www.xtremerain.com Open in urlscan Pro
2606:4700:3035::681b:98b9 Public Scan

URL:
https://www.xtremerain.com/
Submission: On March 05 via manual (March 5th 2020, 8:40:45 pm UTC) from US

Summary HTTP 141 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 26 domains to perform 141 HTTP transactions. The main IP is 2606:4700:3035::681b:98b9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xtremerain.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 1st 2020. Valid for: 7 months.

This is the only time www.xtremerain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::681b:98b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	143.204.101.38 143.204.101.38	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.101.112 143.204.101.112	16509 (AMAZON-02) (AMAZON-02)
1	13.225.87.74 13.225.87.74	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
1	151.139.240.1 151.139.240.1	33438 (HIGHWINDS2) (HIGHWINDS2)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
4	13.224.194.71 13.224.194.71	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.194.39 13.224.194.39	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	151.139.240.35 151.139.240.35	33438 (HIGHWINDS2) (HIGHWINDS2)
3	192.225.209.8 192.225.209.8	62660 (WHISKEYNET) (WHISKEYNET)
1	35.169.10.124 35.169.10.124	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	13.224.194.116 13.224.194.116	16509 (AMAZON-02) (AMAZON-02)
7	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
3	143.204.90.242 143.204.90.242	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	198.145.13.14 198.145.13.14	2044 (IINET-2044) (IINET-2044)
1	52.1.207.152 52.1.207.152	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.123.41 52.95.123.41	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
6	172.105.79.150 172.105.79.150	63949 (LINODE-AP...) (LINODE-AP Linode)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
141	35

1 2606:4700:3035::681b:98b9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.xtremerain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 143.204.101.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-38.fra50.r.cloudfront.net

s29353.pcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-112.fra50.r.cloudfront.net

cdn.distiltag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-74.fra2.r.cloudfront.net

dalia-media.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.240.1 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

376.hostedprebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.194.71 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-71.fra2.r.cloudfront.net

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-39.fra2.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.240.35 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

jita.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.225.209.8 (United States)

ASN62660 (WHISKEYNET, US)

proxy.distiltag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.10.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-10-124.compute-1.amazonaws.com

origin.distiltag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-116.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.14 (United States)

ASN2044 (IINET-2044, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.207.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-207-152.compute-1.amazonaws.com

cluster-na.cdnjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.105.79.150 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li2040-150.members.linode.com

bucket.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	pcdn.co s29353.pcdn.co	2 MB
15	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	230 KB
13	ampproject.org cdn.ampproject.org	324 KB
8	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	115 KB
8	rtk.io jita.rtk.io bucket.rtk.io	4 KB
8	gstatic.com fonts.gstatic.com	87 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	29 KB
5	distiltag.com cdn.distiltag.com proxy.distiltag.com origin.distiltag.com	31 KB
4	ad-delivery.net ad-delivery.net	3 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google.com 1 redirects adservice.google.com www.google.com	280 B
2	facebook.net connect.facebook.net	115 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	getclicky.com static.getclicky.com in.getclicky.com	6 KB
2	googletagmanager.com www.googletagmanager.com	56 KB
1	cdnjquery.com cluster-na.cdnjquery.com	355 B
1	google.be adservice.google.be	778 B
1	facebook.com www.facebook.com
1	nr-data.net bam.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	taboola.com cdn.taboola.com	21 KB
1	hostedprebid.com 376.hostedprebid.com	114 KB
1	videoplayerhub.com dalia-media.videoplayerhub.com	25 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	xtremerain.com www.xtremerain.com	14 KB
141	26

	Domain	Requested by
51	s29353.pcdn.co	www.xtremerain.com ajax.cloudflare.com
13	cdn.ampproject.org	securepubads.g.doubleclick.net
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.xtremerain.com tpc.googlesyndication.com cdn.ampproject.org
8	fonts.gstatic.com	www.xtremerain.com
7	securepubads.g.doubleclick.net	376.hostedprebid.com securepubads.g.doubleclick.net www.xtremerain.com
6	bucket.rtk.io	376.hostedprebid.com
4	ad-delivery.net	dalia-media.videoplayerhub.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	376.hostedprebid.com c.amazon-adsystem.com
3	proxy.distiltag.com	cdn.distiltag.com
3	www.google-analytics.com	www.googletagmanager.com
3	fonts.googleapis.com	www.xtremerain.com securepubads.g.doubleclick.net
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	jita.rtk.io	376.hostedprebid.com
2	connect.facebook.net	s29353.pcdn.co connect.facebook.net
2	www.googletagmanager.com	ajax.cloudflare.com
1	googleads.g.doubleclick.net	www.xtremerain.com
1	www.google.com	1 redirects
1	cluster-na.cdnjquery.com	dalia-media.videoplayerhub.com
1	in.getclicky.com	static.getclicky.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	certify.alexametrics.com
1	bam.nr-data.net	js-agent.newrelic.com
1	origin.distiltag.com	cdn.distiltag.com
1	js-agent.newrelic.com	www.xtremerain.com
1	certify-js.alexametrics.com	www.xtremerain.com
1	static.getclicky.com	www.xtremerain.com
1	cdn.taboola.com	www.xtremerain.com
1	376.hostedprebid.com	ajax.cloudflare.com
1	dalia-media.videoplayerhub.com	ajax.cloudflare.com
1	cdn.distiltag.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.xtremerain.com
1	www.xtremerain.com
141	35

