Submitted URL: http://xferrecords.com/
Effective URL: https://xferrecords.com/
Submission Tags: tranco_l324
Submission: On March 09 via api from DE — Scanned from NL

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 38 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is xferrecords.com.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.
This is the only time xferrecords.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
14 xferrecords.com
xferrecords.com
2 MB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
123 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1155
m.stripe.com — Cisco Umbrella Rank: 1134
170 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2089
21 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1243
18 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
153 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 242
621 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 622
16 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 3336
1 plyr.io
cdn.plyr.io — Cisco Umbrella Rank: 13111
6 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1141
6 KB
38 13
Domain Requested by
14 xferrecords.com 2 redirects xferrecords.com
6 cdnjs.cloudflare.com xferrecords.com
3 js.stripe.com xferrecords.com
js.stripe.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com xferrecords.com
www.googletagmanager.com
2 fonts.googleapis.com xferrecords.com
1 bam.nr-data.net js-agent.newrelic.com
1 m.stripe.com m.stripe.network
1 js-agent.newrelic.com xferrecords.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.polyfill.io xferrecords.com
1 cdn.plyr.io xferrecords.com
1 maxcdn.bootstrapcdn.com xferrecords.com
38 15

This site contains links to these domains. Also see Links.

Domain
support.xferrecords.com
Subject Issuer Validity Valid
xferrecords.com
GTS CA 1P5
2024-01-14 -
2024-04-13
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-01-28 -
2024-04-27
3 months crt.sh
cdn.plyr.io
Cloudflare Inc ECC CA-3
2023-04-12 -
2024-04-10
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA
2024-02-20 -
2025-02-19
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-02-07 -
2024-05-09
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-01-15 -
2025-02-15
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2024-05-23
3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-29 -
2024-10-01
a year crt.sh

This page contains 4 frames:

Primary Page: https://xferrecords.com/
Frame ID: D2776BBCE846E18FB44BACCB987E3DFA
Requests: 31 HTTP requests in this frame

Frame: https://xferrecords.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Frame ID: 85F111C1D065FF698026C74FE6FB3332
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: CB0383BC11D5F2851EA9D7D595ABA426
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CFF44D28D804310148952ADC2467198E
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

XferRecords.com | Home of the Xfer Records VST Suite

Page URL History Show full URLs

  1. http://xferrecords.com/ HTTP 301
    https://xferrecords.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

