST
Origin: https://in.xero.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://in.xero.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 13 Nov 2023 16:59:43 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f3815532ab308
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f3815532ab308-0b2256bb1d2e7833-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA
x-timer: S1699894784.674498,VS0,VE195

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 991 B
2 KB 336ms
334ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

995e52a47828b68afa3b07d327e1b213d3aa2da43f46f13bc7e910a85da4cd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://in.xero.com/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 13 Nov 2023 16:59:44 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f381553878465
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f381553878465-c947698d3d068a09-01
x-timer: S1699894784.987438,VS0,VE225
etag: W/"3df-tWOOCO3+Ka8itKAsH43zPtqvElk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://in.xero.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 2484f936-3924-489f-95ef-af9aedb62950 Show response
in.xero.com//UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Invoice/DownloadPdf/ Frame 24D1 80 KB
80 KB 826ms
825ms Fetch
application/pdf 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in.xero.com//UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG/Invoice/DownloadPdf/2484f936-3924-489f-95ef-af9aedb62950?contentDesposition=inline

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

27ea4da707bce981ec2ae075716e3d9b53a72d4a6391952a2c842efa6dce2a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
tracestate: 2990187@nr=0-1-1962024-780617245-ca7e30b4a52f9582----1699894783546
traceparent: 00-7af79d7567b77e513b8a9695de19ac00-ca7e30b4a52f9582-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMjQiLCJhcCI6Ijc4MDYxNzI0NSIsImlkIjoiY2E3ZTMwYjRhNTJmOTU4MiIsInRyIjoiN2FmNzlkNzU2N2I3N2U1MTNiOGE5Njk1ZGUxOWFjMDAiLCJ0aSI6MTY5OTg5NDc4MzU0NiwidGsiOiIyOTkwMTg3In19

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/pdf
cache-control: private, max-age=0
x-envoy-upstream-service-time: 427
content-disposition: inline;filename="Invoice INV-9350.pdf"
x-s: EC2AMAZ-N3CF9O8
x-robots-tag: noindex
content-length: 81823
x-ua-compatible: IE=edge

POST
H/1.1 200 bd61b676be Show response
bam.nr-data.net/1/ Frame 24D1 40 B
399 B 658ms
481ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/bd61b676be?a=522519841&v=1.246.1&to=NAZaYEMAX0BYAkNcVg1MbUZYTmNWSg5CR1oGEBdkVQdnWlwWUkcWNAZaG0cIVERcExldTQ4P&rst=1144&ck=0&s=d483447ffc3e40df&ref=https://in.xero.com/Resources/PdfViewer/Web/viewer.html&af=err,xhr,stn,ins,spa&ap=1&be=591&fe=306&dc=118&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1699894782420,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:591,%22rpe%22:595,%22di%22:704,%22ds%22:704,%22de%22:709,%22dc%22:895,%22l%22:895,%22le%22:897%7D,%22navigation%22:%7B%7D%7D&fp=714&fcp=833
Requested by: Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer: https://in.xero.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 13 Nov 2023 16:59:44 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://in.xero.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-etou8220074-FRA

POST
H2 200 6 Show response
m.stripe.com/ Frame 032F 156 B
670 B 211ms
211ms XHR
application/json 44.239.145.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.145.201 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-145-201.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fed238fa454c45d6e53130065931c04b897067212168107da176d23873376190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783686625
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699894783686308
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 032F 156 B
670 B 259ms
259ms XHR
application/json 44.239.145.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.145.201 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-145-201.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fed238fa454c45d6e53130065931c04b897067212168107da176d23873376190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 13 Nov 2023 16:59:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699894783736256
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699894783735784
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H/1.1 200 bd61b676be Show response
bam.nr-data.net/1/ 40 B
399 B 615ms
451ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/bd61b676be?a=522519841&v=1.246.1&to=NAZaYEMAX0BYAkNcVg1MdWJyTnhdTw5eVlwgDFZAQw5dX1wTGGNQBhQ%3D&rst=12364&ck=0&s=d483447ffc3e40df&ref=https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG&af=err,xhr,stn,ins,spa&ap=277&be=10564&fe=1630&dc=610&fsh=0&perf=%7B%22timing%22:%7B%22of%22:1699894771214,%22n%22:0,%22f%22:9246,%22dn%22:9336,%22dne%22:9336,%22c%22:9336,%22s%22:9388,%22ce%22:9856,%22rq%22:9856,%22rp%22:10564,%22rpe%22:10618,%22di%22:11170,%22ds%22:11170,%22de%22:11174,%22dc%22:12191,%22l%22:12192,%22le%22:12194%7D,%22navigation%22:%7B%7D%7D&fp=10898&fcp=10898
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://in.xero.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 13 Nov 2023 16:59:44 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://in.xero.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-etou8220105-FRA

