xlrecordings.com Open in urlscan Pro
2606:4700::6812:b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xlrecordings.com/
Effective URL:
https://xlrecordings.com/
Submission: On September 14 via api (September 14th 2022, 7:39:43 am UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 18 domains to perform 67 HTTP transactions. The main IP is 2606:4700::6812:b, located in United States and belongs to CLOUDFLARENET, US. The main domain is xlrecordings.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2022. Valid for: a year.

This is the only time xlrecordings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700::68... 2606:4700::6812:b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.88.142 52.217.88.142	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	18.66.120.247 18.66.120.247	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6811:5c30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
67	19

15 2606:4700::6812:b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xlrecordings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.88.142 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:5c30 (United States)

ASN13335 (CLOUDFLARENET, US)

cf-cdn.beggars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	xlrecordings.com 1 redirects xlrecordings.com	145 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	1 KB
6	google.de www.google.de — Cisco Umbrella Rank: 3469	992 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 19	878 B
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	5 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1011	1 KB
4	beggars.com cf-cdn.beggars.com	6 MB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1027	89 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	197 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 427	17 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	33 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	29 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 870	356 B
1	t.co t.co — Cisco Umbrella Rank: 600	337 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 994	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 996	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	70 KB
1	amazonaws.com s3.amazonaws.com	140 KB
67	18

	Domain	Requested by
15	xlrecordings.com	1 redirects xlrecordings.com
7	www.facebook.com	xlrecordings.com
6	www.google.de	xlrecordings.com
6	www.google.com	2 redirects xlrecordings.com
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
4	tr.snapchat.com	sc-static.net
4	cf-cdn.beggars.com	xlrecordings.com
4	analytics.tiktok.com	xlrecordings.com analytics.tiktok.com
4	connect.facebook.net	xlrecordings.com connect.facebook.net
2	ssl.google-analytics.com	xlrecordings.com
2	www.googleadservices.com	xlrecordings.com www.googletagmanager.com
2	cdnjs.cloudflare.com	xlrecordings.com
1	analytics.twitter.com	xlrecordings.com
1	t.co	xlrecordings.com
1	sc-static.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googletagmanager.com	xlrecordings.com
1	s3.amazonaws.com	xlrecordings.com
67	18

This site contains links to these domains. Also see Links.

Domain
xl-uk.myshopify.com
arca.ffm.to
youtu.be
overmono.bandcamp.com
yaeji.com
everythingisrecorded.ffm.to
smarturl.it
thomyorke.ffm.to
www.netflix.com
x-l.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-11` - `2023-06-11`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-23` - `2022-09-21`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://xlrecordings.com/
Frame ID: 8503F41BAFE751838094390E075BE4B3
Requests: 65 HTTP requests in this frame

Frame: https://www.google.de/pagead/1p-user-list/1015948457/?random=1439308008430&cv=7&fst=1439305200000&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_aw=2560&u_cd=24&u_his=2&u_tz=60&u_java=true&u_nplug=6&u_nmime=8&frm=0&url=http%3A//xlrecordings.com/&is_vtc=1&random=1492068080&ipr=y
Frame ID: E934E0D5A5FB049387ED180EE09B1C4F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=4cfb446e-a851-4c62-b464-b48053eaa36a&u_scsid=4162a51d-1573-428f-8397-cd0d88eee866&u_sclid=6c81464d-376b-410c-8e68-1d6461e2f723
Frame ID: 5159DC3FECF401FA11E06CFE8105F403
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XL Recordings

Page URL History Show full URLs

http://xlrecordings.com/ HTTP 301
https://xlrecordings.com/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart
<a[^>]*href=[^>]*/Checkout

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

93 %
HTTPS

56 %
IPv6

18
Domains

18
Subdomains

19
IPs

2
Countries

6700 kB
Transfer

8137 kB
Size

19
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://xl-uk.myshopify.com/cart

Search URL Search Domain Scan URL

URL: https://xl-uk.myshopify.com/checkout
Title: Checkout

Search URL Search Domain Scan URL

URL: https://arca.ffm.to/incendio
Title: INCENDIO: Arca returns

Search URL Search Domain Scan URL

URL: https://youtu.be/zgArZ7h86Pc
Title: KING KRULE: Watch a live performance of Stoned Again

Search URL Search Domain Scan URL

URL: http://overmono.bandcamp.com/
Title: EVERYTHING U NEED: Overmono return

Search URL Search Domain Scan URL

URL: http://yaeji.com/juiceclub/
Title: YAEJI: Visit the Woofa Joofa Juice Club

Search URL Search Domain Scan URL

URL: https://arca.ffm.to/atatatatat
Title: @@@@@: ARCA returns with a new 62 minute single

Search URL Search Domain Scan URL

URL: https://everythingisrecorded.ffm.to/thenight
Title: THE NIGHT: Everything Is Recorded return with a new single

Search URL Search Domain Scan URL

URL: https://smarturl.it/hey-world
Title: HEY WORLD!: Watch King Krule perform four brand new songs

Search URL Search Domain Scan URL

URL: https://thomyorke.ffm.to/anima
Title: THOM YORKE: Listen to the new album, ANIMA, now

Search URL Search Domain Scan URL

URL: https://www.netflix.com/title/81110498
Title: ANIMA: Watch the new Thom Yorke one-reeler film, directed by Paul Thomas Anderson