38
Requests

97 %
HTTPS

80 %
IPv6

13
Domains

15
Subdomains

15
IPs

2
Countries

2076 kB
Transfer

4871 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xferrecords.com/ HTTP 301
    https://xferrecords.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://xferrecords.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://xferrecords.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xferrecords.com/
Redirect Chain
  • http://xferrecords.com/
  • https://xferrecords.com/
38 KB
15 KB
Document
General
Full URL
https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63996b381b244b9d0132ca12c4544340d5d50177c1eb45953c493dd5d555e559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
861a0fdecafa1ca4-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 09:33:11 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709976791&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sObhpTDSTdKOvCb5o9Oqrwj7v2Q3iaG6nqxs6NlNzeg%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709976791&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sObhpTDSTdKOvCb5o9Oqrwj7v2Q3iaG6nqxs6NlNzeg%3D
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
4e79012d-4e62-4ea4-82c6-f43f98067446
x-runtime
0.006437
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
861a0fde5dfb7971-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 09 Mar 2024 09:33:10 GMT
Expires
Sat, 09 Mar 2024 10:33:10 GMT
Location
https://xferrecords.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMOj5IMBXX4rgaVQgSTMwOkq2vBP%2FjcHpbG0MtUaNeBIRLsoevWHHGR5nYf0d8cQFiuXfRBGkbwFgVm7q1BDQxCfirplmLyC%2BAx00pH0OMAWcichybdSpKaiw1RSGB4gzGyTLX6xmyjH1Ag4VgQ%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/
4 KB
995 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
872f21bef4d6bb0fd9e9631058734d1654d34c6be0362b379afa7124c7c883cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 09:28:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Mar 2024 09:33:11 GMT
application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
xferrecords.com/assets/
222 KB
38 KB
Stylesheet
General
Full URL
https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
093a568626d7d67606ac4177f15a6c7ff27948f11c66901ad5e7eb64228539c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
2803
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1707551153&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=2ELOgtxffAN6%2Fw065ed3EGlnK602hCfc5bpcYR%2BGhBw%3D
last-modified
Mon, 08 Jan 2024 06:04:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1707551153&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=2ELOgtxffAN6%2Fw065ed3EGlnK602hCfc5bpcYR%2BGhBw%3D"}]}
content-type
text/css
cache-control
max-age=14400
cf-ray
861a0fe15dbc1ca4-AMS
css
fonts.googleapis.com/
11 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 07:52:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Mar 2024 09:33:11 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
23 KB
6 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
8668039
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
861a0fe18efe1cb6-AMS
cdn-requestpullsuccess
True
plyr.css
cdn.plyr.io/3.6.4/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdn.plyr.io/3.6.4/plyr.css
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e7e4de1e9f1853967930e65e54635ba278937653525e048ec92f5639139f6d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10311543
cf-polished
origSize=37857
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 20 Apr 2023 10:33:43 GMT
server
cloudflare
etag
W/"2b9e0ce172efe5fb04d6e8a2583bf663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aB1y4CI9yZ%2BK83ZmIx2VA0FSx5mDTy3OENM6QeefkvgTzhCyNkqN6BZTA5CFW9hM46KFkSA18Rco4MxLb6SUJumyeqC7eseYMQdEfGfRKexip7Cv3EJ4QSYSLKcsT6b25oQ5mlvysu4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
861a0fe19b8f06e0-AMS
core.min.js
cdnjs.cloudflare.com/ajax/libs/core-js/2.6.4/
90 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/core-js/2.6.4/core.min.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6b0114e381f79e0051a3b6ae76c3ea12533ae44e1422447ff77f7afa99127d9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
122018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26971
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-166bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyH4ceA3AGl1sGECVVkeGVXYkbtF88WRbxhN2hNf9j7Ksta2iKwd7VydwhlYsv2MWacKsYynZEdGu7HaDnN2O9ePzkd6SWgdVvVbQFUupA2Hn9zJaAmSYva%2B2HA%2BtG%2FuPkp0uDx14M3SZBR2O4gzxhZY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
861a0fe18be95c41-AMS
expires
Thu, 27 Feb 2025 09:33:11 GMT
polyfill.min.js
cdn.polyfill.io/v1/
0
0
Script
General
Full URL