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-01` - `2020-10-09`	7 months	crt.sh
pcdn.co Amazon	`2019-12-10` - `2021-01-10`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.distiltag.com Amazon	`2019-12-11` - `2021-01-11`	a year	crt.sh
*.videoplayerhub.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.hostedprebid.com COMODO RSA Domain Validation Secure Server CA	`2018-12-21` - `2020-12-20`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-03` - `2020-07-25`	5 months	crt.sh
ad-delivery.net Amazon	`2019-03-07` - `2020-04-07`	a year	crt.sh
ssl468981.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-09` - `2020-06-16`	6 months	crt.sh
certify-js.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.rtk.io COMODO RSA Domain Validation Secure Server CA	`2017-03-16` - `2020-03-25`	3 years	crt.sh
distiltag.com Let's Encrypt Authority X3	`2020-02-20` - `2020-05-20`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.google.be GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.getclicky.com COMODO RSA Domain Validation Secure Server CA	`2018-10-29` - `2020-10-15`	2 years	crt.sh
*.assetbucket.net Amazon	`2019-09-11` - `2020-10-11`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2019-09-18` - `2020-08-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.xtremerain.com/
Frame ID: 6AAD857C1C9DBAD2945BA0CB6F45F419
Requests: 104 HTTP requests in this frame

Frame: https://proxy.distiltag.com/kitten?ak=a8bfeb3a10e2bc18bd5e35df435fb7dea&pk=TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ&AYAH_VERSION=2.0&cookiesync=true
Frame ID: 03B3D8146BBB1D906063E351DA0D6425
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df6efe2ea5439ec%26domain%3Dwww.xtremerain.com%26origin%3Dhttps%253A%252F%252Fwww.xtremerain.com%252Ff17aef8de7c544%26relation%3Dparent.parent&container_width=360&height=500&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fxtremerain%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&small_header=false&width=300px
Frame ID: A9E3AD3E809BC0A4C2AE58A8172589E9
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dmx&dcc=t
Frame ID: 702AF95457EC7EEBF9CD7CC2FFCF01FB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js
Frame ID: 4A92985AD99B00938C065257C1333DE3
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js
Frame ID: 7BDF216AEB5BA84498BE33B558B9F597
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C892821018E736DA607081007BD96D88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

141
Requests

100 %
HTTPS

46 %
IPv6

26
Domains

35
Subdomains

35
IPs

3
Countries

2909 kB
Transfer

5157 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dmx HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dmx&dcc=t

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

141 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.xtremerain.com/ 70 KB
14 KB 739ms
698ms Document
text/html 2606:4700:3035::681b:98b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:98b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4752a58850ca277cb188e8b97b0f8cb7d98a3b8bd34cd1d1954efddad1780398

Request headers

:method: GET
:authority: www.xtremerain.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Thu, 05 Mar 2020 20:40:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=daa19dfbaf975894292ca1980c003da151583440826; expires=Sat, 04-Apr-20 20:40:26 GMT; path=/; domain=.xtremerain.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-gateway-request-id: 83abdd8d6f087a75917f814a11f6c714
link: <https://www.xtremerain.com/wp-json/>; rel="https://api.w.org/" <https://www.xtremerain.com/>; rel=shortlink
x-gateway-cache-key: 1583147819.07|standard|https|www.xtremerain.com||/
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56f6a6ee3e08d6f9-FRA
content-encoding: br

GET
H2 200 style.min.css
s29353.pcdn.co/wp-includes/css/dist/block-library/ 40 KB
8 KB 100ms
48ms Stylesheet
text/css 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 05 Feb 2020 11:41:13 GMT
content-encoding: gzip
age: 2537954
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: 8a801949132c1cd90962293331d06385
last-modified: Wed, 18 Dec 2019 23:33:49 GMT
server: Pagely-ARES/1.5.1
etag: W/"5dfab75d-a1fb"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: LTaK0RMFrnf22O22PMTlE0CsmxSVyPBomgw7ntLKAtihGWJdXTfD2g==
expires: Fri, 06 Mar 2020 11:41:13 GMT