Search URL Search Domain Scan URL

URL: http://x-l.co/spotsites
Title: Spotify

Search URL Search Domain Scan URL

URL: http://x-l.co/amusicxl
Title: Apple Music

Search URL Search Domain Scan URL

URL: http://x-l.co/youtubesite
Title: YouTube

Search URL Search Domain Scan URL

URL: http://x-l.co/instasite
Title: Instagram

Search URL Search Domain Scan URL

URL: http://x-l.co/sitefacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: http://x-l.co/tumblrsite
Title: Tumblr

Search URL Search Domain Scan URL

URL: http://x-l.co/twitsite
Title: Twitter

Search URL Search Domain Scan URL

URL: http://x-l.co/pcasite
Title: About

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xlrecordings.com/ HTTP 301
https://xlrecordings.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015948457/?random=1663141176936&cv=9&fst=1663141176936&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&auid=723824827.1663141177&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1015948457/?random=1663141176936&cv=9&fst=1663138800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&is_vtc=1&random=2793042458&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1015948457/?random=1663141176936&cv=9&fst=1663138800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&is_vtc=1&random=2793042458&resp=GooglemKTybQhCsO&ipr=y

Request Chain 45

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015948457/?random=1439308008430&cv=7&fst=1439308008430&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_aw=2560&u_cd=24&u_his=2&u_tz=60&u_java=true&u_nplug=6&u_nmime=8&frm=0&url=http%3A//xlrecordings.com/ HTTP 302
https://www.google.com/pagead/1p-user-list/1015948457/?random=1439308008430&cv=7&fst=1439305200000&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_aw=2560&u_cd=24&u_his=2&u_tz=60&u_java=true&u_nplug=6&u_nmime=8&frm=0&url=http%3A//xlrecordings.com/&is_vtc=1&random=1492068080 HTTP 302
https://www.google.de/pagead/1p-user-list/1015948457/?random=1439308008430&cv=7&fst=1439305200000&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_aw=2560&u_cd=24&u_his=2&u_tz=60&u_java=true&u_nplug=6&u_nmime=8&frm=0&url=http%3A//xlrecordings.com/&is_vtc=1&random=1492068080&ipr=y

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xlrecordings.com/
Redirect Chain

http://xlrecordings.com/
https://xlrecordings.com/

222 KB
15 KB

258ms
208ms

Document
text/html

2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bc23bb1bb803ce01d6cac2abbeef23c3be4997c77e3354102e53083ae51b77b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 74a77840dfb20215-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 07:39:36 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 74a7783fda0123c7-ZRH
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 14 Sep 2022 07:39:36 GMT
Location: https://xlrecordings.com/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 frontend-main.css
xlrecordings.com/build/css/ 136 KB
17 KB 197ms
194ms Stylesheet
text/css 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/build/css/frontend-main.css
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f8d8a0b3726d9ff869d88c1053309795eac36b5ab23a92bbcd8d34535f13a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "22142-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239a70215-ZRH
content-length: 16912
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 351ms
131ms Script
application/javascript 52.217.88.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.88.142 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 07:39:37 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: 0ZE2APQHPT6YPVJH
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: BTXSbdBjme5HGrsUGDxazO90eUNqpEj5RcXLAhV0TRCYD/IVR+PtfiOdq4TJYfZJHwNmzaXTQmg=

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
26 KB 84ms
37ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3583156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26660
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA0xAuG3qNipHKjSHBXu2z4xbXFrWMKnH03f1bMhyVXhYP2zxSd8l9Dx1zx%2FiVekLrQpy0fs%2Fo4KO8L4rHPwhtl8wnTXrxVmI9pVdN8qWJWXwOGOUMj6FQm61o0pNKkmXO9FMx1qZha7xM6n6sg6fUlN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74a778427bd70204-ZRH
expires: Mon, 04 Sep 2023 07:39:36 GMT

GET
H2 200 imagesloaded.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/ 7 KB
3 KB 81ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/imagesloaded.pkgd.min.js

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5997326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2101
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOptNgQagUtLxbFbO8CfGwl%2Fzv2U2CykjlIHRoOn0b72QF%2Bh6fVzZImWHjgpMunZVLQeD%2F6s5OjqRor4h9drn0dgDSrrOxQuDsrYWANck9IDgQECBIMT4fxA1MuA8yCFXG2TYaI5M3jr6XobFeu%2BZG9C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74a778427bd90204-ZRH
expires: Mon, 04 Sep 2023 07:39:36 GMT