https://cdn.polyfill.io/v1/polyfill.min.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
cf-cache-status
EXPIRED
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
861a0fe189fa0b62-AMS
content-length
9
expires
Sat, 16 Mar 2024 09:33:11 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/
85 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2038474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8mBydc7eRHBlYHloPzzUFCX6JIe7sBrjWk0c%2BWlo49INMVj1AwIHsuC9k1X9ZSjtNBpP8BfHTCGf3Ayp34h3irbRDxH%2Bj3jT4ItCGJVDzPHlS63otj8%2BZCjWJOIxjGp5%2B5mDCt%2BOaUq0M5L7%2BGhFhP%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
861a0fe18be85c41-AMS
expires
Thu, 27 Feb 2025 09:33:11 GMT
jquery-ui.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/
248 KB
57 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
130937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57137
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-3dee5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6Y%2F7DlsAnKIuplNj9focIdsytlEI9J%2BmGZdLiZTO81CxihC%2Bc58xpaAL0zS3QjnKrHXZwK2Ohq1uzmNh0YCWUGWXgTdw7V8kUmOuo1J2HbfpCtNMmcOJsmw8qlYpYq7V547g3aqk6MYbqyWuNO6pGQS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
861a0fe18be75c41-AMS
expires
Thu, 27 Feb 2025 09:33:11 GMT
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
47293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
701
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCyU2J9faBdKJpKdhTc%2BYw2vzEQ4SgTLnZlcE6FoiukgYcGwZoc9iBHA9Rl0YoToGwPqb0jdIGzRw71ketHny6ReF3vNjSKOdUz9LIisAZBQTUMZpxb2Bp82utfDqjbk6uLEOFZ6YwfhtLyfsKCqJNO7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
861a0fe18be45c41-AMS
expires
Thu, 27 Feb 2025 09:33:11 GMT
application-761010e502a0786282e500b8c0a8698f0ae6eab458a970a528e77adc4da50731.js
xferrecords.com/assets/
1019 KB
290 KB
Script
General
Full URL
https://xferrecords.com/assets/application-761010e502a0786282e500b8c0a8698f0ae6eab458a970a528e77adc4da50731.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6911fa76e28067f195a62c1c3c18420a827d6bdd96485334c3421a81455c43ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
4931
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1707551153&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=2ELOgtxffAN6%2Fw065ed3EGlnK602hCfc5bpcYR%2BGhBw%3D
last-modified
Fri, 14 Apr 2023 02:17:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1707551153&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=2ELOgtxffAN6%2Fw065ed3EGlnK602hCfc5bpcYR%2BGhBw%3D"}]}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
861a0fe15dbd1ca4-AMS
/
js.stripe.com/v3/
605 KB
168 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 09:33:11 GMT
via
1.1 varnish
age
61
x-cache
HIT
content-length
171169
x-request-id
bf159781-8dd5-4727-9cca-dd99806d1adc
x-served-by
cache-ams21080-AMS
last-modified
Sat, 09 Mar 2024 03:17:41 GMT
server
Fastly
etag
"0d82e47134264113b6f556b7b393025a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/
10 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
128036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2905
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-29a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViW%2BWk2yXqfw4G%2BZUDgJJSnurW4ijCrQU7RIpeUuC1AJzeAVcfPyouskpvw19Iq9djZelteHENOeDkYELhor8C1MbG2qPiw1y%2BKFmoVMqLECcnvWS1%2Bp1WeTMl5%2BIP4pchMUZVyuQYN%2Fn0qrB%2FSZvrVa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
861a0fe18be55c41-AMS
expires
Thu, 27 Feb 2025 09:33:11 GMT
jquery.form-validator.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/
29 KB
8 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
211646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8247
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-72c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBgsiKV9cFWXGdM88Bwh7tehIiLytENkJGQ3fnFFW2jtSccTtvugP2OZtV3F88TM9mA%2BsCLqfAgEZSiitsxgMFfdL6pCkS4QPcqaT%2FCZCBAvi2jZOr1PMM%2BwxpEWwAfrAOP9XYkEKTI1Tcqz8mRPiECr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
861a0fe18be65c41-AMS
expires
Thu, 27 Feb 2025 09:33:11 GMT
application-8187b63ab0982c651fa0.js
xferrecords.com/packs/js/
850 KB
228 KB
Script
General
Full URL
https://xferrecords.com/packs/js/application-8187b63ab0982c651fa0.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2153f32ba5cf1781611827c48c15c3e7552fcde6db2b59c149291b15a62889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
4931
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1707551153&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=2ELOgtxffAN6%2Fw065ed3EGlnK602hCfc5bpcYR%2BGhBw%3D
last-modified
Thu, 11 Jan 2024 19:19:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1707551153&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=2ELOgtxffAN6%2Fw065ed3EGlnK602hCfc5bpcYR%2BGhBw%3D"}]}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