GET
H2 200 dx-rtk-stylesheet.css
s29353.pcdn.co/wp-content/plugins/dx-rtk-plugin/css/src/ 11 KB
5 KB 82ms
29ms Stylesheet
text/css 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-content/plugins/dx-rtk-plugin/css/src/dx-rtk-stylesheet.css?ver=2019-04-09-1543
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 1ab894ac96f0d05426ef3f67bbfb54c83a6c6414f4189b780504a19953348401

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 05:18:08 GMT
content-encoding: gzip
age: 1783339
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: 621525b9b6aeffe42417a1f74f1d7105
last-modified: Wed, 29 May 2019 12:06:21 GMT
server: Pagely-ARES/1.5.1
etag: W/"5cee75bd-2dd4"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/plugins/dx-rtk-plugin/css/src/dx-rtk-stylesheet.css?ver=2019-04-09-1543
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: y3Aoh6Uv69DLvybi06a8s_s9e-WAgrWmKPci-Cg-Iz_usCPo-9KidQ==
expires: Sun, 15 Mar 2020 05:18:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
863 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e11a39a7de5e23f8171829708551abdd8c8578bc1eb78314a2a031ad94c0c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 20:40:27 GMT
server: ESF
date: Thu, 05 Mar 2020 20:40:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Mar 2020 20:40:27 GMT

GET
H2 200 bootstrap.css
s29353.pcdn.co/wp-content/themes/envo-magazine/css/ 66 KB
14 KB 88ms
36ms Stylesheet
text/css 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-content/themes/envo-magazine/css/bootstrap.css?ver=3.3.7
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 10:41:09 GMT
content-encoding: gzip
age: 1677558
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: b6dcf206c03b9d88840885cd5f01b54e
last-modified: Wed, 16 Jan 2019 17:24:54 GMT
server: Pagely-ARES/1.5.1
etag: W/"5c3f68e6-10893"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/themes/envo-magazine/css/bootstrap.css?ver=3.3.7
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: vNr8prrgEwqBWJB9rmyoYbCamx5m9fPymI8fBMlNYaKmqRYPO0WcHA==
expires: Mon, 16 Mar 2020 10:41:09 GMT

GET
H2 200 style.css
s29353.pcdn.co/wp-content/themes/envo-magazine/ 35 KB
9 KB 97ms
45ms Stylesheet
text/css 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-content/themes/envo-magazine/style.css?ver=1.7.1
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: cd8892615cdfad54eddecb791e8cdee3358f7f75bf83d7960d6289ae9482b00c

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 16 Feb 2020 07:21:28 GMT
content-encoding: gzip
age: 1603139
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: 582f3b97372199ab2e558b2075345057
last-modified: Mon, 08 Apr 2019 15:52:45 GMT
server: Pagely-ARES/1.5.1
etag: W/"5cab6e4d-8a83"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/themes/envo-magazine/style.css?ver=1.7.1
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: Mnk0o6l3a5bwU9ckovCE_Vn4hivS4I2aDxNR-qS9R4B7hVCP1QXv2Q==
expires: Tue, 17 Mar 2020 07:21:28 GMT

GET
H2 200 font-awesome.min.css
s29353.pcdn.co/wp-content/themes/envo-magazine/css/ 30 KB
8 KB 101ms
50ms Stylesheet
text/css 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 20 Feb 2020 10:50:35 GMT
content-encoding: gzip
age: 1244992
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: 30244d0820cdc9c746e4a74964576fa3
last-modified: Wed, 16 Jan 2019 17:24:54 GMT
server: Pagely-ARES/1.5.1
etag: W/"5c3f68e6-7918"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: xSc9JvzoQoYOfT8SA-cebSFGgLVOhutO_h2qiz40YBAoBVaX6IZnzQ==
expires: Sat, 21 Mar 2020 10:50:35 GMT

GET
H2 200 cropped-XtremeRain-Logo-e1547800572367.png
s29353.pcdn.co/wp-content/uploads/2019/01/ 7 KB
7 KB 120ms
68ms Image
image/png 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/01/cropped-XtremeRain-Logo-e1547800572367.png
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 9fd78475f31dd705ae6091e008a223261dffe3611080f5b8acdb1723b88f8553

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 09:09:41 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 41446
x-cache: Hit from cloudfront
status: 200
content-length: 7132
x-gateway-cache-status: BYPASS
x-gateway-request-id: d7b40697569035169adf65efcdc1c4c9
last-modified: Fri, 18 Jan 2019 08:36:34 GMT
server: Pagely-ARES/1.5.9
etag: "5c419012-1bdc"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/01/cropped-XtremeRain-Logo-e1547800572367.png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 5SXmixWwTNpaJAU5XnbKjs5J-bq1VGCuTwjXzFX1yI8XgCD97JLiVQ==