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ Frame 20D2 1 MB
230 KB 53ms
52ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.label=paypal&style.layout=vertical&style.size=responsive&style.shape=rect&style.color=white&style.tagline=false&funding.disallowed=credit%2Ccard%2Cvenmo&domain=in.xero.com&sessionID=uid_f4277213a0_mty6ntk6ndi&buttonSessionID=uid_6d7c95bbc9_mty6ntk6ndm&renderedButtons=paypal&storageID=uid_9fbafbe8be_mty6ntk6ndi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=f4593a88cb&version=4&xcomponent=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D06) /

Resource Hash

3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e908ca6ac98e5
dc: ccg11-origin-www-1.paypal.com
content-length: 235351
last-modified: Wed, 24 May 2023 16:43:28 GMT
server: ECAcc (frc/4D06)
traceparent: 00-0000000000000000000e908ca6ac98e5-afb7380ea1cd3d43-01
etag: "646e3eb0-16d204+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Tue, 14 Nov 2023 16:59:43 GMT

GET
H2 200 button.js Show response
www.paypalobjects.com/api/xo/ Frame 20D2 446 KB
75 KB 56ms
55ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/xo/button.js?date=2023-10-13

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

70c166c46fe4bb17c3c4d649c6bf36a680b1d913af0bbb7b678f7d34626b3222

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 03e7c06844f37
dc: ccg11-origin-www-1.paypal.com
content-length: 77071
last-modified: Tue, 19 Sep 2023 16:29:24 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-000000000000000000003e7c06844f37-aa54d9381e454bc7-01
etag: "6509cc64-6f979+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 14 Nov 2023 16:59:43 GMT

GET
DATA 200
OK truncated
/ Frame 20D2 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 20D2 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 funding Show response
www.paypal.com/smart/api/button/ Frame 20D2 563 B
2 KB 354ms
354ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/api/button/funding?buttonLabel=paypal&buttonSessionID=uid_6d7c95bbc9_mty6ntk6ndm&country=US&disallowed=credit%2Ccard%2Cvenmo&domain=in.xero.com&lang=en&renderedButtons=paypal

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-10-13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

abc97694e09bdba8b061566bd6c3384d67b2a151710e10056147e118d1be5b88

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
x-requested-by: smart-payment-buttons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
x-csrf-jwt: __blank__
Accept: application/json
Referer: https://www.paypal.com/smart/button?env=production&style.label=paypal&style.layout=vertical&style.size=responsive&style.shape=rect&style.color=white&style.tagline=false&funding.disallowed=credit%2Ccard%2Cvenmo&domain=in.xero.com&sessionID=uid_f4277213a0_mty6ntk6ndi&buttonSessionID=uid_6d7c95bbc9_mty6ntk6ndm&renderedButtons=paypal&storageID=uid_9fbafbe8be_mty6ntk6ndi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=f4593a88cb&version=4&xcomponent=1
X-Requested-With: XMLHttpRequest
x-cookies: {}

