www.xoom.com Open in urlscan Pro
151.101.193.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xoom.com/
Submission: On May 09 via manual (May 9th 2023, 2:13:25 pm UTC) from IN — Scanned from DE

Summary HTTP 57 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 57 HTTP transactions. The main IP is 151.101.193.21, located in United States and belongs to FASTLY, US. The main domain is www.xoom.com. The Cisco Umbrella rank of the primary domain is 53095.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 19th 2023. Valid for: a year.

This is the only time www.xoom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
25	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
10	2600:9000:225... 2600:9000:225e:1000:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
6	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	54.71.146.145 54.71.146.145	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
4	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
57	12

1 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.xoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:225e:1000:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.71.146.145 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-146-145.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.xoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

postcollector.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2265	357 KB
10	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3451	15 KB
6	paypal.com www.paypal.com — Cisco Umbrella Rank: 2289 postcollector.paypal.com — Cisco Umbrella Rank: 332378	9 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 1613	73 KB
3	xoom.com www.xoom.com — Cisco Umbrella Rank: 53095 t.xoom.com — Cisco Umbrella Rank: 378136	64 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	46 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	185 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 179	16 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1143	172 B
0	cloudfront.net Failed d1wnclalxop6x4.cloudfront.net Failed
57	10

	Domain	Requested by
25	www.paypalobjects.com	www.xoom.com www.paypalobjects.com
10	images.ctfassets.net	www.xoom.com
6	cdn.segment.com	www.paypalobjects.com cdn.segment.com
4	postcollector.paypal.com	www.paypalobjects.com
2	t.xoom.com	www.xoom.com
2	connect.facebook.net	www.paypalobjects.com
2	www.paypal.com	www.paypalobjects.com
1	www.facebook.com	www.xoom.com
1	www.googleadservices.com	www.paypalobjects.com
1	api.segment.io	cdn.segment.com
1	www.xoom.com
0	d1wnclalxop6x4.cloudfront.net Failed	cdn.segment.com
57	12

This site contains links to these domains. Also see Links.

Domain
help.xoom.com
www.paypal.com
control.kochava.com

Subject Issuer	Validity	Valid
www.xoom.com DigiCert SHA2 Extended Validation Server CA	`2023-01-19` - `2024-02-19`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
images.ctfassets.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-16`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-15` - `2023-05-16`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.xoom.com/
Frame ID: 1E4E7BE899EB3778DA4384EEBC4A0318
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Geld online senden | Xoom, ein Service von PayPal

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

57
Requests

96 %
HTTPS

27 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

579 kB
Transfer

1612 kB
Size

28
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://help.xoom.com/s/?language=de-DE
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://help.xoom.com/s/contactsupport
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://help.xoom.com/?language=de_DE
Title: Besuchen Sie unser Hilfe-Center

Search URL Search Domain Scan URL

URL: https://help.xoom.com/s/contactsupport?language=de_DE
Title: Schreiben Sie uns

Search URL Search Domain Scan URL

URL: https://help.xoom.com/s/article/xoom-basics?language=de_DE
Title: So geht's

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/ua/privacy-full
Title: Datenschutz (USA)

Search URL Search Domain Scan URL

URL: https://www.paypal.com/uk/smarthelp/complaints
Title: Beschwerden (UK)

Search URL Search Domain Scan URL

URL: https://control.kochava.com/v1/cpi/click?_rt=App-Xoom-Internal-Android-EN&campaign_id=koxoom-prod----android56b4c695435219dd306befd0bf&network_id=4045&device_id=device_id&site_id=1
Title: Android-App auf Google Play

Search URL Search Domain Scan URL

URL: https://control.kochava.com/v1/cpi/click?_rt=App-Xoom-Internal-iOS-EN&campaign_id=koxoom-prod----ios56b4c5fb145fab36acfdcb4372&network_id=4045&device_id=device_id&site_id=1
Title: Im App Store herunterladen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.xoom.com/ 59 KB
63 KB 774ms
709ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6bce51e2d1db6bdafa2f5d79a29c5270453cf2e81034c2b2193fbd3c1a7b9c98

Security Headers

Name	Value
Content-Security-Policy	style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/ https://.ctfassets.net/ 'unsafe-inline' 'self' https://.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/ 'nonce-5695131fd9674bd9cb8882533b696173' 'self' https://.googleadservices.com/ https://.gstatic.com/ https://.s-xoom.com/ https://.segment.com/ https://www.googletagmanager.com/ https://.online-metrix.net/ https://connect.facebook.net/ https://.google-analytics.com/ https://.cardinalcommerce.com/ https://.mxpnl.com/ https://.google.com/ https://bat.bing.com/ https://.ctfassets.net/ https://iesnare.com/ https://.braintreegateway.com/ https://.googleapis.com/ https://.doubleclick.net/ https://.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/; form-action paypal://remittance/link-paypal-account https://.xoom.com/ https://.paypal.com/; frame-src ; img-src 'self' data: https:; connect-src https://.xoom.com/ 'self' https://.google-analytics.com/ https://.mixpanel.com/ https://.cardinalcommerce.com/ https://.google.com/ https://.cloudfront.net/ https://.braintreegateway.com/ https://.googleapis.com/ wss://.xoom.com/ https://.doubleclick.net/ https://www.facebook.com/ https://.segment.io/ https://.segment.com/ https://.paypal.com/ https://.s-xoom.com/ https://.online-metrix.net/ https://.braintree-api.com/ https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/; worker-src 'self'; object-src https://.cardinalcommerce.com/ https://.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://.salesforce.com/ https://.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/ https://fonts.gstatic.com/ https://.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store
content-language: de-DE
content-security-policy: style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://*.preview.dev.paypalinc.com/ https://*.ctfassets.net/ 'unsafe-inline' 'self' https://*.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://*.preview.dev.paypalinc.com/ 'nonce-5695131fd9674bd9cb8882533b696173' 'self' https://*.googleadservices.com/ https://*.gstatic.com/ https://*.s-xoom.com/ https://*.segment.com/ https://www.googletagmanager.com/ https://*.online-metrix.net/ https://connect.facebook.net/ https://*.google-analytics.com/ https://*.cardinalcommerce.com/ https://*.mxpnl.com/ https://*.google.com/ https://bat.bing.com/ https://*.ctfassets.net/ https://iesnare.com/ https://*.braintreegateway.com/ https://*.googleapis.com/ https://*.doubleclick.net/ https://*.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://*.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/; form-action * paypal://remittance/link-paypal-account https://*.xoom.com/ https://*.paypal.com/; frame-src *; img-src 'self' data: https:; connect-src https://*.xoom.com/ 'self' https://*.google-analytics.com/ https://*.mixpanel.com/ https://*.cardinalcommerce.com/ https://*.google.com/ https://*.cloudfront.net/ https://*.braintreegateway.com/ https://*.googleapis.com/ wss://*.xoom.com/ https://*.doubleclick.net/ https://www.facebook.com/ https://*.segment.io/ https://*.segment.com/ https://*.paypal.com/ https://*.s-xoom.com/ https://*.online-metrix.net/ https://*.braintree-api.com/ https://www.paypalobjects.com/ https://*.preview.dev.paypalinc.com/; worker-src 'self'; object-src https://*.cardinalcommerce.com/ https://*.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://*.salesforce.com/ https://*.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://*.preview.dev.paypalinc.com/ https://fonts.gstatic.com/ https://*.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
content-type: text/html;charset=UTF-8
date: Tue, 09 May 2023 14:13:20 GMT
etag: "07317ce88ad0418329d71f9ce8a666721"
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-envoy-upstream-service-time: 237
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230088-FRA
x-timer: S1683641600.290517,VS0,VE702
x-ua-compatible: IE=edge
x-xoom-requestid: 0199279a-0e91-46ab-a377-8aad4e20f7ed
x-xss-protection: 1; mode=block