GET
H2 200 jquery.fs.shifter.min.js Show response
xlrecordings.com/assets/vendor/Shifter/ 2 KB
971 B 163ms
160ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/assets/vendor/Shifter/jquery.fs.shifter.min.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 051a1afd32ae03d7a0362667b7b250765e650d285d32f19b146476b80b063164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "716-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239ab0215-ZRH
content-length: 890
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 fastclick.js Show response
xlrecordings.com/assets/vendor/fastclick/lib/ 25 KB
8 KB 154ms
151ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/assets/vendor/fastclick/lib/fastclick.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "656d-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239ac0215-ZRH
content-length: 7608
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 headroom.min.js Show response
xlrecordings.com/assets/vendor/headroom.js/dist/ 5 KB
2 KB 154ms
152ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/assets/vendor/headroom.js/dist/headroom.min.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71e29dc805be947621e422dbfce59ea80eb8b00641874275b6393c441f0e44d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "14f9-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239ad0215-ZRH
content-length: 1673
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 jQuery.headroom.min.js Show response
xlrecordings.com/assets/vendor/headroom.js/dist/ 589 B
451 B 162ms
160ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/assets/vendor/headroom.js/dist/jQuery.headroom.min.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 804ffa32a300f24ddef0c0a23be36b9d44ed3bf3e356d4f1f2c052df3d47f949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "24d-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239ae0215-ZRH
content-length: 370
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 combined.js Show response
xlrecordings.com/js/ 52 KB
17 KB 181ms
179ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/js/combined.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94c7b6d98d2a8a88ea0469f7314ec2166463b961a64ce1877bfb3effac4cf5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "cfd5-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239af0215-ZRH
content-length: 17759
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 modernizr.custom.34950.js Show response
xlrecordings.com/js/ 3 KB
1 KB 166ms
164ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/js/modernizr.custom.34950.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198284387f27c24e5eb2ec390e5640cd1f3d4a375080b55ae39c1c0dc0e24acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "b03-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239b00215-ZRH
content-length: 1356
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 slick.min.js Show response
xlrecordings.com/assets/vendor/slick-carousel/slick/ 40 KB
10 KB 170ms
168ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/assets/vendor/slick-carousel/slick/slick.min.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "9e0d-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239b10215-ZRH
content-length: 9736
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 jquery.scrollLock.js Show response
xlrecordings.com/assets/vendor/scrollLock/ 3 KB
999 B 170ms
169ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/assets/vendor/scrollLock/jquery.scrollLock.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d6063ad0f3f69f04b3faeb63c725e9f1f463924c0e0ebf9dbcf51075f578de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "be8-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239b20215-ZRH
content-length: 918
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 combined.min.js Show response
xlrecordings.com/build/js/ 2 KB
859 B 159ms
158ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/build/js/combined.min.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33223de6e5b7f18cd43d14831ddaa2c9733afa653cb10d91c0b6c1342cb42587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "759-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784239b30215-ZRH
content-length: 778
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 xl-script.js Show response
xlrecordings.com/js/ 6 KB
2 KB 176ms
175ms Script
application/javascript 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/js/xl-script.js
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1ec39bbd902ebcc4c85cbbc4cf94197d09b19ff266d0d5418742ab66d8cc246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: "16f6-5cecfcf98c100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a7784259d50215-ZRH
content-length: 2036
expires: Wed, 14 Sep 2022 11:39:36 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 132ms
80ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

54f3a516d9c95e0d4155c18c7555b6ab5d8b521c4a363fec0f31c900535a4bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17396
x-xss-protection: 0
server: cafe
etag: 16286937264090633215
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 07:39:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
70 KB 68ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSMQ3W8

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53b415a6a1e6cda6414ef2ce8f85361e327b594b1f9d7d040f4000bc9b0a9c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71531
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Sep 2022 07:39:36 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 78ms
77ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSMQ3W8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 07:39:36 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 78ms
21ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSMQ3W8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kcgs7200150-IAD, cache-muc13953-MUC

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 72ms
30ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSMQ3W8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 811f2e3d49494c1b9efce2da51082d3c79da94db5d80b8dc55504ff332aa3e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7961
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id: r07oB0KUnTya3AziTFUgViCjqTPmyvlF7vSSrkMU-9sDrhnqJeo7kg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 51ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1a86cfa0a3424cb341030e736bd10936e02a5eef335f68ed157879905aa08d7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26756
x-xss-protection: 0
pragma: public
x-fb-debug: gA+Sn1bplAppNLUFLl9qNZEV+7TGogMHSP9kh6lzxuIk03ks0rJYS2Iy8UX1BzZ2tcFnOKq1QDVf70UaV5IuKA==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:39:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 126 KB
37 KB 211ms
123ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BUQP0LIUUI4QLFTRFIUG&lib=ttq
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b0846e2085734628a05c6d4834946aa5b344f0576d1dff2095161237f5799c7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202209140739360D46B876361E74275421
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,23.36.161.200
x-tt-trace-host: 0179596d953e7d36d12bbea8e4f8f8f30a4cb5e421dc29634205823048364d635d697bc73c514a61150fd1cbd6cd6da2d2c6f39f2bb2513677909678cb1424334fecaeea829d9faa230d4f7ec99d416cc1
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
x-akamai-request-id: f199290b
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H2 200 lineto-akkurat-light.woff
xlrecordings.com/fonts/ 35 KB
35 KB 187ms
187ms Font
application/font-woff 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/fonts/lineto-akkurat-light.woff
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/build/css/frontend-main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0df1c2d61d4b2b69087dde2afdb8f9eec1a2cc00d40812d5fa1741951099dc3

Request headers

Referer: https://xlrecordings.com/build/css/frontend-main.css
Origin: https://xlrecordings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: W/"8a24-5cecfcf98c100"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=14400
cf-ray: 74a778438b940215-ZRH
expires: Wed, 14 Sep 2022 11:39:37 GMT

GET
H2 200 lineto-akkurat-regular.woff
xlrecordings.com/fonts/ 36 KB
36 KB 198ms
198ms Font
application/font-woff 2606:4700::6812:b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlrecordings.com/fonts/lineto-akkurat-regular.woff
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/build/css/frontend-main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42fae5b017274d4c996d79e497fb3a6764eacdc55943253e0b776c0b2b539a0

Request headers

Referer: https://xlrecordings.com/build/css/frontend-main.css
Origin: https://xlrecordings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 20 Oct 2021 21:53:40 GMT
server: cloudflare
etag: W/"8eec-5cecfcf98c100"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=14400
cf-ray: 74a778438bae0215-ZRH
expires: Wed, 14 Sep 2022 11:39:37 GMT