861a0fe15dbf1ca4-AMS
js
www.googletagmanager.com/gtag/
193 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-15086303-2
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b270f40c57f0ac70da7fd8931acd9992274af9e809e2d736e432a8452360676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71805
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Mar 2024 09:33:11 GMT
logo-c81de2e88246c65304c11f1409567fea551423c69931a0af5c8025f9ae8387e0.png
xferrecords.com/assets/
18 KB
18 KB
Image
General
Full URL
https://xferrecords.com/assets/logo-c81de2e88246c65304c11f1409567fea551423c69931a0af5c8025f9ae8387e0.png
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afbb1c7def15be1f3f104a967629854af7921f2544eb89d63f214a5eedbeed55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
3497
alt-svc
h3=":443"; ma=86400
content-length
18274
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1699595256&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=RsbICBIErvuAjNb9FtkN3EoNoe%2BgDeKboUCwKf95DQY%3D
last-modified
Thu, 17 Feb 2022 16:35:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699595256&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=RsbICBIErvuAjNb9FtkN3EoNoe%2BgDeKboUCwKf95DQY%3D"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
861a0fe15dc01ca4-AMS
triangles2-d10a9aa4a1ae90fef3bb2a7c3d5089cda51fe1d99ded1dc6188a4279ceaed751.png
xferrecords.com/assets/
85 KB
86 KB
Image
General
Full URL
https://xferrecords.com/assets/triangles2-d10a9aa4a1ae90fef3bb2a7c3d5089cda51fe1d99ded1dc6188a4279ceaed751.png
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f588dbf2a4112ba0eb871429655ff767afa9fec1ddc72746fe5d1a216f870b00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
3960
alt-svc
h3=":443"; ma=86400
content-length
87232
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1701331439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=95MDqTfoWdeHxCSHRPLZl590cB4SvVKSykV4wFrX81Y%3D
last-modified
Thu, 17 Feb 2022 16:35:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701331439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=95MDqTfoWdeHxCSHRPLZl590cB4SvVKSykV4wFrX81Y%3D"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
861a0fe2f8c393be-AMS
serum-1eb878fdaf825e0312e9f87edfaafe504a0b622c48585d388e70bbab807cc387.png
xferrecords.com/assets/products2/
516 KB
517 KB
Image
General
Full URL
https://xferrecords.com/assets/products2/serum-1eb878fdaf825e0312e9f87edfaafe504a0b622c48585d388e70bbab807cc387.png
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a003a7bfdf286bf9d1b992b9ea4f358db996f706375b198a44c4faa34b0ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
1127
alt-svc
h3=":443"; ma=86400
content-length
528699
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1704290081&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BYVWQc05NvsEvt6qrbvRt5m1IwcK3qqADnBksYF8G2I%3D
last-modified
Thu, 17 Feb 2022 16:35:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704290081&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BYVWQc05NvsEvt6qrbvRt5m1IwcK3qqADnBksYF8G2I%3D"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
861a0fe2f8c693be-AMS
lfotool-1ff1415d592737f66c073818c6d6e03b96edc68aa666cda8f1d0696305addac6.png
xferrecords.com/assets/products2/
92 KB
93 KB
Image
General
Full URL
https://xferrecords.com/assets/products2/lfotool-1ff1415d592737f66c073818c6d6e03b96edc68aa666cda8f1d0696305addac6.png
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9010cf8aedcd2a9016acb61f8daa1f3fa2cab95add69fd4e5e0472bc2f400521
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
1127
alt-svc
h3=":443"; ma=86400
content-length
94287
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1701321076&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Yxv1HXC4hSPqH2pFgthCO9rpeo6g5XyIyrH4zVnyJIA%3D
last-modified
Thu, 17 Feb 2022 16:35:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701321076&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Yxv1HXC4hSPqH2pFgthCO9rpeo6g5XyIyrH4zVnyJIA%3D"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
861a0fe2f8c793be-AMS
cthulhu-ac13d9a6135052c7c9305d9178d4acf3beaf8df92e49bcae2d64c0f4b8026161.png
xferrecords.com/assets/products2/
150 KB
150 KB
Image
General
Full URL
https://xferrecords.com/assets/products2/cthulhu-ac13d9a6135052c7c9305d9178d4acf3beaf8df92e49bcae2d64c0f4b8026161.png
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7ca1c3cf9317b1900e618ca9038d889e0d008d2feb40c7df8baf3e51d0f72a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
1127
alt-svc
h3=":443"; ma=86400
content-length
153442