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 16:59:44 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f381553379b17
server-timing: "traceparent;desc="00-0000000000000000000f381553379b17-cfff9a19ab34579d-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230115-FRA, cache-fra-eddf8230115-FRA
pragma: no-cache
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f381553379b17-e63ca61527595010-01
x-timer: S1699894784.034818,VS0,VE298
etag: W/"233-mZbSCiCR6TyvRPWuFlj6nDdnu/Q"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-csrf-jwt: __blank__
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 20D2 1015 B
2 KB 237ms
237ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e333e05dc2182b8bf003ba53ed76f98b27d90be03d308a2f4dde45039e5dd6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://www.paypal.com/smart/button?env=production&style.label=paypal&style.layout=vertical&style.size=responsive&style.shape=rect&style.color=white&style.tagline=false&funding.disallowed=credit%2Ccard%2Cvenmo&domain=in.xero.com&sessionID=uid_f4277213a0_mty6ntk6ndi&buttonSessionID=uid_6d7c95bbc9_mty6ntk6ndm&renderedButtons=paypal&storageID=uid_9fbafbe8be_mty6ntk6ndi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=f4593a88cb&version=4&xcomponent=1
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 13 Nov 2023 16:59:44 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f381553e6207f
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230115-FRA, cache-fra-eddf8230115-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f381553e6207f-44f1ecd92815b826-01
x-timer: S1699894784.045966,VS0,VE180
etag: W/"3f7-V0GMcthJaDvUuw9OtNHdssO/zM8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H/1.1 200 bd61b676be Show response
bam.nr-data.net/resources/1/ Frame 24D1 36 B
346 B 268ms
268ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/bd61b676be?a=522519841&v=1.246.1&to=NAZaYEMAX0BYAkNcVg1MbUZYTmNWSg5CR1oGEBdkVQdnWlwWUkcWNAZaG0cIVERcExldTQ4P&rst=1809&ck=0&s=d483447ffc3e40df&ref=https://in.xero.com/Resources/PdfViewer/Web/viewer.html&st=1699894782420&hr=0&fts=1699894782420&n=26&fsh=1
Requested by: Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7ef910804e5ee228a07e9b789773cef2332ec4ea42fe0d7dcdb4f18d7366f0b4

Request headers

Referer: https://in.xero.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 13 Nov 2023 16:59:44 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://in.xero.com
access-control-allow-credentials: true
Connection: close
Content-Length: 36
x-served-by: cache-fra-etou8220074-FRA

POST
H/1.1 200 bd61b676be Show response
bam.nr-data.net/events/1/ Frame 24D1 24 B
338 B 156ms
155ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/bd61b676be?a=522519841&v=1.246.1&to=NAZaYEMAX0BYAkNcVg1MbUZYTmNWSg5CR1oGEBdkVQdnWlwWUkcWNAZaG0cIVERcExldTQ4P&rst=1957&ck=0&s=d483447ffc3e40df&ref=https://in.xero.com/Resources/PdfViewer/Web/viewer.html
Requested by: Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.html?file=https%3A%2F%2Fin.xero.com%2F%2FUIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG%2FInvoice%2FDownloadPdf%2F2484f936-3924-489f-95ef-af9aedb62950%3FcontentDesposition%3Dinline
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://in.xero.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 13 Nov 2023 16:59:44 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://in.xero.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-etou8220105-FRA

POST
H/1.1 200 bd61b676be Show response
bam.nr-data.net/events/1/ 24 B
338 B 172ms
158ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/bd61b676be?a=522519841&v=1.246.1&to=NAZaYEMAX0BYAkNcVg1MdWJyTnhdTw5eVlwgDFZAQw5dX1wTGGNQBhQ%3D&rst=13304&ck=0&s=d483447ffc3e40df&ref=https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG
Requested by: Host: in.xero.com
URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://in.xero.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 13 Nov 2023 16:59:44 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://in.xero.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-etou8220105-FRA

GET
H2 200 shadow.png
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 290 B
508 B 78ms
78ms Image
image/png 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/shadow.png

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a9c6fb05ccd9fea5e3aaea84933b182ceca88fc66142544fd0476b387a39f722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:44 GMT
last-modified: Thu, 07 Sep 2023 23:54:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=5894504
x-envoy-upstream-service-time: 5
accept-ranges: bytes
x-s: EC2AMAZ-0ORE1CG
content-length: 290
x-ua-compatible: IE=edge