GET
H2 200 1913165795670864 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 244ms
244ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1913165795670864?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32887fcd13d0ca5d26c5e2a771fe4e01535d79ec5d943c8c19afde9a3ace67df

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: k8fKfnSakr6RJL+gijxoQVQXcqgSe7roUWXrgz7swzAywkmGg8zNb35MUWcQ6UiXCXdNPaUmulMFR8pRIty7uQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:39:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648006063/ 2 KB
1 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648006063/?random=1663141176932&cv=9&fst=1663141176932&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&auid=723824827.1663141177&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7a93b316c0a6beb25d37f2c2f67739a5d303aabecfa3df2294e861f328b1e97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1004
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/647098868/ 2 KB
2 KB 68ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/647098868/?random=1663141176935&cv=9&fst=1663141176935&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&auid=723824827.1663141177&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37d16b2448c5560f58f8a6b79b9f0a84896bce83fda43466e8c7fcba353f8911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1006
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1015948457/ 2 KB
1 KB 68ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015948457/?random=1663141176936&cv=9&fst=1663141176936&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&auid=723824827.1663141177&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4faf1f0bf187aa70bfc6b33b0a0f774a2b53e27927457f3e93c005879dccf749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1015948457/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015948457/?random=1663141176936&cv=9&fst=1663141176936&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
https://www.google.com/pagead/1p-user-list/1015948457/?random=1663141176936&cv=9&fst=1663138800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=...
https://www.google.de/pagead/1p-user-list/1015948457/?random=1663141176936&cv=9&fst=1663138800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...

42 B
64 B

68ms
33ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1015948457/?random=1663141176936&cv=9&fst=1663138800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&is_vtc=1&random=2793042458&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1015948457/?random=1663141176936&cv=9&fst=1663138800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&is_vtc=1&random=2793042458&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 170ms
132ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 117
date: Wed, 14 Sep 2022 07:39:36 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 4cdfa258f35cebc0e6a1f60f41539cf407c5bf6f980d80420a18f69f344b20b1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
356 B 166ms
119ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 14 Sep 2022 07:39:36 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 691d19ebc5a8aa34f105e1c02a7da27713dce0d48938263c5895995b45d85b49
content-length: 43

GET
H2 200 /
www.google.com/pagead/1p-user-list/647098868/ 42 B
108 B 69ms
29ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/647098868/?random=1663141176935&cv=9&fst=1663138800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&fmt=3&is_vtc=1&random=4090165452&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/647098868/ 42 B
108 B 70ms
30ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/647098868/?random=1663141176935&cv=9&fst=1663138800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&fmt=3&is_vtc=1&random=4090165452&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1015948457/ 42 B
548 B 66ms
27ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1015948457/?random=1663141176936&cv=9&fst=1663138800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&fmt=3&is_vtc=1&random=3551394356&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1015948457/ 42 B
548 B 69ms
30ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1015948457/?random=1663141176936&cv=9&fst=1663138800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&fmt=3&is_vtc=1&random=3551394356&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/648006063/ 42 B
108 B 67ms
28ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648006063/?random=1663141176932&cv=9&fst=1663138800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&fmt=3&is_vtc=1&random=3983104655&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/648006063/ 42 B
108 B 69ms
31ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/648006063/?random=1663141176932&cv=9&fst=1663138800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&async=1&fmt=3&is_vtc=1&random=3983104655&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 116ms
116ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BUQP0LIUUI4QLFTRFIUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id: 8866029e.f1992a7d
date: Wed, 14 Sep 2022 07:39:37 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-249-138.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time: 92,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202209140739370F6CB1A432B630543793
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.48.249.138
x-tt-trace-host: 0179596d953e7d36d12bbea8e4f8f8f30a398ab982233cced9412c999c357ba1bbd1cdc689f80909776d967b07ea0840dc64f309174a4a8dfe5a9052c6fda2f4798f2e55e5f959d01b0d4b5757402b8d829759a4afb0b627c696c6594fce2cd283
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 115ms
114ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BUQP0LIUUI4QLFTRFIUG&hostname=xlrecordings.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BUQP0LIUUI4QLFTRFIUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dd07a718956f5ede654da5304b3170c522b10a7ddf9796998af2d72701b98496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id: aa54c1.f1992aff
date: Wed, 14 Sep 2022 07:39:37 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-150.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time: 91,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=5, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 202209140739376545F71970B7D53C121C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.104.150
x-tt-trace-host: 0179596d953e7d36d12bbea8e4f8f8f30a398ab982233cced9412c999c357ba1bb59f002888f8dc7d331530263fe484b6792f503c63f68bdb861fd73fac815fe1eb6c083d2c3f253748ee6795cbd18132171e8971fa01b15eea9e1e51485256370
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H3 200 589070181169027 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 158ms
158ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/589070181169027?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38793223f32d505074d3fcb7a8f89d03ae8f431dfd8dcb224d98da5d51f25c60

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9TjfcOfqzml9m3eXaYbyOvxXgTaJ/QC3v8CbIEh6KsRh4Ts6pFID4TaOnOhbzDZRU1MFQi5lj3IbrNePhGYxXQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:39:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 51ms
17ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1913165795670864&ev=PageView&dl=https%3A%2F%2Fxlrecordings.com%2F&rl=&if=false&ts=1663141177208&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1663141177207.1041152320&it=1663141176925&coo=false&rqm=GET

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 51ms
17ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1913165795670864&ev=XL_Website&dl=https%3A%2F%2Fxlrecordings.com%2F&rl=&if=false&ts=1663141177209&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.1.1663141177207.1041152320&it=1663141176925&coo=false&rqm=GET