GET
H2 200 legacy-supplement.css
www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/ 51 KB
10 KB 58ms
13ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/legacy-supplement.css

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A7) /

Resource Hash

971b2279dfc86e8eb87505db6179fb897c919d3930b2d9038babf708c312b298

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: f730b1bc869ae
dc: ccg11-origin-www-1.paypal.com
content-length: 9930
last-modified: Tue, 14 Mar 2023 18:52:01 GMT
server: ECAcc (ama/48A7)
traceparent: 00-0000000000000000000f730b1bc869ae-272db2e1ca3955a6-01
etag: W/"6410c251-cc77"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 demeter.css
www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/ 222 KB
33 KB 60ms
16ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48EE) /

Resource Hash

cbc202ea48cba1398230753d5fc22954fcd0b68076a485e300b98a1ade40ba08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 93d3ac0db2c8e
dc: ccg11-origin-www-1.paypal.com
content-length: 33784
last-modified: Tue, 14 Mar 2023 18:52:01 GMT
server: ECAcc (ama/48EE)
traceparent: 00-000000000000000000093d3ac0db2c8e-acc4a66f673f4c82-01
etag: W/"6410c251-37720"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 xoom-analytics-init.js Show response
www.paypalobjects.com/xoom/siteContent/26.1.0/js/ 10 KB
4 KB 58ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/siteContent/26.1.0/js/xoom-analytics-init.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48D6) /

Resource Hash

0492316b0034476cd51e6f05d68ba4dd0b407b069eb38c47b08d256806bd47f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 56ea70a126a5e
dc: ccg11-origin-www-1.paypal.com
content-length: 3600
last-modified: Mon, 24 Apr 2023 23:53:40 GMT
server: ECAcc (ama/48D6)
traceparent: 00-000000000000000000056ea70a126a5e-d4a5fa10aaeb4a3a-01
etag: W/"64471684-27b2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 xoom_pp_vertical_white_logo_150x50_de.svg
images.ctfassets.net/fyvbo1b1kt27/1aCaeEbqRYHPhbPqjuyQyA/318594c40832358c69d5103ba7f42dab/ 11 KB
4 KB 38ms
6ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/1aCaeEbqRYHPhbPqjuyQyA/318594c40832358c69d5103ba7f42dab/xoom_pp_vertical_white_logo_150x50_de.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 35d8d431c789a316f4f145aacfe4f719b87c34fb7e5128f6f6c54a6db4a13d66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:27:23 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Fri, 21 May 2021 20:25:06 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 42359
etag: W/"66754f9cd8a67afdf8cb4b091d5b8a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: NRanRWm0YNNM4bSFXBaxuowk6cYbeIlTs6XVf4Et5l9l1oAZgd7hpA==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/ 103 KB
28 KB 34ms
9ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.1.0/js/xoom-analytics-init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 781b7ae02db6624deed7523836dfe552304d81a307ff0a2c0cd9745feb92d2ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: JehhpHChEg1kA8sq7WQ2e.NP5UhsFIYu
content-encoding: br
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
date: Tue, 09 May 2023 14:11:56 GMT
x-amz-cf-pop: FRA6-C1
age: 86
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 13:06:46 GMT
server: AmazonS3
etag: W/"8b9d970e741f318709b500be21b244b2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: k_BFMbVuWTgBOe-YbtWSlqZYQRm3XlD02A5dzp9v-yk2Vv2cbp-ihw==

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 47ms
12ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4889) /

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css
Origin: https://www.xoom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 5afdb95f0696d
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (ama/4889)
traceparent: 00-00000000000000000005afdb95f0696d-b74492ffeae800a7-01
etag: "60271cda-6318"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 icon.BankDeposit.arrow.svg
images.ctfassets.net/fyvbo1b1kt27/5CjsAXgpRSa0g4K8UkGScW/331d9f94c905d344eef23855d31ef999/ 2 KB
1 KB 8ms
7ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/5CjsAXgpRSa0g4K8UkGScW/331d9f94c905d344eef23855d31ef999/icon.BankDeposit.arrow.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c07757724315ea64dbd0ed4db461b18140a569b670344f0e9c46a00c52327f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:30:12 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Fri, 07 Sep 2018 23:29:36 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 27790
etag: W/"2cf8e8a4bca0c6000d52c6f664343176"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 32uWhGEJeOgnQCZL1DCz1CCxCMqjtmWKtHhQ_8fkNREmMsmYX7RM1A==

GET
H2 200 credit_debit_card.svg
images.ctfassets.net/fyvbo1b1kt27/3VYqLaSgRDvRHNaE3FHet6/2126a8ab7038eab7b2d16c5e6096eb5a/ 3 KB
2 KB 9ms
7ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/3VYqLaSgRDvRHNaE3FHet6/2126a8ab7038eab7b2d16c5e6096eb5a/credit_debit_card.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: af1b188efb008d8d7822347c0d1e50fdb27c7dcd7a1d9f58802767610fac618c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:30:12 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Thu, 07 May 2020 23:19:21 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 27790
etag: W/"04c20d709af271908001eda877318cca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: iGmBmG_tgBwVRkwxc66VLmA1W14jGVEwZ225SMTG2wPz-ngft6kI1A==

GET
H2 200 icon.CashPickup.arrow.svg
images.ctfassets.net/fyvbo1b1kt27/5NNHCB7i3CcegKIsOyAGMi/1fd23cf33b0dcc324829b467fc9a7a27/ 2 KB
1 KB 8ms
7ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/5NNHCB7i3CcegKIsOyAGMi/1fd23cf33b0dcc324829b467fc9a7a27/icon.CashPickup.arrow.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a615569a5556e9331fa7ad01fde71b9affee6f4b7a4bea26f064d722895d0fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:19:24 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Aug 2018 21:42:26 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 42838
etag: W/"4a1010d5f3294d724011b7d0a8678681"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: f97jX7NgyJ1UuYtf0N-LIbSvpsfI4iw_UH3fXvMbUrnWXduo7q_7_w==