GET
H2 200 loading-icon.gif
in.xero.com/Resources/PdfViewer/Web/images/ Frame 24D1 2 KB
3 KB 77ms
77ms Image
image/gif 2.19.224.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://in.xero.com/Resources/PdfViewer/Web/images/loading-icon.gif

Requested by

Host: in.xero.com
URL: https://in.xero.com/Resources/PdfViewer/Web/viewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-185.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://in.xero.com/Resources/PdfViewer/Web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 16:59:44 GMT
last-modified: Thu, 20 Apr 2023 15:16:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=4703730
x-envoy-upstream-service-time: 287
accept-ranges: bytes
x-s: WIN-QVFMOQU9E50
content-length: 2545
x-ua-compatible: IE=edge

GET
BLOB 200
OK 683019e7-0b86-4a3f-bbfe-a00e7a8df002
https://in.xero.com/ Frame 24D1 8 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://in.xero.com/683019e7-0b86-4a3f-bbfe-a00e7a8df002
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95029fb4d0d2f75eec3b6b6fc2e86db800c0fdba76da2de045d87281460709da

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 8465
Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 24D1 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
in.xero.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 1t_ypTnUFibQFMkBEx8uwT2_swjESSNvacM-H_CjpegVTxrRdFQzQGVvBNUNrWQORpbIXlds59-c5pKOtPSEiqXGkd01
.xero.com/	1970-01-21 00:57:10	Name: _abck Value: 6CD818054983B4FB5C712DF863012771~-1~YAAQLdU+F66ijMOLAQAAOuefyQp+FwU2xNOZmN3NNtqSE3U+hj7AsxjKtoXBQg2EPnxmLRLnBpJGGrHepHjnC26dNRGYViPMSvw2wgq0O+Hmcmp3onsfr1kyWl+ChWODP4OqcpFQP38rNUSsmeWk3xhJVfEQ50wJFpD3KGxVMIBEIUfNSzfAaOvHR9rXBZAqswSRLpSKvekiTy7qnXM9K+uX0SAXQVetDm6/nizmbnOk9QcPap6TilQcnyNMiHZ79TOSY2u3Xw5mIPypAFXQERI/SJqBDcyVA7UWr3vIDnziaTaQ6NSfmoZXEuIRmhqT9Sb9mZYN4Lg6fA9lZcKyyzzwPf/+GmR+nFxFIDuxAmf4/h9caQ+JD8nQ~-1~-1~1699898342
.xero.com/	1970-01-20 16:11:41	Name: ak_bmsc Value: 2D0AB51B21C68515A6A9173237C31B0C~000000000000000000000000000000~YAAQLdU+F6+ijMOLAQAAOuefyRW+/kUx0U0KP8o3Vr/Ziu5MhJdK2E2lu3h6o5x0pzeDD+4GLT5grbo2NwIXeic46SG+3AHMbSWJwPLQUZCU1c/KrXsTJLsXidDxFwT5J9/+b8l7Lvfxy1yQVIY39ejN4glO87TK4JbWc77hdTbWWmR4yOdqn8sG15Z0zkjC086W9pulO+wO9WsnnWbR7G+COOw6iHkNTWxALtpELuEZ/WnfEFEdEX2x4FDcd74DswkqsUzEmI72QACKnM4dlJIHEokKtnRKyItiF4uCMr02tH2Z7wcGxYL0jhk9ysBTIoEPHGSErhjQZeERMeZrFAquKFWs5upnVZpxRqFMDte2wD1lqhSZNv4HbSqPRda0NMkEUtAPPqE=