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 14 Sep 2022 07:39:37 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
548 B 128ms
128ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BUQP0LIUUI4QLFTRFIUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xlrecordings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202209140739373F533208CD813347BA3F
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 104,23.36.161.200
x-tt-trace-host: 0179596d953e7d36d12bbea8e4f8f8f30a4cb5e421dc29634205823048364d635d3ee8d4e14c2c575c0737cc04d648376c8f4805d99a50b9d8502ed83e83f26b851728f1fad87399cd832bdb0a8b010531
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=2, origin; dur=104
x-akamai-request-id: f1992c90
content-length: 0
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H2 200 630f2b55e6bae_KennyBeats_Plinth_Blue.jpg
cf-cdn.beggars.com/xlrecordings/site/images/news/ 2 MB
2 MB 251ms
183ms Image
image/jpeg 2606:4700::6811:5c30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-cdn.beggars.com/xlrecordings/site/images/news/630f2b55e6bae_KennyBeats_Plinth_Blue.jpg
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:5c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee792dcd9c04d12b92af995e7969417ddcbbfc9361cc3c204a7d86b41f620ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 31 Aug 2022 09:35:19 GMT
server: cloudflare
x-amz-request-id: C8JTGCAD01FJ38TV
etag: "7c473098d29f61d9cee31f21d02aec9e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
cf-bgj: h2pri
accept-ranges: bytes
cf-ray: 74a778470f7d01df-ZRH
content-length: 1941647
x-amz-id-2: TTz8lQgagpgCWYdHl77PIiNuhmSAHNFBJgbimmK44w+Kn6e3ZgtJGKcrviZCqN5WGND/3TiTQKw=
expires: Wed, 14 Sep 2022 11:39:37 GMT

GET
H2 200 62bda94b604a1_TheProdigy_FOTL25_Front.jpg
cf-cdn.beggars.com/xlrecordings/site/images/news/ 1 MB
1 MB 272ms
204ms Image
image/jpeg 2606:4700::6811:5c30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-cdn.beggars.com/xlrecordings/site/images/news/62bda94b604a1_TheProdigy_FOTL25_Front.jpg
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:5c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77419bba4135780df8642c911d48b8764a463a9255ebcdf193609acbfd9bd969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 30 Jun 2022 13:46:52 GMT
server: cloudflare
x-amz-request-id: C8JHKT4VRVFVRM8V
etag: "4f27b25b1ef06d6acf9ce93742380708"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
cf-bgj: h2pri
accept-ranges: bytes
cf-ray: 74a778470f8201df-ZRH
content-length: 1098609
x-amz-id-2: BQRPIWptNw1odYM8mlLZqF6NVBS3Ij6TB1v47eInzaIG07JgnzA9m61aigkAGlASbkfx7rshlcA=
expires: Wed, 14 Sep 2022 11:39:37 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1015948457/ 2 KB
1 KB 93ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015948457/?random=1663141177364&cv=9&fst=1663141177364&num=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

080df71b5edfb65e685d448c76ace5cdff01c07c114a8dbb5e80e75be1052799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/ Show response
www.google.de/pagead/1p-user-list/1015948457/ Frame E934
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015948457/?random=1439308008430&cv=7&fst=1439308008430&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_...
https://www.google.com/pagead/1p-user-list/1015948457/?random=1439308008430&cv=7&fst=1439305200000&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_aw=2560&u_cd=24&u_his=...
https://www.google.de/pagead/1p-user-list/1015948457/?random=1439308008430&cv=7&fst=1439305200000&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_aw=2560&u_cd=24&u_his=2...

63 B
100 B

27ms
27ms

Document
text/html

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/1p-user-list/1015948457/?random=1439308008430&cv=7&fst=1439305200000&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_aw=2560&u_cd=24&u_his=2&u_tz=60&u_java=true&u_nplug=6&u_nmime=8&frm=0&url=http%3A//xlrecordings.com/&is_vtc=1&random=1492068080&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55d72c33b656c305ead833e69ca22803255d396fd4bd8f54a43a51862271e468

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xlrecordings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 76
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:39:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 76
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 07:39:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://www.google.de/pagead/1p-user-list/1015948457/?random=1439308008430&cv=7&fst=1439305200000&num=1&fmt=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&u_h=1440&u_w=2560&u_ah=1417&u_aw=2560&u_cd=24&u_his=2&u_tz=60&u_java=true&u_nplug=6&u_nmime=8&frm=0&url=http%3A//xlrecordings.com/&is_vtc=1&random=1492068080&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c1d655d3f797eac625a4614308d9ac920f91b1be37f8f73b10e01f1c5be63dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Ycl5YfnpFz5877z7aV0PVQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2166
x-fb-rlafr: 0
x-fb-debug: K7GMfNu9t2VCUIFyNJiSmt9Mr9TC/FZtk9vT5hrdGXaVnbQfBZEg7Vx4XdUqsoBrVpqJ0CjYCI0orhMkPnBPDQ==
x-fb-content-md5: 5a629aa5e56bf26df98564ce1f801ef1
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 07:39:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2a8726c9ca4ddd436f310b834a34b044"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Sep 2022 07:41:18 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 54ms
16ms Script
text/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2924
date: Wed, 14 Sep 2022 06:50:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 14 Sep 2022 08:50:53 GMT