GET
H2 200 icon.Delivery.arrow.svg
images.ctfassets.net/fyvbo1b1kt27/1kDvDfdUfiW6WK0WWmqc6Y/f6da15374c1659b984289156c355c40d/ 3 KB
2 KB 9ms
8ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/1kDvDfdUfiW6WK0WWmqc6Y/f6da15374c1659b984289156c355c40d/icon.Delivery.arrow.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f6145e69c8181fd83c9644f84db5b47b2601c2a07dce569944eb9370d0bc295b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 04:33:14 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Aug 2018 21:41:38 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 34808
etag: W/"28ae1b9ed7c3e8bbd679c3ec2e8d25b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: RVfjoMJ9DDpr3l2ezfPV9U8KIdhLtkit5eY8QKJUekXmf-ZC7kcZlA==

GET
H2 200 icon.SMS.72x72.svg
images.ctfassets.net/fyvbo1b1kt27/5ZGLd65aHS2CwSsACSE6us/bfb66fd45485cac161c9a8efb5f0f249/ 1 KB
1 KB 9ms
8ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/5ZGLd65aHS2CwSsACSE6us/bfb66fd45485cac161c9a8efb5f0f249/icon.SMS.72x72.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: cc20b4e92c011dc10c3d14a544c9804d3a9f8151dd8afea65a9eadb0d583e367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 04:08:30 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Mon, 10 Sep 2018 16:16:54 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 36292
etag: W/"41b1081048a0861733bfa0e95b5d8d5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: JpTNS2FlzTCBsqWFiAWiLHImbY0OSZuFvqh3kLu3xob6HXM2lRkokQ==

GET
H2 200 icon.OntheGo.72x72.svg
images.ctfassets.net/fyvbo1b1kt27/225YqSS2AIQMAqumSO6y8g/990b03a4b88cb6da38b17758d78b8f52/ 1 KB
1 KB 10ms
9ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/225YqSS2AIQMAqumSO6y8g/990b03a4b88cb6da38b17758d78b8f52/icon.OntheGo.72x72.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 89d25613b47b691bc64df30b65d13639bd89956d39c7c52e901f408ddfc96fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 05:47:03 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Aug 2018 21:46:45 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 30379
etag: W/"56e4e25e80b0d5b5ae107d3a84dcf97c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: XnpR5GuPwsSVPWHnfbWjS2u8QQjJWz8B5f4uYYTqsWaisVOG-mBa9g==

GET
H2 200 icon.Customer.72x72.svg
images.ctfassets.net/fyvbo1b1kt27/6MhvaMup9eqmg0Kam2ucGU/cb44ecce090ab015780465ca290a128c/ 3 KB
2 KB 9ms
9ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/6MhvaMup9eqmg0Kam2ucGU/cb44ecce090ab015780465ca290a128c/icon.Customer.72x72.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4f5642aea7fb5be943e8443dcd4f367abe76575635a5c831d345bb94b064f978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:44:30 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Aug 2018 21:47:08 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 26932
etag: W/"b4e216f1d18186c6c6bb5ae918b16c2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: pBWvUqrMZ7w6vOkOEWzO6-cu1qRkXiLARPPWHTSCqGjAGwlb4iA15A==

GET
H2 200 icon.Secure.72x72.svg
images.ctfassets.net/fyvbo1b1kt27/6fRyOoviMg4eaO4wCI4KWu/ecc6f22b6fe55de019137b08f87c7720/ 1 KB
1 KB 10ms
9ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/6fRyOoviMg4eaO4wCI4KWu/ecc6f22b6fe55de019137b08f87c7720/icon.Secure.72x72.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 3882e5e7fffe48d41c67a50757d407fa53a0a8a1f5b6b2f4cf341b11068e0174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 07:05:50 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Wed, 08 Aug 2018 21:47:23 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 25652
etag: W/"3447faae1d4c35e8dab4d843c621b48f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: OfJCqfPEutWEMX4q36nQMNRuswchU7nT6YXCiZGqkGwBWdyDrsmo9Q==

GET
H2 200 icon.MoneyBackGuarantee.72x72.svg
images.ctfassets.net/fyvbo1b1kt27/6jT23CEffOsOQusmgAAWiS/288634cb2fff5397e732021a90c7166f/ 1 KB
1 KB 10ms
10ms Image
image/svg+xml 2600:9000:225e:1000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/fyvbo1b1kt27/6jT23CEffOsOQusmgAAWiS/288634cb2fff5397e732021a90c7166f/icon.MoneyBackGuarantee.72x72.svg
Requested by: Host: www.xoom.com
URL: https://www.xoom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: cd513b7b57d060948197382686c76fffa441f44b2537e277a5aad8cb310e833d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:18:52 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 20:42:28 GMT
server: Contentful Images API
x-amz-cf-pop: FRA60-P4
age: 42870
etag: W/"37957a36872748130696248f442ef63c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: OmA3G5ZUYklIosieb_05VjULLwT71qXn0OqoVnn5Dxk7WQMyoIn0wQ==

GET
H2 200 thin-caret.fe746a61.svg
www.paypalobjects.com/xoom/xvx/2.50.0/images/ 202 B
308 B 12ms
12ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/images/thin-caret.fe746a61.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A2) /

Resource Hash

fe92a6173cf3561e51ae2fc7cd4839fcd30c9b77f76cf8efa5bddec08d303d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: eb9dbe4dbd79a
dc: ccg11-origin-www-1.paypal.com
content-length: 170
last-modified: Tue, 14 Mar 2023 18:52:01 GMT
server: ECAcc (ama/48A2)
traceparent: 00-0000000000000000000eb9dbe4dbd79a-2669468f44a93832-01
etag: "6410c251-ca+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 default_hero-image_large.2f05d03b.svg
www.paypalobjects.com/xoom/xvx/2.50.0/images/themes/demeter/ 46 KB
17 KB 12ms
12ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/images/themes/demeter/default_hero-image_large.2f05d03b.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48CF) /

Resource Hash

4c0ff5a69d14c76a5de27abcc1cdc273fd5a645c81ac252b8c1c287b66fcd204

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 4c7de0ffebcf7
dc: ccg11-origin-www-1.paypal.com
content-length: 16918
last-modified: Tue, 14 Mar 2023 18:52:01 GMT
server: ECAcc (ama/48CF)
traceparent: 00-00000000000000000004c7de0ffebcf7-4ec163849389f506-01
etag: W/"6410c251-b920"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 12ms
12ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48E2) /

Resource Hash

2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/demeter.css
Origin: https://www.xoom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: d00f0e31003ec
dc: ccg11-origin-www-1.paypal.com
content-length: 18508
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (ama/48E2)
traceparent: 00-0000000000000000000d00f0e31003ec-346b6722378ccfe1-01
etag: "60271cda-484c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/ 8 KB
2 KB 19ms
6ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 532ac71b2b4d1e1b78381d3cd1e15b3bc3a70ec59113715f6e7037b48e7dcb80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: frCHmMWRlS1bSlN2oJIcoTXK2BmjuFIW
content-encoding: br
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
date: Tue, 09 May 2023 11:29:09 GMT
x-amz-cf-pop: FRA6-C1
age: 9853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Apr 2023 21:25:45 GMT
server: AmazonS3
etag: W/"f78c0857f7129657cf111abce82fef42"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: rbZ-dVI_gJX1pez472i-EaNbHEaMTNw88v0GcidFk26WoKEjeURSLg==