.xero.com/	1970-01-20 16:11:49	Name: bm_sz Value: 9EFE08C67B9E3015B633A7C6D31532F1~YAAQLdU+F7CijMOLAQAAOuefyRX2JdotbZhhaOatiRtrdQT8KT+EDAoa2YWhayQ2uyc1YR1Xo/Qy+EgmsVvga3XTPD2SxcCNoqnxYgjVBeOBVkcuCiwjy1iQKO3uQn2FBWcHi3tnHzcFk5/GOxddw+NdXsI9kLidEbtDm/uEXuKJe9rPvfy9UWkD/6vYMucU9+svinnXtDm7xP9C4Uo8ajPrTSucVbRnI9LJ+PddFUnaHvGZF7w141ypb3EWEwMxIgrlJjd1QUTcs18WmdQ19j+fqvFLFfMAsVqtBCxi0HWD~4408371~3223617
.xero.com/	1970-01-21 01:47:34	Name: _mkto_trk Value: id:109-RSD-113&token:_mch-xero.com-1699894782441-91586
.xero.com/	1970-01-21 00:57:10	Name: ajs_user_id Value: null
.xero.com/	1970-01-21 00:57:10	Name: ajs_group_id Value: null
in.xero.com/	1970-01-21 00:57:10	Name: mp_1466cf649c0a9e7b62cec7d45412e25e_mixpanel Value: %7B%22distinct_id%22%3A%20%2218bc99feaf2797-073656d52d94c-66385e53-1d4c00-18bc99feaf3e8e%22%2C%22utm_source%22%3A%20%22invoiceEmailPayNowButton%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.google.com/	1970-01-20 20:35:05	Name: NID Value: 511=nO8irmubySuyP8kPcPvAVx0fGWSFvvGS6u6Idfkk9NIYhaV_ZlZMujVLDTzhgle3qqyVv7JKm-WsVD9EDUNivRrgI_coJyJ7jI9voEegVqhhmFtGtvF0WvjGSIXyA9gTCQ7xj-r8QX0SnZCfJFR4I8dOMqUH35CLQblK7CXD9j4
.xero.com/	1970-01-20 16:11:41	Name: bm_sv Value: B24D5E29A990190AB6688FBBDB65D873~YAAQLdU+F+qijMOLAQAAPO2fyRWP8BYKTTpVVyXXRR1pQ1sh56kBqRocpKb1g30OwGtvoDWrmI3i9e5ZXO86K4RdqI2hJGQyXX+lFGxf2IdrhEkWM1oPdGyfngCWpXNAdiRqHfNGpokK/p/4nIyi4sx4OozZyzoO8pf5PPFLjuV/Xlt+WxTF0BzsdlQCkTBd3zANjruKSmBia42WgNv1IOTMUsI2TdIXHJHklPdD5+aknIkTVQchAvYgXZKJ6A==~1
m.stripe.com/	1970-01-21 01:47:34	Name: m Value: c6cfcd3d-602e-4434-8059-649881ed77deb5a74b
.in.xero.com/	1970-01-21 00:57:10	Name: __stripe_mid Value: 69cfece4-81d8-4364-9f2b-1c24ff1dded8be6a67
.in.xero.com/	1970-01-20 16:11:36	Name: __stripe_sid Value: 1ddb46dd-b7d0-44f7-b94d-effd6bc8700f07985b
.paypal.com/	1970-01-20 16:12:06	Name: LANG Value: en_GB%3BGB
.paypal.com/	1970-01-20 16:11:36	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 00:57:10	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 16:15:53	Name: tsrce Value: checkoutjs
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY5OTg5NDc4NDE1MCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-21 01:47:34	Name: ts Value: vreXpYrS%3D1794589184%26vteXpYrS%3D1699896584%26vr%3Dc99ff07518b0a551c048c0f0ff75389b%26vt%3Dc99ff07518b0a551c048c0f0ff75389a%26vtyp%3Dnew
.paypal.com/	1970-01-21 01:47:34	Name: ts_c Value: vr%3Dc99ff07518b0a551c048c0f0ff75389b%26vt%3Dc99ff07518b0a551c048c0f0ff75389a