GET adsct
t.co/i/ 0
0

GET adsct
analytics.twitter.com/i/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 37ms
18ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=589070181169027&ev=PageView&dl=https%3A%2F%2Fxlrecordings.com%2F&rl=&if=false&ts=1663141177430&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1663141177207.1041152320&it=1663141176925&coo=false&rqm=GET

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 35ms
17ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1913165795670864&ev=PixelInitialized&dl=https%3A%2F%2Fxlrecordings.com%2F&rl=&if=false&ts=1663141177433&sw=1600&sh=1200&v=2.9.79&r=stable&ec=2&o=30&fbp=fb.1.1663141177207.1041152320&it=1663141176925&coo=false&rqm=GET

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 34ms
17ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=589070181169027&ev=PixelInitialized&dl=https%3A%2F%2Fxlrecordings.com%2F&rl=&if=false&ts=1663141177434&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.1.1663141177207.1041152320&it=1663141176925&coo=false&rqm=GET

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1015948457/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1015948457/?random=1663141177364&cv=9&fst=1663138800000&num=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&fmt=3&is_vtc=1&random=2818798047&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1015948457/ 42 B
64 B 34ms
34ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1015948457/?random=1663141177364&cv=9&fst=1663138800000&num=1&label=tGZSCJ2Q11kQqcm45AM&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fxlrecordings.com%2F&tiba=XL%20Recordings&fmt=3&is_vtc=1&random=2818798047&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 54ms
23ms Image
image/gif 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=146084314&utmhn=xlrecordings.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=XL%20Recordings&utmhid=1190047771&utmr=-&utmp=%2F&utmht=1663141177472&utmac=UA-155536-2&utmcc=__utma%3D263649221.494220693.1663141177.1663141177.1663141177.1%3B%2B__utmz%3D263649221.1663141177.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=593193440&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:39:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET adsct
t.co/i/ 0
0

GET adsct
analytics.twitter.com/i/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 17ms
16ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1913165795670864&ev=Microdata&dl=https%3A%2F%2Fxlrecordings.com%2F&rl=&if=false&ts=1663141177710&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22XL%20Recordings%22%2C%22meta%3Adescription%22%3A%22Independent%20Record%20Label%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22XL%20Recordings%22%2C%22og%3Atype%22%3A%22company%22%2C%22og%3Adescription%22%3A%22XL%20is%20an%20independent%20record%20label.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.xlrecordings.com%2Fimg%2Ffacebook.jpg%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fxlrecordings.com%2F%22%2C%22og%3Asite_name%22%3A%22http%3A%2F%2Fwww.xlrecordings.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=3&o=30&fbp=fb.1.1663141177207.1041152320&it=1663141176925&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 07:39:37 GMT

GET
H2 200 62bda94b604a1_TheProdigy_FOTL25_Front.jpg
cf-cdn.beggars.com/xlrecordings/site/images/news/ 1 MB
1 MB 243ms
192ms Image
image/jpeg 2606:4700::6811:5c30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-cdn.beggars.com/xlrecordings/site/images/news/62bda94b604a1_TheProdigy_FOTL25_Front.jpg
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/js/combined.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:5c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77419bba4135780df8642c911d48b8764a463a9255ebcdf193609acbfd9bd969

Request headers

Referer: https://xlrecordings.com/
Origin: https://xlrecordings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: Y1XMH9JPN3NA77PQ
content-length: 1098609
x-amz-id-2: Mtq76Ply61mpJ0uTtyg+AbVysdcwv+qZUvHlHUYpa6y0dQKY86mOoATSkZ1swU+t8VouUGO7p4Q=
last-modified: Thu, 30 Jun 2022 13:46:52 GMT
server: cloudflare
etag: "4f27b25b1ef06d6acf9ce93742380708"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a778492b10021d-ZRH
expires: Wed, 14 Sep 2022 11:39:37 GMT

GET
H2 200 630f2b55e6bae_KennyBeats_Plinth_Blue.jpg
cf-cdn.beggars.com/xlrecordings/site/images/news/ 2 MB
2 MB 194ms
169ms Image
image/jpeg 2606:4700::6811:5c30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-cdn.beggars.com/xlrecordings/site/images/news/630f2b55e6bae_KennyBeats_Plinth_Blue.jpg
Requested by: Host: xlrecordings.com
URL: https://xlrecordings.com/js/combined.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:5c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee792dcd9c04d12b92af995e7969417ddcbbfc9361cc3c204a7d86b41f620ce

Request headers

Referer: https://xlrecordings.com/
Origin: https://xlrecordings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: Y1XTN4BED723EHFY
content-length: 1941647
x-amz-id-2: Ysn/1gp12YBtY+667O7qSZrBjgxwwMb+KIimmeNl/WghyUhknhwW0S1Rw8B1vC0ukdEE/vbr3xE=
last-modified: Wed, 31 Aug 2022 09:35:19 GMT
server: cloudflare
etag: "7c473098d29f61d9cee31f21d02aec9e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74a778492b15021d-ZRH
expires: Wed, 14 Sep 2022 11:39:37 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 16ms
15ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=589070181169027&ev=Microdata&dl=https%3A%2F%2Fxlrecordings.com%2F&rl=&if=false&ts=1663141178001&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22XL%20Recordings%22%2C%22meta%3Adescription%22%3A%22Independent%20Record%20Label%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22XL%20Recordings%22%2C%22og%3Atype%22%3A%22company%22%2C%22og%3Adescription%22%3A%22XL%20is%20an%20independent%20record%20label.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.xlrecordings.com%2Fimg%2Ffacebook.jpg%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fxlrecordings.com%2F%22%2C%22og%3Asite_name%22%3A%22http%3A%2F%2Fwww.xlrecordings.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=2&o=30&fbp=fb.1.1663141177207.1041152320&it=1663141176925&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: xlrecordings.com
URL: https://xlrecordings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 14 Sep 2022 07:39:38 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
479 B 73ms
25ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=4cfb446e-a851-4c62-b464-b48053eaa36a