GET
H2 200 ajs-destination.bundle.ccff523783839dc95aac.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 6ms
6ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ccff523783839dc95aac.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e28a44f05465881891ed02e04f286084a8fdb361d81e1877ea4f612f05dcddaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:55:35 GMT
x-amz-version-id: a142wvWCk5xJExZUb9LpN_387MWS7AEL
content-encoding: br
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2452667
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Mar 2023 12:05:28 GMT
server: AmazonS3
etag: W/"9bd6c4523feaa1477df0588cd1d6738c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: f66vikyZ4JpA59n_gq65cGlho3GiF_9uXdzpWTQYJEvy5wEJgV8Fqw==

GET
H2 200 schemaFilter.bundle.d0fc84c62e956d168cce.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 6ms
6ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.d0fc84c62e956d168cce.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 21:55:19 GMT
x-amz-version-id: H2MYLbMWwUggJb6wT0Gt4D5qB0SBiDaa
content-encoding: br
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 922682
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Mar 2023 12:05:28 GMT
server: AmazonS3
etag: W/"d6985af1d6ad9e8c2f97f24f7b27306e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: jm2mfaJKgJssRHqFmRWhTund_D7ixZOIuhygbpqYea_lk_wGRzmHwg==

GET
H2 200 visual-tagger.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 45 KB
16 KB 6ms
6ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 19:21:12 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: uy27uoA9Kg8eOJwo8Uilck45xzva2uOH
x-amz-cf-pop: FRA6-C1
age: 3955930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15523
last-modified: Thu, 23 Mar 2023 13:55:25 GMT
server: AmazonS3
etag: "22f964b449ca210bdea17404f4624ac9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: JJjbDlW9iff-lEMvH5k7HiYomTqjDKvL22xCvbK19YhfzWc7AjIMLw==

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 6ms
6ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 01 May 2023 16:59:08 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: Cj0xbWcxg6DXXf1hU8tQRqBkswwJbGrB
x-amz-cf-pop: FRA6-C1
age: 681254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Mon, 01 May 2023 12:21:22 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: VF1HXtFPcfw3wHktit4O_jWFYWWEp_B0arxyJeb6r4kbxh9NCLM5Tw==

OPTIONS instrumentation-spec-rftgd379dm-OJMMvuVf7U.json
d1wnclalxop6x4.cloudfront.net/ 0
0

GET instrumentation-spec-rftgd379dm-OJMMvuVf7U.json
d1wnclalxop6x4.cloudfront.net/ 0
0

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
172 B 524ms
173ms Fetch
application/json 54.71.146.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HRMXxtDkmQkcxdAobhOakMc6bwCyl6zE/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.146.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-146-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.xoom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.xoom.com
date: Tue, 09 May 2023 14:13:21 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 ncs.js Show response
www.paypalobjects.com/ncs/ 13 KB
4 KB 14ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ncs/ncs.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48CA) /

Resource Hash

829b81d7a4679770b36fce8df1d8c40eb0a4cc151a507bbfeb2a5a541376a16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: dda2d8054721c
dc: ccg11-origin-www-1.paypal.com
content-length: 3754
last-modified: Thu, 20 Apr 2023 22:51:11 GMT
server: ECAcc (ama/48CA)
traceparent: 00-0000000000000000000dda2d8054721c-1af2ef751e8dfa4e-01
etag: W/"6441c1df-3528"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 common.js Show response
www.paypalobjects.com/xoom/xvx/2.50.0/js/ 166 KB
53 KB 14ms
13ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/js/common.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C4) /

Resource Hash

137dd60313881143a635b471a4de6e56ed6e148670200f0881c8fe2ea13246d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 7016b5e8a11ec
dc: ccg11-origin-www-1.paypal.com
content-length: 54190
last-modified: Tue, 14 Mar 2023 18:52:01 GMT
server: ECAcc (ama/48C4)
traceparent: 00-00000000000000000007016b5e8a11ec-11f5d7743017b4e7-01
etag: W/"6410c251-29680"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 header.js Show response
www.paypalobjects.com/xoom/xvx/2.50.0/js/ 5 KB
2 KB 15ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/js/header.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4887) /

Resource Hash

3ccb3817d9b2dbd6020ecd78aa142385c021664eb0b006a049df5f5fb41a800a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 4ede234005584
dc: ccg11-origin-www-1.paypal.com
content-length: 1834
last-modified: Tue, 14 Mar 2023 18:52:01 GMT
server: ECAcc (ama/4887)
traceparent: 00-00000000000000000004ede234005584-096dfcbcd703ec6f-01
etag: W/"6410c251-1394"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 main.js Show response
www.paypalobjects.com/xoom/xvx/2.50.0/js/ 31 KB
10 KB 16ms
15ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/js/main.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B8) /

Resource Hash

85bea4b136a41bd0c270149724e541b82262a1c918969d23f9fe92b818a345bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: c0acad4429b4f
dc: ccg11-origin-www-1.paypal.com
content-length: 9827
last-modified: Tue, 14 Mar 2023 18:52:01 GMT
server: ECAcc (ama/48B8)
traceparent: 00-0000000000000000000c0acad4429b4f-32799bd8a8e0a269-01
etag: W/"6410c251-7dae"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 xoom-xvx-init.js Show response
www.paypalobjects.com/xoom/siteContent/26.1.0/js/ 55 KB
20 KB 16ms
15ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/siteContent/26.1.0/js/xoom-xvx-init.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48AF) /

Resource Hash

d565897ad03c72b50634e6ab28c7d01d481ba7bdc6d9e14d8e78f578b93ebe90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 49c305f8aad3d
dc: ccg11-origin-www-1.paypal.com
content-length: 20704
last-modified: Mon, 24 Apr 2023 23:53:40 GMT
server: ECAcc (ama/48AF)
traceparent: 00-000000000000000000049c305f8aad3d-918248a68cc90f80-01
etag: W/"64471684-db88"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 navbar.js Show response
www.paypalobjects.com/xoom/xvx/2.50.0/js/ 2 KB
1 KB 16ms
15ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/js/navbar.js

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F6) /

Resource Hash

0073c3425e73878ec6e47427842cad922ce234744b740f463de1e733ff4e524b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 77b70a71f3dc
dc: ccg11-origin-www-1.paypal.com
content-length: 923
last-modified: Tue, 14 Mar 2023 18:52:01 GMT
server: ECAcc (ama/48F6)
traceparent: 00-0000000000000000000077b70a71f3dc-675c88a56d67e3ca-01
etag: W/"6410c251-6e8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 BTN-android-small.2186b59b.png
www.paypalobjects.com/xoom/xvx/2.50.0/images/ 2 KB
2 KB 24ms
23ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/images/BTN-android-small.2186b59b.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/legacy-supplement.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48FB) /

Resource Hash

004518367b7fca116cec42218658e8432fd124460bb57d47b44948ed89352737

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/legacy-supplement.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: d62aec2b1212c
dc: ccg11-origin-www-1.paypal.com
content-length: 1937
last-modified: Tue, 14 Mar 2023 18:51:59 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (ama/48FB)
traceparent: 00-0000000000000000000d62aec2b1212c-e32664ba71bafb78-01
etag: "6410c24f-791"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 BTN-apple-small.1fdf0fb9.png
www.paypalobjects.com/xoom/xvx/2.50.0/images/ 2 KB
2 KB 24ms
24ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/xoom/xvx/2.50.0/images/BTN-apple-small.1fdf0fb9.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/legacy-supplement.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48D7) /