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1701337670&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=qfAzMTa5IPAQn3U8g226g3DJb9ER0mTx4d8yDmmFx8w%3D
last-modified
Thu, 17 Feb 2022 16:35:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701337670&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=qfAzMTa5IPAQn3U8g226g3DJb9ER0mTx4d8yDmmFx8w%3D"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
861a0fe2f8c893be-AMS
nerve-a91adb5db152381fc310b8b61b871d6538d01c849712f925d71cfc843947cffa.png
xferrecords.com/assets/products2/
104 KB
105 KB
Image
General
Full URL
https://xferrecords.com/assets/products2/nerve-a91adb5db152381fc310b8b61b871d6538d01c849712f925d71cfc843947cffa.png
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
551b70f1a32fc9a829f0cc159c6070f4d843cf49efd1c42cd89f187584d2e749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/assets/application-21405f42fa8b8504b1826ac47ee569522c6d3d08449ec4fc30b0b590fde61f38.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
1127
alt-svc
h3=":443"; ma=86400
content-length
106963
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1699579931&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=dSHU1vDHdeUHR4rZ7T4SKyaA2U4eQltYrEdbxpq64xg%3D
last-modified
Thu, 17 Feb 2022 16:35:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699579931&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=dSHU1vDHdeUHR4rZ7T4SKyaA2U4eQltYrEdbxpq64xg%3D"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
861a0fe2f8cb93be-AMS
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xferrecords.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 00:50:54 GMT
x-content-type-options
nosniff
age
376937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 00:50:54 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xferrecords.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 09:00:04 GMT
x-content-type-options
nosniff
age
347587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 09:00:04 GMT
main.js
xferrecords.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame 85F1
Redirect Chain
  • https://xferrecords.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://xferrecords.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
8 KB
4 KB
Script
General
Full URL
https://xferrecords.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4aa44eda7884ac584db3b8ca5e225b1d4d0be1a977e0d4e0965a7e9ef2de15b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMYNwMLhpjUqmpp8%2FJ51V6%2BwRRUriorJb6esEWY5dkrXAJO3sJLGzAjDDA4ae83B7VRCsvJfldjWLW4WmvtkrWzKFJoFwlUY%2F6cMhT9CV%2BIQQJJ2BEu%2BcqJMrWLMRif7eFoKhHpr1Msw6FOXsGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
861a0fe3ba3b93be-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 09 Mar 2024 09:33:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjvGmVPyIo88wrMQlmcxTJj%2B%2BV6H7p1VQpnnbr7%2B8k8a7dwtdHPhcsDerHiSY%2BuKi53dRf1vSAEkL%2BgcjKWHIoAGL2z3HtHoEib%2FMnF%2Fh0Zq1Ye%2BfjaORb751GXAUVmZOFKsEcHdWN%2Bk2VeW1bs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
cache-control
max-age=300, public
cf-ray
861a0fe3391493be-AMS
alt-svc
h3=":443"; ma=86400
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame CB03
200 B
847 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xferrecords.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
639663
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 09:33:11 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 01 Mar 2024 22:43:32 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
293694
x-content-type-options
nosniff
x-request-id
a2f494e8-5778-4515-a380-cb5e40ef9224
x-served-by
cache-ams21080-AMS
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame CB03
526 B
451 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 09:33:11 GMT
via
1.1 varnish
age
7303171
x-cache
HIT
content-length
315
x-request-id
fddaaab3-b86d-4b69-99de-688e70866e69
x-served-by
cache-ams21080-AMS
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
276106
inner.html
m.stripe.network/ Frame CFF4
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
193
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 09:30:02 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-id
ZOixtqnKD9XEzgn1k2tZhXJncPbCl_odoFKHdl_Pc3TotRzRsdK1AQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/
232 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZYWGK0ZES9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15086303-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
848df1ae41eab057a150c10a7ea644a767792846b2a28775ed93e24e290b733f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84353
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Mar 2024 09:33:11 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15086303-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 07:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6303