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

1419edddacb2383f1ed471fb694ca67096f6cdc434d6d5128734b272ef333f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:38 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://xlrecordings.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
164 B 74ms
26ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=4cfb446e-a851-4c62-b464-b48053eaa36a&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

728f431c23fa143cef436d3f625fc369d4ba3e094cf3c48cfd474266c623ee05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:38 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://xlrecordings.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 5159 0
294 B 63ms
26ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=4cfb446e-a851-4c62-b464-b48053eaa36a&u_scsid=4162a51d-1573-428f-8397-cd0d88eee866&u_sclid=6c81464d-376b-410c-8e68-1d6461e2f723

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://xlrecordings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 14 Sep 2022 07:39:38 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
305 B 53ms
27ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=5ef46276-1342-40ed-9fc2-25b2f21eaa0e&pid=4cfb446e-a851-4c62-b464-b48053eaa36a&ev=PAGE_VIEW&pl=https%3A%2F%2Fxlrecordings.com%2F&ts=1663141178087&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=682&m_rd=1840&m_pi=1124&m_dcl=1147.3999996185303&m_fcps=0&m_pl=1829.3999996185303&m_ic=0&m_pv=v2&u_c1=9e4b09cf-9fe5-4cfd-9d3a-0ea7e024db37&u_scsid=4162a51d-1573-428f-8397-cd0d88eee866&u_sclid=6c81464d-376b-410c-8e68-1d6461e2f723&s_r_ids=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xlrecordings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:39:38 GMT
via: 1.1 google
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.co
URL: https://t.co/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27

Domain: t.co
URL: https://t.co/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 06:00:27	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
xlrecordings.com/	1970-01-20 05:59:08	Name: XSRF-TOKEN Value: eyJpdiI6ImNcL0w5R1EzT1dna0ptcXl2eWt1dWVnPT0iLCJ2YWx1ZSI6IkduSzc1dTZLRnZ3TzNTcUhpSm93ZEhWTjRSSittYUtXMllnMEhCcVVkUTBcL1VCd296NFdIOVFVcUs3TUZuT3ZYIiwibWFjIjoiMGQ3MzA2YjJjYTRkM2M0ZDg1MGMxYzU3ZjQ5ZWM0YjBkNmM3MTkxMzNkYTE1MTVlMjU5ZTMxZTY2MTYxYzRmZiJ9
xlrecordings.com/	1970-01-20 05:59:08	Name: laravel_session Value: eyJpdiI6Ik43M2ZNZXRkTHpKSnFhZnYzY2dpQ2c9PSIsInZhbHVlIjoiVm1KVXVHTG1PQmd2bnJ2R0FIckczREZvUXRIa3J0VzZEN3FCUTRpbmFpSzgxV1dqdDhVMkgrRmFYQkxuSDVJMiIsIm1hYyI6IjMwOTU3OGZkYzIwMzY2MjRkYjdmNTMyMWZmN2RlNmJlOWE3M2MxZmM0MjBmOWZlZWViMWMzNjdlYmVjMGZiZmYifQ%3D%3D
.xlrecordings.com/	1970-01-20 08:08:37	Name: _gcl_au Value: 1.1.723824827.1663141177
.twitter.com/	1970-01-20 15:35:01	Name: personalization_id Value: "v1_sywH5GB9kQxOTaBRdGqZXQ=="
.t.co/	1970-01-20 15:35:01	Name: muc_ads Value: bdf0313f-03a7-4b00-ac14-57159279a150
.tiktok.com/	1970-01-20 15:20:37	Name: _ttp Value: 2EkYidvUTDDKySoxJKqBotL8dgW
.xlrecordings.com/	1970-01-20 08:08:37	Name: _fbp Value: fb.1.1663141177207.1041152320
.xlrecordings.com/	1970-01-20 15:20:37	Name: _tt_enable_cookie Value: 1
.xlrecordings.com/	1970-01-20 15:20:37	Name: _ttp Value: b04fa081-dcb7-455d-9bb6-d732b95a9cdd
.facebook.com/	1970-01-20 08:08:37	Name: fr Value: 0mHjiUaTqwWKVyDgL..BjIYU5...1.0.BjIYU5.
.doubleclick.net/	1970-01-20 15:20:37	Name: IDE Value: AHWqTUnZKWnPdUI5ctK7ebNYnRPyvuh4v_srAdreSF4ww2KM9r3M1cUiRUKj2_II
.xlrecordings.com/	1970-01-20 15:35:01	Name: __utma Value: 263649221.494220693.1663141177.1663141177.1663141177.1
.xlrecordings.com/	1969-12-31 23:59:59	Name: __utmc Value: 263649221
.xlrecordings.com/	1970-01-20 10:21:49	Name: __utmz Value: 263649221.1663141177.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.xlrecordings.com/	1970-01-20 05:59:01	Name: __utmt Value: 1
.xlrecordings.com/	1970-01-20 05:59:02	Name: __utmb Value: 263649221.1.10.1663141177
.xlrecordings.com/	1970-01-20 15:28:47	Name: _scid Value: 9e4b09cf-9fe5-4cfd-9d3a-0ea7e024db37
.snapchat.com/	1970-01-20 15:20:37	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ0AIQgEwIpI2GPlKQdzWgXFO3Pqp6VSOunCy5Be+0gHai/ta1/NwN1AIHL0ATGOxJIyAAAA