Resource Hash

acd9b512fa356580dd8b1c054966eaa35159067492d7c1503016f2425c7eac6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/xoom/xvx/2.50.0/styles/themes/demeter/legacy-supplement.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 5bf34bb8fb0d
dc: ccg11-origin-www-1.paypal.com
content-length: 1992
last-modified: Tue, 14 Mar 2023 18:51:59 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (ama/48D7)
traceparent: 00-000000000000000000005bf34bb8fb0d-40f3478215f11c02-01
etag: "6410c24f-7c8"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

OPTIONS
H2 200 getBanner
www.paypal.com/myaccount/privacy/cookieprefs/ 0
0 251ms
218ms Preflight
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=DE&language=de-DE&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=xoom&tenantData={%22cookiePrefsString%22:%22cookie_prefs%22}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-zsHEUi4ISLo8a+9rQI10hjDlzxroDZRS7GwQNd1KRH6fTvVF' 'self' 'unsafe-inline' 'unsafe-eval' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type
Access-Control-Request-Method: GET
Origin: https://www.xoom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: none
access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-origin, Content-Type, Accept, X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: https://www.xoom.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-zsHEUi4ISLo8a+9rQI10hjDlzxroDZRS7GwQNd1KRH6fTvVF' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/plain; charset=utf-8
date: Tue, 09 May 2023 14:13:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f744924bb5554
server-timing: "traceparent;desc="00-0000000000000000000f744924bb5554-9d8cfbb4050cf6d5-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f744924bb5554-bccbf3d9719401f0-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230067-FRA
x-timer: S1683641601.281610,VS0,VE212
x-xss-protection: 1; mode=block

GET
H2 200 mapping.js Show response
www.paypalobjects.com/ncs/xoom/ 281 B
337 B 14ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ncs/xoom/mapping.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48D1) /

Resource Hash

6f0ce8ce5fd38e4a6b6cf4a6647c4fc1ebc731890e45265c57a73400de4bc1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: dad5cfdeab7be
dc: ccg11-origin-www-1.paypal.com
content-length: 154
last-modified: Fri, 03 Feb 2023 20:39:09 GMT
server: ECAcc (ama/48D1)
traceparent: 00-0000000000000000000dad5cfdeab7be-cd99ea92ee609a0e-01
etag: W/"63dd70ed-119"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 getBanner Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 18 KB
8 KB 245ms
231ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0dd1423babc7bea3446c271fd8e2887dd5ea9f076d2ffef9d9ea06e91dbef1f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nsntSQ7DJ+2C/EU05aqYw184JaMuqCG8PHxEnJlzbAyFt1Qc' 'self' 'unsafe-inline' 'unsafe-eval' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Allow-Origin: *
Accept: */*
Referer: https://www.xoom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nsntSQ7DJ+2C/EU05aqYw184JaMuqCG8PHxEnJlzbAyFt1Qc' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date: Tue, 09 May 2023 14:13:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
content-encoding: br
x-cache: MISS
paypal-debug-id: f628508a2564f
server-timing: "traceparent;desc="00-0000000000000000000f628508a2564f-28b98c510a8dbe9e-01"";content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230062-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f628508a2564f-4254f89a4e8f61d2-01
x-timer: S1683641602.514813,VS0,VE223
etag: W/"4666-ImRs8u35cgz1O5gjbLoOrYkYAZA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xoom.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

GET
H2 200 pa_xoom.js Show response
www.paypalobjects.com/pa/js/ 48 KB
19 KB 15ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/pa_xoom.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.1.0/js/xoom-analytics-init.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F7) /

Resource Hash

d474dc345e121ded53a79227e5b725b11ab19bdb084365fd8f5c801ef7eb955c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: d3c1a221e960c
dc: ccg11-origin-www-1.paypal.com
content-length: 18612
last-modified: Mon, 08 May 2023 23:16:21 GMT
server: ECAcc (ama/48F7)
traceparent: 00-0000000000000000000d3c1a221e960c-2489fc10556dfdc2-01
etag: W/"645982c5-c049"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/xoom/ 7 KB
2 KB 15ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/xoom/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48E2) /

Resource Hash

d5d2fa989a3c5238e46a150141fca7641bcd274899267bd586703c7bbebd37e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xoom.com/
Origin: https://www.xoom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e7d6f2f5ab394
dc: ccg11-origin-www-1.paypal.com
content-length: 1869
last-modified: Mon, 24 Apr 2023 22:44:37 GMT
server: ECAcc (ama/48E2)
traceparent: 00-0000000000000000000e7d6f2f5ab394-82474e466a08c760-01
etag: W/"64470655-1a76"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 fbevents.js Show response
www.paypalobjects.com/pa/mi/3p/ 88 KB
23 KB 15ms
15ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/fbevents.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C1) /

Resource Hash

f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xoom.com/
Origin: https://www.xoom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e985543d7a9ff
dc: ccg11-origin-www-1.paypal.com
content-length: 23748
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
server: ECAcc (ama/48C1)
traceparent: 00-0000000000000000000e985543d7a9ff-351a305d9eaf739c-01
etag: "60271cd9-15ea3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 patleaf.js Show response
www.paypalobjects.com/pa/3pjs/tl/xoom/6.3.0/ 143 KB
49 KB 16ms
15ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/xoom/6.3.0/patleaf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48CA) /

Resource Hash

8229050f70caaaad6b00737ff2009fb1dd4f314295f950a2661136fb51c5840f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xoom.com/
Origin: https://www.xoom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e59bb55729287
dc: ccg11-origin-www-1.paypal.com
content-length: 49843
last-modified: Thu, 30 Mar 2023 06:45:13 GMT
server: ECAcc (ama/48CA)
traceparent: 00-0000000000000000000e59bb55729287-855064087cca22b3-01
etag: "64252ff9-23c60"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 gtag.js Show response
www.paypalobjects.com/pa/mi/3p/gtag/ 79 KB
30 KB 15ms
15ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A4) /

Resource Hash

f982a9dad50b916735a08b8e6f40efa7f97163106b18da079b144764c86a44a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xoom.com/
Origin: https://www.xoom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 528602dada906
dc: ccg11-origin-www-1.paypal.com
content-length: 31066
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
server: ECAcc (ama/48A4)
traceparent: 00-0000000000000000000528602dada906-d99c39a9efc25892-01
etag: W/"60271cd9-13bba"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 236564939871335 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 30ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/236564939871335?v=2.9.4&r=stable

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/mi/3p/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00ba30a9e5101bdc37d686c67dcd98a9c6dc5ddfb381b8e57b5203e487ca503a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 May 2023 14:13:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34833
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +aFI7c/8dF1wgVBzWzOlhyQDsEnDQ1WeG4CztIE2qTKxjoHuGwYJK6a7cB7FHaikUTMYMRmEdP8uLK7y2afajw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 patlcfg.js Show response
www.paypalobjects.com/pa/3pjs/tl/xoom/6.3.0/ 9 KB
3 KB 14ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/xoom/6.3.0/patlcfg.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa_xoom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4903) /