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Mar 2024 09:48:08 GMT
861a0fdecafa1ca4
xferrecords.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 85F1
0
604 B
XHR
General
Full URL
https://xferrecords.com/cdn-cgi/challenge-platform/h/b/jsd/r/861a0fdecafa1ca4
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Mar 2024 09:33:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnosUTkJXwLcrC6FY7A5q7m8Jmlf82FtwhO1G%2B%2FEhpIaSLPHTVBOrBbPfgIr%2BxjAZy1JoxsyDaRTKwqE5iN9OBQmR%2FH30YBdTmcXEKHgqDjAiJDv08qmXz7y5Fx1goB4Be5S%2BWvAVhbNiafTJVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
861a0fe44ae393be-AMS
alt-svc
h3=":443"; ma=86400
out-4.5.43.js
m.stripe.network/ Frame CFF4
87 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 09:31:47 GMT
content-encoding
gzip
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
85
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
-h2dRCPg8viGK0crp5B8BOigviSWRPGMqx9h4dTnQeik6nN-PVHHuA==
collect
www.google-analytics.com/j/
1 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1491415560&t=pageview&_s=1&dl=https%3A%2F%2Fxferrecords.com%2F&ul=en-us&de=UTF-8&dt=XferRecords.com%20%7C%20Home%20of%20the%20Xfer%20Records%20VST%20Suite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1151628421&gjid=1212419495&cid=223465341.1709976792&tid=UA-15086303-2&_gid=1373100249.1709976792&_r=1&gtm=457e4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=638740715
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xferrecords.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 09:33:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xferrecords.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZYWGK0ZES9&gtm=45je4360v9122488665za200&_p=1709976791504&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=223465341.1709976792&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1709976791&sct=1&seg=0&dl=https%3A%2F%2Fxferrecords.com%2F&dt=XferRecords.com%20%7C%20Home%20of%20the%20Xfer%20Records%20VST%20Suite&en=page_view&_fv=1&_ss=1&tfd=1033
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZYWGK0ZES9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xferrecords.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 09:33:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xferrecords.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-rum-1.252.1.min.js
js-agent.newrelic.com/
45 KB
16 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-rum-1.252.1.min.js
Requested by
Host: xferrecords.com
URL: https://xferrecords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac970654eba62875b48fea26d60d3be088e490f35d9e758269864f06458ebfd7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://xferrecords.com/
Origin
https://xferrecords.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
T2GmUqF2BQZ1dtfiW63tITOG1wPEVdNL
content-encoding
br
via
1.1 varnish
date
Sat, 09 Mar 2024 09:33:11 GMT
strict-transport-security
max-age=300
x-amz-request-id
DGV97HD3Q5YEP32S
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15796
x-amz-id-2
eqUpkoadfbxebTFY3sBMLxfS377mDrfwJ0LpCDji2gYNk/MMQHEtuJzvA2D8bVISkdpv54i+3P3bk+CTXqWCCaTlqYwy9AWA
x-served-by
cache-ams21080-AMS
last-modified
Mon, 04 Mar 2024 15:07:39 GMT
server
AmazonS3
etag
"005b9ecfd740445c45ac6febe8f522e7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
157918
6
m.stripe.com/ Frame CFF4
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.125.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-125-176.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8df52405d5625abce80dc7d1599f4abad219ba02fb8ed7b124b455533ef2fb78
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 09 Mar 2024 09:33:12 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1709976792256738
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1709976792256273
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
75dbba0bab
bam.nr-data.net/1/
48 B
621 B
XHR
General
Full URL
https://bam.nr-data.net/1/75dbba0bab?a=20261611&v=1.252.1&to=e1dYQBBXVFpVFxdQW1VdGV0MXF1O&rst=1122&ck=0&s=b700ad2ece0823ed&ref=https://xferrecords.com/&hr=0&qt=2&ap=6&be=442&fe=625&dc=401&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1709976790703,%22n%22:0,%22f%22:96,%22dn%22:97,%22dne%22:97,%22c%22:97,%22s%22:113,%22ce%22:138,%22rq%22:138,%22rp%22:443,%22rpe%22:533,%22di%22:833,%22ds%22:833,%22de%22:843,%22dc%22:1066,%22l%22:1066,%22le%22:1067%7D,%22navigation%22:%7B%7D%7D&fp=820&fcp=820
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.252.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41a451575cd34054fa1a965ab7ca9b0de22b5f14a0caa44b03dd6a65b743ba2b