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton(Line 7) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton(Line 7) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton(Line 7) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton(Line 7) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://in.xero.com/UIMflzHlUSlkpE1UFBaO43V0IUyUS86txHCfr3GG?utm_source=invoiceEmailPayNowButton(Line 7) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
worker	info	URL: https://in.xero.com/Resources/PdfViewer/build/pdf.worker.js(Line 341) Message: Warning: TT: undefined function: 32

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

109-rsd-113.mktoresp.com
api.mixpanel.com
bam.nr-data.net
edge.xero.com
in.xero.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
munchkin.marketo.net
pay.google.com
play.google.com
product-analytics-bff.xero.com
protect-eu.mimecast.com
q.stripe.com
r.stripe.com
static.xero.com
t.paypal.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
151.101.128.176
151.101.129.21
151.101.2.137
151.101.65.35
162.247.243.29
192.229.221.25
199.15.214.243
2.19.224.185
2.19.225.77
2600:9000:206f:fc00:19:7d10:bd80:93a1
2a00:1450:4001:806::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::5c
35.186.241.51
44.239.145.201
52.30.58.64
54.187.119.242
88.221.60.75
91.220.42.63
05bbf566b931c2301f3b5cbe6b0b05a2ce01a3092807069b3fa0170c619bcc51
061c731a7b470a6d6458931158b08fe7176e7f61b93bf38d96a546939d94e148
0b25b519a787670aded3d9c2e69636d4d16971de672f98cdba9ab3add73e4bc3
0bce5882a5b8caabd453fcc98c3d017f5663c845f50a00dcc78df854248b7d20
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
13101fb8fe32be9c27da9ec31573170e5074af0ba1d25e30166ccf35e86840cf
14cbed92115cd085564f02510b53de60bf59bb48f1ccdec03fa4831ea9eec049
15ebb4ab92fa45eee4e8d930c6a2637c81c4837dabb620f5d35ecd98aff0f2d1
161fb247ede7ecb867d864863b8e3de3a93daae6286fce1ab7c3700f55112c9e
195f820292b5e1a2c93cb0887452d4ae81e53be9d08c1bfb3874ed9ecc0261e2
1abdd1e018db118595e704698480ce223b50544c69bd1ef55472fc8027cfb9d5
1ef62cf4316036f992144a105da24c8a62e7067ac4f51e263a003854e81074b5
1f18129857ba039238716c12d5dab4e23e30ff73e3e4d217cf7b65bc058fb22c
1fb8d3f69fe8ece47793a46f98e163195d6fde2ad52464e856dd1b2f94a4dd0a
21d1b9b92b8f1d6aaca6997e6449b6f80c9bad859e62befc994be3501cb6e533
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
27ea4da707bce981ec2ae075716e3d9b53a72d4a6391952a2c842efa6dce2a2a
295c2331b9b19a7dea3f754ef3ee66eff542edd8202b6a452573713c6f6dbe61
29e79e866219a34d4406c17ac289e8724276953f2f5b2025beeab9c02e73357f
2c829a38fcb316e004b295d2ae7528c27d821a4e3fe7b797ff715078479a2106
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
32170f852e6761cbbcfbb87175bfd6d84ed73823def767b1a7bdd058c6a3030a
33674c7451576ffb6552e4841976d3ecb2c53bddc5982c197d853fb4ed7feab8
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd
3d5995b48b00fce74948c12f26a61f4d1b85c7c2a46ea6529bea9da3bde4f001
3ef22ef08df2e0a1183eb6c0652641745892a6e6100289caca8d1a8da173d197
42d22ccbbf63e4d56a5acd3076b63c8504f130c2852777f3c5c10cbface471af
47879f1f9fc69e1f6f5f85132da156a494dfc2acba29dd1eececa26897d9fb09
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5596dabef7968e5a623e25636c4e6650eab10c47f45d968cb7f8b79abee2435e
563ec28bfd1c836b097d2ccb17c4bcee4143cd3fbdb12296e8b4599afc7c2ed2