Resource Hash

1214a9d9668cec2d9d8dabc9e4cf611693b18d357297e343fd73656ce11960a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xoom.com/
Origin: https://www.xoom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 4c4f9ebe0756a
dc: ccg11-origin-www-1.paypal.com
content-length: 3302
last-modified: Wed, 22 Mar 2023 22:07:31 GMT
server: ECAcc (ama/4903)
traceparent: 00-00000000000000000004c4f9ebe0756a-0f078852a7703944-01
etag: "641b7c23-25d0+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 44 KB
16 KB 92ms
64ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3f9e3a3ae49f6f3e80d647e52f4bd91d5d9565df52f480d8323d042d52e06993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16329
x-xss-protection: 0
server: cafe
etag: 3475709569282847409
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 May 2023 14:13:21 GMT

GET
H2 200 ts
t.xoom.com/ 42 B
809 B 228ms
163ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.xoom.com/ts?v=1.7.8&t=1683641601376&g=0&page=xoom%3A&pgrp=xoom%3A&tenant_name=xoom&residence_country_code=DE&send_currency_code=EUR&language=de_DE&mgaff=untracked&fingerprint_id=d4010beb-3863-4db8-cd55-82533b696173&event_name=xoom_path_shown&product=xoom&event_props=residence_country_code%2C%20send_currency_code%2C%20receive_country_code%2C%20language%2C%20mgaff%2C%20fingerprint_id%2C%20event_name%2C%20xoom_id%2C%20product&e=im&ef_policy=gdpr_eu&pt=Geld%20online%20senden%20%7C%20Xoom%2C%20ein%20Service%20von%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 09 May 2023 14:13:21 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 7bc7318747a85
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230060-FRA
pragma: no-cache
correlation-id: 7bc7318747a85
traceparent: 00-00000000000000000007bc7318747a85-bbeb01663c2c8c0e-01
x-timer: S1683641601.444478,VS0,VE157
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 14:13:21 GMT

OPTIONS
H2 200 896d15b7fbb8465aaae73f98bffc1118
postcollector.paypal.com/collector/switch/ 0
0 136ms
106ms Preflight 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://postcollector.paypal.com/collector/switch/896d15b7fbb8465aaae73f98bffc1118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.xoom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: https://www.xoom.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Tue, 09 May 2023 14:13:21 GMT
server: istio-envoy
strict-transport-security: max-age=31557600
vary: Accept-Encoding,Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-upstream-service-time: 0
x-served-by: cache-fra-eddf8230075-FRA
x-timer: S1683641601.417272,VS0,VE100

GET
H2 200 896d15b7fbb8465aaae73f98bffc1118 Show response
postcollector.paypal.com/collector/switch/ 1 B
162 B 8ms
7ms XHR
application/json 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://postcollector.paypal.com/collector/switch/896d15b7fbb8465aaae73f98bffc1118

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/tl/xoom/6.3.0/patleaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.xoom.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 879
x-cache: HIT
x-envoy-upstream-service-time: 1
nodeid: wscollector-7d7f597f94-c8wh6
content-length: 21
x-served-by: cache-fra-eddf8230075-FRA
dcname: prod-dal
server: istio-envoy
x-timer: S1683641602.524527,VS0,VE1
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: https://www.xoom.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/mi/3p/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6198ba4aea069f7925edf04e420452c6240b06180997c31d996709732bed9abf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 May 2023 14:13:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10218
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oh4YFklTmr2Dpzii9EbQEBFBnp7H7quoE/7z2B0EK1IsTI3gtoaiHw4qLGJ/w4DDdlNM1tlJGCxrMZUEA2admQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=236564939871335&ev=PageView&dl=https%3A%2F%2Fwww.xoom.com%2F&rl=&if=false&ts=1683641601411&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=28&fbp=fb.1.1683641601410.1818832847&it=1683641601352&coo=false&rqm=GET

Requested by

Host: www.xoom.com
URL: https://www.xoom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 May 2023 14:13:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 collectorPost
postcollector.paypal.com/collector/ 0
0 96ms
96ms Preflight 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://postcollector.paypal.com/collector/collectorPost

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method: POST
Origin: https://www.xoom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods: POST
access-control-allow-origin: https://www.xoom.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Tue, 09 May 2023 14:13:21 GMT
server: istio-envoy
strict-transport-security: max-age=31557600
vary: Accept-Encoding,Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-upstream-service-time: 0
x-served-by: cache-fra-eddf8230075-FRA
x-timer: S1683641602.536954,VS0,VE90

POST
H2 200 collectorPost Show response
postcollector.paypal.com/collector/ 38 B
186 B 121ms
121ms Fetch
application/json 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://postcollector.paypal.com/collector/collectorPost

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/tl/xoom/6.3.0/patleaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Content-Encoding: gzip
X-Tealeaf-SyncXHR: false
X-Tealeaf: device (UIC) Lib/6.3.3
accept-language: de-DE,de;q=0.9
X-Tealeaf-MessageTypes: 1,2,5,12,14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json
X-Tealeaf-SaaS-AppKey: 896d15b7fbb8465aaae73f98bffc1118
X-Tealeaf-SaaS-TLTSID: 83527692458401743152763382408545
X-Requested-With: fetch
X-TealeafType: GUI
X-PageId: P.V4759LXU656NGRDNXF8R7YUX43ZZ
X-TeaLeaf-Page-Url: /
Referer: https://www.xoom.com/

Response headers

x-cache-hits: 0
date: Tue, 09 May 2023 14:13:21 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-cache: MISS
tltsid: 83527692458401743152763382408545
x-envoy-upstream-service-time: 1
nodeid: wscollector-7d7f597f94-z8b6w
content-length: 38
x-served-by: cache-fra-eddf8230075-FRA
dcname: prod-dal
server: istio-envoy
x-timer: S1683641602.640129,VS0,VE108
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: https://www.xoom.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 31 Dec 1998 12:00:00 GMT

GET
H2 200 Popups.js Show response
www.paypalobjects.com/xoom/siteContent/26.1.0/js/xoom/ui/ 8 KB
4 KB 13ms
12ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/xoom/siteContent/26.1.0/js/xoom/ui/Popups.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/xoom/siteContent/26.1.0/js/xoom-xvx-init.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48DB) /