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://xlrecordings.com/ Message: Access to image at 'https://t.co/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27' from origin 'https://xlrecordings.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://t.co/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://xlrecordings.com/ Message: Access to image at 'https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27' from origin 'https://xlrecordings.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://xlrecordings.com/ Message: Access to image at 'https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27' from origin 'https://xlrecordings.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://xlrecordings.com/ Message: Access to image at 'https://t.co/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27' from origin 'https://xlrecordings.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://t.co/i/adsct?bci=3&eci=2&event_id=28b65407-90ec-4db5-b05a-1580ce58a108&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f0660d1-74b6-4557-b9a4-0376d89d402d&tw_document_href=https%3A%2F%2Fxlrecordings.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o41uk&type=javascript&version=2.3.27 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analytics.twitter.com
cdnjs.cloudflare.com
cf-cdn.beggars.com
connect.facebook.net
googleads.g.doubleclick.net
s3.amazonaws.com
sc-static.net
ssl.google-analytics.com
static.ads-twitter.com
t.co
tr.snapchat.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
xlrecordings.com
analytics.twitter.com
t.co
104.244.42.195
104.244.42.197
172.217.23.98
18.66.120.247
199.232.188.157
23.36.163.228
2606:4700::6811:180e
2606:4700::6811:5c30
2606:4700::6812:b
2a00:1450:4001:803::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:82a::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.190.43.134
52.217.88.142
051a1afd32ae03d7a0362667b7b250765e650d285d32f19b146476b80b063164
080df71b5edfb65e685d448c76ace5cdff01c07c114a8dbb5e80e75be1052799
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1419edddacb2383f1ed471fb694ca67096f6cdc434d6d5128734b272ef333f01
198284387f27c24e5eb2ec390e5640cd1f3d4a375080b55ae39c1c0dc0e24acc
1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
32887fcd13d0ca5d26c5e2a771fe4e01535d79ec5d943c8c19afde9a3ace67df
33223de6e5b7f18cd43d14831ddaa2c9733afa653cb10d91c0b6c1342cb42587
37d16b2448c5560f58f8a6b79b9f0a84896bce83fda43466e8c7fcba353f8911
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
38793223f32d505074d3fcb7a8f89d03ae8f431dfd8dcb224d98da5d51f25c60
3ee792dcd9c04d12b92af995e7969417ddcbbfc9361cc3c204a7d86b41f620ce
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
4faf1f0bf187aa70bfc6b33b0a0f774a2b53e27927457f3e93c005879dccf749
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350
53b415a6a1e6cda6414ef2ce8f85361e327b594b1f9d7d040f4000bc9b0a9c62
54d6063ad0f3f69f04b3faeb63c725e9f1f463924c0e0ebf9dbcf51075f578de
54f3a516d9c95e0d4155c18c7555b6ab5d8b521c4a363fec0f31c900535a4bf1
55d72c33b656c305ead833e69ca22803255d396fd4bd8f54a43a51862271e468
5bc23bb1bb803ce01d6cac2abbeef23c3be4997c77e3354102e53083ae51b77b
5c1d655d3f797eac625a4614308d9ac920f91b1be37f8f73b10e01f1c5be63dc
71e29dc805be947621e422dbfce59ea80eb8b00641874275b6393c441f0e44d1
728f431c23fa143cef436d3f625fc369d4ba3e094cf3c48cfd474266c623ee05
77419bba4135780df8642c911d48b8764a463a9255ebcdf193609acbfd9bd969
804ffa32a300f24ddef0c0a23be36b9d44ed3bf3e356d4f1f2c052df3d47f949
811f2e3d49494c1b9efce2da51082d3c79da94db5d80b8dc55504ff332aa3e46
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94c7b6d98d2a8a88ea0469f7314ec2166463b961a64ce1877bfb3effac4cf5c8
a1a86cfa0a3424cb341030e736bd10936e02a5eef335f68ed157879905aa08d7
a1f8d8a0b3726d9ff869d88c1053309795eac36b5ab23a92bbcd8d34535f13a1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0846e2085734628a05c6d4834946aa5b344f0576d1dff2095161237f5799c7a
b0df1c2d61d4b2b69087dde2afdb8f9eec1a2cc00d40812d5fa1741951099dc3
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
c42fae5b017274d4c996d79e497fb3a6764eacdc55943253e0b776c0b2b539a0
c7a93b316c0a6beb25d37f2c2f67739a5d303aabecfa3df2294e861f328b1e97
d1ec39bbd902ebcc4c85cbbc4cf94197d09b19ff266d0d5418742ab66d8cc246
dd07a718956f5ede654da5304b3170c522b10a7ddf9796998af2d72701b98496
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

xlrecordings.com Open in urlscan Pro 2606:4700::6812:b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

93 %HTTPS

56 %IPv6

18 Domains

18 Subdomains

19 IPs

2 Countries

6700 kBTransfer

8137 kBSize

19 Cookies

19 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xlrecordings.com Open in urlscan Pro
2606:4700::6812:b Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

93 %
HTTPS

56 %
IPv6

18
Domains

18
Subdomains

19
IPs

2
Countries

6700 kB
Transfer

8137 kB
Size

19
Cookies

67 HTTP transactions
0 data transactions