5e07582566d18a91f2cd6df34e8d5913c2bdb333e2df7bf272d5e57556707511
5fa8c6c94367bb8d325d73bee5e30021be78ee37ada658751f707acaf4d66317
679db6b48866fe64ecfcbc6ed147274e296b855777d9cdf8eba7110635888ae5
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f44f96517c6ced760ede55714c5e7e1e259783974fcba750f53880a932ecd50
70c166c46fe4bb17c3c4d649c6bf36a680b1d913af0bbb7b678f7d34626b3222
71e14a7277d0dd446c1af3d3063f44c7034a03efb9aefbddf44a37af38a61054
7dcf122b3c1030b4c6ce56e9c6d37d55fbec08f1c93d5ab6e4de5b6486e0d068
7ef910804e5ee228a07e9b789773cef2332ec4ea42fe0d7dcdb4f18d7366f0b4
82b88456d942937c40149588225a0b7bc90b8bbdda440711e24d7acd5cddcc14
82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95029fb4d0d2f75eec3b6b6fc2e86db800c0fdba76da2de045d87281460709da
97ad5db971366096746a029a6060f3c0b1e478192c8f86e3d81207590afd7dd8
995e52a47828b68afa3b07d327e1b213d3aa2da43f46f13bc7e910a85da4cd7f
9d46b36e16b443e593bc763d2af41d26f567687b2213df72fc35a96902d8ba97
a1dd8d1b8f87c32fba50d82e2c7a1f1e2e042f8131d399da4274669cba517df0
a9c6fb05ccd9fea5e3aaea84933b182ceca88fc66142544fd0476b387a39f722
abc4362efc6bd4d8465c502b0d02913278f94a0ed11be4e66dbc84a2d4978a47
abc97694e09bdba8b061566bd6c3384d67b2a151710e10056147e118d1be5b88
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
b4575143ebf2e1ec1d3ad39f4453690bd4302520eaa718eacc8961713de8af15
b5c708cf49fb722bce9fa5d5871d747dd91e37976abc4b8adc824691686c12bd
b7e490e1d1e1f7730d58c5c6ca1add6aed33448b5aae674743b60563f365ab4a
b8ae94791913bb950eda482c5fea1cf1576758c7ccf7278b0e250d33f96985cf
ba8306a0873b7d847042b86181fca94a7866184d724dcc825d376fad1da914d0
bd13cab116285ae118e49f6276d3d9c083c4448279fb0698f4665a72bc2a4676
bea530f1ac565fe3b95be3d4599508b9947fa6ef50114bc33216802342ff5187
c74ecd68961069f30438551a8e2af0d4de726eeb8821b45528ec77056addf094
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
cc7fbc2ef1ce855af8865ac68cea2a82796a06be279d098f19ab8545ba0b3bde
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
df1399a32341437ed4ecc8a24acc93b77a973502182987dcc8081c21197b8ca2
dfcb5353af46bce3e232fd57dac1ca9580844d10a925741f0ff1e99dcd3982e5
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e333e05dc2182b8bf003ba53ed76f98b27d90be03d308a2f4dde45039e5dd6c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e805975d189ff499df9585e51b116491fcd32794723aebc525fb4fb29a988161
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdfcf3c304ff31aecbd16d423219821f5fa96c24cd50202c3c61975efbb713e
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f09068d019819fca961f6f1fbe02a267a83186e8a503857291b75c9360c63433
f4a557e588f9bee2020d68cef29b7be6914e680ab2fc27d528dcd6b0be1f751f
f4bf8e4b3ddd92edaa4f3d39da434aa55ca52f487964cfe139242a29cfb596bf
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
fed238fa454c45d6e53130065931c04b897067212168107da176d23873376190

in.xero.com Open in urlscan Pro 2.19.224.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

99 %HTTPS

25 %IPv6

14 Domains

23 Subdomains

20 IPs

5 Countries

3096 kBTransfer

12970 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

in.xero.com Open in urlscan Pro
2.19.224.185 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

99 %
HTTPS

25 %
IPv6

14
Domains

23
Subdomains

20
IPs

5
Countries

3096 kB
Transfer

12970 kB
Size

20
Cookies

132 HTTP transactions
5 data transactions