Resource Hash

289516803d8198f82f0b871d128f713afc051cbb7770744d2c0840855463a7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: c09ab313bbca
dc: ccg11-origin-www-1.paypal.com
content-length: 3460
last-modified: Mon, 24 Apr 2023 23:53:40 GMT
server: ECAcc (ama/48DB)
traceparent: 00-00000000000000000000c09ab313bbca-c8b6e7b2fc091b53-01
etag: W/"64471684-1f89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 ts
t.xoom.com/ 42 B
168 B 152ms
151ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.xoom.com/ts?v=1.7.8&t=1683641601755&g=0&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgrp=main%3Aprivacy%3Apolicy&tenant_name=xoom&residence_country_code=DE&send_currency_code=EUR&language=de_DE&mgaff=untracked&fingerprint_id=d4010beb-3863-4db8-cd55-82533b696173&product=xoom&event_props=residence_country_code%2C%20send_currency_code%2C%20receive_country_code%2C%20language%2C%20mgaff%2C%20fingerprint_id%2C%20event_name%2C%20xoom_id%2C%20product%2C%20link_name%2C%20simplified_path&displaypage=xoom%3A&ppage=privacy_banner&bannertype=cookiebanner&ccpg=DE&flag=gdpr_v2.1&bannerversion=v1&bannersource=ConsentNodeServ&eligibility_reason=true&cookie_disabled=false&tenant_code=xoom&event_name=xoom_cookie_banner_shown&e=ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 09 May 2023 14:13:21 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 3396d24028f8e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230060-FRA
pragma: no-cache
correlation-id: 3396d24028f8e
traceparent: 00-00000000000000000003396d24028f8e-7dea8bf8b4c18210-01
x-timer: S1683641602.762177,VS0,VE145
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 14:13:21 GMT

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 13ms
13ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4889) /

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xoom.com/
Origin: https://www.xoom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 5afdb95f0696d
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (ama/4889)
traceparent: 00-00000000000000000005afdb95f0696d-b74492ffeae800a7-01
etag: "60271cda-6318"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:21 GMT

GET
H2 200 mapping.js Show response
www.paypalobjects.com/ncs/xoom/ 281 B
257 B 13ms
12ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ncs/xoom/mapping.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48D1) /

Resource Hash

6f0ce8ce5fd38e4a6b6cf4a6647c4fc1ebc731890e45265c57a73400de4bc1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xoom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: dad5cfdeab7be
dc: ccg11-origin-www-1.paypal.com
content-length: 154
last-modified: Fri, 03 Feb 2023 20:39:09 GMT
server: ECAcc (ama/48D1)
traceparent: 00-0000000000000000000dad5cfdeab7be-cd99ea92ee609a0e-01
etag: W/"63dd70ed-119"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 09 May 2023 15:13:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d1wnclalxop6x4.cloudfront.net
URL: https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json