Request headers

Referer
https://xferrecords.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type
text/plain

Response headers

Date
Sat, 09 Mar 2024 09:33:12 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://xferrecords.com
access-control-expose-headers
Date
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
861a0fe598cc2c65-FRA
timing-allow-origin
https://xferrecords.com

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| NREUM object| webpackChunk:NRBA-1.252.1.PROD object| newrelic object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ function| $ function| jQuery function| Cookies function| _classCallCheck object| ThreddedMentionAutocompletion function| _createClass string| CKEDITOR_BASEPATH object| CKEDITOR function| timeago object| Rails boolean| _rails_loaded function| autosize function| Textcomplete object| Thredded function| ThreddedPreviewArea object| Util function| Dropdown function| Tab function| Collapse function| Modal function| Alert function| Button function| ScrollSpy function| Toast function| Tooltip function| Carousel function| Popover object| ActiveAdmin object| ActiveStorage function| ClipboardJS object| ReactRailsUJS function| gtag object| dataLayer object| webpackChunkStripeJSouter function| noop function| Stripe object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

9 Cookies

Domain/Path Name / Value
xferrecords.com/ Name: _xfer2_session_production
Value: ZO%2BJDeGq9PqoYZT28gxE2O9sOIjiUTEsbd%2FSEAD%2BMsxTkhBa5yM4hB17MyXliISdxbYjXYIqOoQCHdj%2FinCzVwzdFC8KN8R0I9p8z0hpqSVvKaSwgJg4hr4leP91%2FcDirhRbTD2S1k3dfDO43937XYWuLON8csoopDikWYWu9iMjza2OLZJqFaCTtxVuqBbzMIpwh5dQnTbDKOMKtdQIqASiEmMeOvEGabYzhv7VUNzjWod8rgjxT22EJF0SahLzyA7KzgCx4UoBr08Eq79Fkl0mAwDCRYA1PPO5Jc9avl8yjlrFRPwj%2BGOHO5cFbOJKJqiR3iv8NmuwOThEl43KTW%2BSJbJFWoYQNEuVUpMox5LOJ6lcbIgBJ%2F5d%2FFEfh7hg3g%3D%3D--%2F%2BVEKa2AryELcTyO--m5LTB8CTf4WPlxURFA%2FgMw%3D%3D
.xferrecords.com/ Name: _gid
Value: GA1.2.1373100249.1709976792
.xferrecords.com/ Name: _gat_gtag_UA_15086303_2
Value: 1
.xferrecords.com/ Name: _ga_ZYWGK0ZES9
Value: GS1.1.1709976791.1.0.1709976791.0.0.0
.xferrecords.com/ Name: _ga
Value: GA1.1.223465341.1709976792
.xferrecords.com/ Name: cf_clearance
Value: sUEs15c67V4VL.jOvGFO9z6ak4LQ50W8Jwz4jz9gOlE-1709976791-1.0.1.1-86LWjTcHyBj5Run4IrZgK1c23vryiQnIDLYaKYAlEp.ru3F5itt10TwEMVAIN4h8OHMXtiaONjhrNu9gJ.R2dQ
m.stripe.com/ Name: m
Value: 804e421b-ba68-41bb-bc04-cd1761a07ea95903fc
.xferrecords.com/ Name: __stripe_mid
Value: 3320ed23-d75b-44fd-9406-c79b131bdc687d93f9
.xferrecords.com/ Name: __stripe_sid
Value: 60436604-c5dc-470a-9cf7-2125f0c9caaa9d2ad0

2 Console Messages

Source Level URL
Text
network error URL: https://cdn.polyfill.io/v1/polyfill.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://xferrecords.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.plyr.io
cdn.polyfill.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
xferrecords.com
151.101.128.176
162.247.241.14
2001:4860:4802:32::36
2600:9000:2057:b400:19:7d10:bd80:93a1
2606:4700:21::681b:c358
2606:4700:4400::6812:26d4
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a04:4e42::649
2a06:98c1:3120::3
54.70.125.176
093a568626d7d67606ac4177f15a6c7ff27948f11c66901ad5e7eb64228539c2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b270f40c57f0ac70da7fd8931acd9992274af9e809e2d736e432a8452360676
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
41a451575cd34054fa1a965ab7ca9b0de22b5f14a0caa44b03dd6a65b743ba2b
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
551b70f1a32fc9a829f0cc159c6070f4d843cf49efd1c42cd89f187584d2e749
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
63996b381b244b9d0132ca12c4544340d5d50177c1eb45953c493dd5d555e559
6911fa76e28067f195a62c1c3c18420a827d6bdd96485334c3421a81455c43ff
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
848df1ae41eab057a150c10a7ea644a767792846b2a28775ed93e24e290b733f
86a003a7bfdf286bf9d1b992b9ea4f358db996f706375b198a44c4faa34b0ae2
872f21bef4d6bb0fd9e9631058734d1654d34c6be0362b379afa7124c7c883cd
8df52405d5625abce80dc7d1599f4abad219ba02fb8ed7b124b455533ef2fb78
9010cf8aedcd2a9016acb61f8daa1f3fa2cab95add69fd4e5e0472bc2f400521
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
ac970654eba62875b48fea26d60d3be088e490f35d9e758269864f06458ebfd7
afbb1c7def15be1f3f104a967629854af7921f2544eb89d63f214a5eedbeed55
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bf2153f32ba5cf1781611827c48c15c3e7552fcde6db2b59c149291b15a62889
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa44eda7884ac584db3b8ca5e225b1d4d0be1a977e0d4e0965a7e9ef2de15b
f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a
f588dbf2a4112ba0eb871429655ff767afa9fec1ddc72746fe5d1a216f870b00
f6b0114e381f79e0051a3b6ae76c3ea12533ae44e1422447ff77f7afa99127d9
f7ca1c3cf9317b1900e618ca9038d889e0d008d2feb40c7df8baf3e51d0f72a9
f8e7e4de1e9f1853967930e65e54635ba278937653525e048ec92f5639139f6d