Domain: d1wnclalxop6x4.cloudfront.net
URL: https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xoom.com/	1970-01-20 11:50:46	Name: mgaff_1 Value: untracked
www.xoom.com/	1970-01-20 21:16:41	Name: AB_1 Value: 4430147232639927296
www.xoom.com/	1970-01-20 20:26:17	Name: xReCo Value: DE
www.xoom.com/	1970-01-20 11:40:42	Name: FGP_1 Value: d4010beb-3863-4db8-cd55-82533b696173
www.xoom.com/	1970-01-20 20:26:17	Name: xTZ Value: America%2FLos_Angeles
www.xoom.com/	1970-01-20 20:26:17	Name: xSoCu Value: EUR
www.xoom.com/	1970-01-20 21:16:41	Name: loc_1 Value: de_DE
www.xoom.com/	1970-01-20 11:50:46	Name: enforce_policy Value: gdpr_eu
www.xoom.com/	1970-01-20 11:50:46	Name: referringUrl_1 Value:
www.xoom.com/	1970-01-20 21:16:41	Name: FP_1 Value: b111d9f2d23ec76fe82206d5c78fe798
www.xoom.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6b0c0ca7-90dd-4486-bb47-650e3ce44402
www.xoom.com/	1970-01-20 21:16:41	Name: FN_1 Value: 2e2add8b3ff8c3e2126637195321436cd303915993adc531efd8dd586ceb2a7d
www.xoom.com/	1969-12-31 23:59:59	Name: PXSID Value: EDECE9F01155DE02260A3562C412E93C.ocb
www.xoom.com/	1969-12-31 23:59:59	Name: TS012c00c4 Value: 01621b58db38e5e52a082f1a1458019f1dc3fa0ce4bafc7c7845dc610340f9cc27c3f40b8652b00d7e78f9d2888df7a8b7111fe9506aa4b94e464c5eb7e31d3a3524031cefa9031cb1b63ea0fcf80011cd02546ea0345cd96a80d01ca68d5e52c29654a699b1b0cb4bf8d519740959605066f375f8d8d173ce5edea60677ee1076596dcf40239eb8b2a5ae285c269414370495820bc2ccc54fdfa32564bdef4a9cc0fd80135101154b4a24f1016d548db88167c52d41393252052400f7d22790b578528fd14d4032ad2991f7676451f6cdf2ca7b63a4cfb358b89a46bbb55aea107d8b4f01100d1ca2bc729ad0e2f7aa2d0865cc835c5121a62a8a3a5cb6b74790f4415c097fb93f7511979afd2e515bb7c6a5e693ecceb88d7b811c0607797eab587b6add
.xoom.com/	1969-12-31 23:59:59	Name: TS013c165e Value: 01621b58dbf2a37ad34cd7b585eb805fe503a1ce1fbafc7c7845dc610340f9cc27c3f40b8620d95213b26ffd5e85fbf1eb9379bad9f2cef32f1e275cfc8f37ef55ce841dbd
.xoom.com/	1970-01-20 20:26:17	Name: ajs_anonymous_id Value: 2cf2b50d-f4fd-4d1c-922b-294a7d939554
.xoom.com/	1970-01-20 13:50:17	Name: _gcl_au Value: 1.1.125320668.1683641601
.xoom.com/	1970-01-20 13:50:17	Name: _fbp Value: fb.1.1683641601410.1818832847
.xoom.com/	1970-01-20 21:16:41	Name: ts Value: vreXpYrS%3D1778249601%26vteXpYrS%3D1683643401%26vr%3D6b55213218a745e8c5e682533b696173%26vt%3D639c00b798284ff8cfc382533b696173%26vtyp%3Dnew
.xoom.com/	1970-01-20 21:16:41	Name: ts_c Value: vr%3D6b55213218a745e8c5e682533b696173%26vt%3D639c00b798284ff8cfc382533b696173
.paypal.com/	1970-01-20 20:26:17	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 11:41:13	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 11:45:00	Name: tsrce Value: privacynodeweb
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4MzY0MTYwMTY1NiIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3ARTrVRBfI3Ttnf63xRlF8lCIP6Jpm-vAJ.uuxUB%2BwGWote2xBZAGGq8TK37FRFXjK4ShczjKJRwzI
.paypal.com/	1970-01-20 21:16:41	Name: ts Value: vreXpYrS%3D1778336001%26vteXpYrS%3D1683643401%26vr%3D00dc0e341880a7885e077d7afd822f25%26vt%3D00dc0e341880a7885e077d7afd822f24%26vtyp%3Dnew
.paypal.com/	1970-01-20 21:16:41	Name: ts_c Value: vr%3D00dc0e341880a7885e077d7afd822f25%26vt%3D00dc0e341880a7885e077d7afd822f24
.xoom.com/	1970-01-20 20:26:17	Name: cookie_prefs Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d1wnclalxop6x4.cloudfront.net/instrumentation-spec-rftgd379dm-OJMMvuVf7U.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src https://www.paypal.com/ https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/ https://.ctfassets.net/ 'unsafe-inline' 'self' https://.s-xoom.com/ https://google.com/; base-uri 'self'; script-src https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/ 'nonce-5695131fd9674bd9cb8882533b696173' 'self' https://.googleadservices.com/ https://.gstatic.com/ https://.s-xoom.com/ https://.segment.com/ https://www.googletagmanager.com/ https://.online-metrix.net/ https://connect.facebook.net/ https://.google-analytics.com/ https://.cardinalcommerce.com/ https://.mxpnl.com/ https://.google.com/ https://bat.bing.com/ https://.ctfassets.net/ https://iesnare.com/ https://.braintreegateway.com/ https://.googleapis.com/ https://.doubleclick.net/ https://.paypal.com/ 'unsafe-eval' https://www.recaptcha.net/ https://.yodlee.com/ https://cdn.amplitude.com/ https://js-agent.newrelic.com/ https://bam-cell.nr-data.net/; form-action paypal://remittance/link-paypal-account https://.xoom.com/ https://.paypal.com/; frame-src ; img-src 'self' data: https:; connect-src https://.xoom.com/ 'self' https://.google-analytics.com/ https://.mixpanel.com/ https://.cardinalcommerce.com/ https://.google.com/ https://.cloudfront.net/ https://.braintreegateway.com/ https://.googleapis.com/ wss://.xoom.com/ https://.doubleclick.net/ https://www.facebook.com/ https://.segment.io/ https://.segment.com/ https://.paypal.com/ https://.s-xoom.com/ https://.online-metrix.net/ https://.braintree-api.com/ https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/; worker-src 'self'; object-src https://.cardinalcommerce.com/ https://.online-metrix.net/; media-src https://ssl.gstatic.com/; frame-ancestors https://.salesforce.com/ https://.paypal.com/ 'self'; font-src https://www.paypalobjects.com/ https://.preview.dev.paypalinc.com/ https://fonts.gstatic.com/ https://.s3.amazonaws.com/ 'self' https://*.s-xoom.com/ https://fonts.googleapis.com/ data:;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
cdn.segment.com
connect.facebook.net
d1wnclalxop6x4.cloudfront.net
images.ctfassets.net
postcollector.paypal.com
t.xoom.com
www.facebook.com
www.googleadservices.com
www.paypal.com
www.paypalobjects.com
www.xoom.com
d1wnclalxop6x4.cloudfront.net
142.250.184.226
151.101.1.21
151.101.129.35
151.101.193.21
151.101.65.35
192.229.221.25
2600:9000:225e:1000:12:94b3:c380:93a1
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
54.71.146.145
99.86.8.175
004518367b7fca116cec42218658e8432fd124460bb57d47b44948ed89352737
0073c3425e73878ec6e47427842cad922ce234744b740f463de1e733ff4e524b
00ba30a9e5101bdc37d686c67dcd98a9c6dc5ddfb381b8e57b5203e487ca503a
0492316b0034476cd51e6f05d68ba4dd0b407b069eb38c47b08d256806bd47f6
0dd1423babc7bea3446c271fd8e2887dd5ea9f076d2ffef9d9ea06e91dbef1f6
1214a9d9668cec2d9d8dabc9e4cf611693b18d357297e343fd73656ce11960a0
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
137dd60313881143a635b471a4de6e56ed6e148670200f0881c8fe2ea13246d5
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
289516803d8198f82f0b871d128f713afc051cbb7770744d2c0840855463a7f1
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
35d8d431c789a316f4f145aacfe4f719b87c34fb7e5128f6f6c54a6db4a13d66
3882e5e7fffe48d41c67a50757d407fa53a0a8a1f5b6b2f4cf341b11068e0174
3ccb3817d9b2dbd6020ecd78aa142385c021664eb0b006a049df5f5fb41a800a
3f9e3a3ae49f6f3e80d647e52f4bd91d5d9565df52f480d8323d042d52e06993
4c0ff5a69d14c76a5de27abcc1cdc273fd5a645c81ac252b8c1c287b66fcd204
4f5642aea7fb5be943e8443dcd4f367abe76575635a5c831d345bb94b064f978
532ac71b2b4d1e1b78381d3cd1e15b3bc3a70ec59113715f6e7037b48e7dcb80
6198ba4aea069f7925edf04e420452c6240b06180997c31d996709732bed9abf
6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bce51e2d1db6bdafa2f5d79a29c5270453cf2e81034c2b2193fbd3c1a7b9c98
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f0ce8ce5fd38e4a6b6cf4a6647c4fc1ebc731890e45265c57a73400de4bc1e0
781b7ae02db6624deed7523836dfe552304d81a307ff0a2c0cd9745feb92d2ab
8229050f70caaaad6b00737ff2009fb1dd4f314295f950a2661136fb51c5840f
829b81d7a4679770b36fce8df1d8c40eb0a4cc151a507bbfeb2a5a541376a16c
85bea4b136a41bd0c270149724e541b82262a1c918969d23f9fe92b818a345bf
89d25613b47b691bc64df30b65d13639bd89956d39c7c52e901f408ddfc96fc5
971b2279dfc86e8eb87505db6179fb897c919d3930b2d9038babf708c312b298
a615569a5556e9331fa7ad01fde71b9affee6f4b7a4bea26f064d722895d0fed
acd9b512fa356580dd8b1c054966eaa35159067492d7c1503016f2425c7eac6d
af1b188efb008d8d7822347c0d1e50fdb27c7dcd7a1d9f58802767610fac618c
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
c07757724315ea64dbd0ed4db461b18140a569b670344f0e9c46a00c52327f1d
cbc202ea48cba1398230753d5fc22954fcd0b68076a485e300b98a1ade40ba08
cc20b4e92c011dc10c3d14a544c9804d3a9f8151dd8afea65a9eadb0d583e367
cd513b7b57d060948197382686c76fffa441f44b2537e277a5aad8cb310e833d
d474dc345e121ded53a79227e5b725b11ab19bdb084365fd8f5c801ef7eb955c
d565897ad03c72b50634e6ab28c7d01d481ba7bdc6d9e14d8e78f578b93ebe90
d5d2fa989a3c5238e46a150141fca7641bcd274899267bd586703c7bbebd37e4
e28a44f05465881891ed02e04f286084a8fdb361d81e1877ea4f612f05dcddaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f6145e69c8181fd83c9644f84db5b47b2601c2a07dce569944eb9370d0bc295b
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae
f982a9dad50b916735a08b8e6f40efa7f97163106b18da079b144764c86a44a1
fe92a6173cf3561e51ae2fc7cd4839fcd30c9b77f76cf8efa5bddec08d303d14

www.xoom.com Open in urlscan Pro 151.101.193.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

27 %IPv6

10 Domains

12 Subdomains

12 IPs

2 Countries

579 kBTransfer

1612 kBSize

28 Cookies

9 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xoom.com Open in urlscan Pro
151.101.193.21 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

27 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

579 kB
Transfer

1612 kB
Size

28
Cookies

57 HTTP transactions
0 data transactions