GET
H2 200 TenantTrash-19.jpeg
s29353.pcdn.co/wp-content/uploads/2019/02/ 63 KB
64 KB 107ms
105ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/02/TenantTrash-19.jpeg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: d38f6b7d9e14b9535d94fd23826dac10b94f140523875a0fe7ed8913e5803446

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 13:32:18 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 25689
x-cache: Hit from cloudfront
status: 200
content-length: 64652
x-gateway-cache-status: BYPASS
x-gateway-request-id: f4e7727525a7bced007d6ad46d649976
last-modified: Wed, 27 Feb 2019 13:16:53 GMT
server: Pagely-ARES/1.5.9
etag: "5c768dc5-fc8c"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/02/TenantTrash-19.jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: KzcxzXMusOTp9x8POKc74mzOg1F4iKfEcxs6dx0zlluJCqiYBu2d5w==

GET
H2 200 preggo-baby-7.png
s29353.pcdn.co/wp-content/uploads/2019/02/ 732 KB
733 KB 83ms
81ms Image
image/png 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/02/preggo-baby-7.png
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 2db5f938ef1a338ec041efee8871662bb2fdd6f39cef8f8fea3aacccec2ba151

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 13:32:18 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 25689
x-cache: Hit from cloudfront
status: 200
content-length: 749772
x-gateway-cache-status: BYPASS
x-gateway-request-id: fa1af4d2e68fe5b8ba70bd1a13a56c6c
last-modified: Wed, 27 Feb 2019 13:19:19 GMT
server: Pagely-ARES/1.5.9
etag: "5c768e57-b70cc"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/02/preggo-baby-7.png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: HzhOeUOiLkYbnKPqdeC_WqdeYe-Vlj5ozXJqrQELm7QQsFdif1XEFQ==

GET
H2 200 15-68.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2019/03/ 54 KB
55 KB 71ms
69ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/03/15-68.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: c107193f46cf5b2626bb50d5d4525e08da10c3a56c202e98ecbb126c00bfa542

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: ad5e793eb991987b7c0a8144cd607868
date: Thu, 05 Mar 2020 13:36:19 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25448
etag: "2d57befbaf91e39b63159caf225e1a4f9de1249e"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/03/15-68.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 55631
x-amz-cf-id: p-Wf5T6D7CfPOTs9h0uradR1QavlZ9jNAjIHPON1JPdFpun4kU0VPA==
x-gateway-cache-status: BYPASS

GET
H2 200 15-68-720x405.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2019/03/ 33 KB
34 KB 80ms
77ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/03/15-68-720x405.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 706d79e0fb39d3d759c094b02db211201e890080655dbcb5403de9e4b3b8c4eb

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: d9f100ee45ddcdfa1516f992864c6c01
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "383e9f54474d4ef22dbbd402122435ff9eb9272c"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/03/15-68-720x405.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 33955
x-amz-cf-id: gKEyfsZrZID-uXfW0IsEuo4mCJE-hMIDXx8TLtROiVkOCCnHpDgD3w==
x-gateway-cache-status: BYPASS

GET
H2 200 wi-fi-health-risks-featured-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/10/ 5 KB
6 KB 395ms
393ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/10/wi-fi-health-risks-featured-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: b2053e08c7677f5f8e4a1d0a9df959d610cd64bbe4af7127565cf447d114a9b1

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 60c98da1370b256cbf7d974b23041e2a
date: Thu, 05 Mar 2020 20:40:27 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
x-amz-cf-pop: FRA50-C1
etag: "3885582a5032a384729dc86026a83c5242596494"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/10/wi-fi-health-risks-featured-160x120.jpg.optimal.jpg
status: 200
x-cache: Miss from cloudfront
content-type: image/jpeg
content-length: 5328
x-amz-cf-id: I22GI9BlIFJ-jiW8lfN60_8q3xI6Y24PfLPnvYTUDwF4Bv6vaCw1Pg==
x-gateway-cache-status: BYPASS

GET
H2 200 5a53d5a5c32ae61e008b514e-750-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/09/ 4 KB
5 KB 119ms
117ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/09/5a53d5a5c32ae61e008b514e-750-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: f1aabaff29b5420f2e3bd2af1f0c5e25dedf21188d8d84aa8f62424c99858108

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 6cdf5537b077842042144589867f4a32
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "1feca2979ca6e4b96b2189f8da588c34c51495c4"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/09/5a53d5a5c32ae61e008b514e-750-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4435
x-amz-cf-id: M16tFqxvh6kGNY6fsFrRcjxWBrglu2WKo-Kz4EV-zw8K56cd9LwwWw==
x-gateway-cache-status: BYPASS

GET
H2 200 video-game-addiction-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/11/ 5 KB
6 KB 107ms
104ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/11/video-game-addiction-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 482d00bf3d318b348f24693be97bb06d5a3d07bbed680821fb41b8df62ecdd15

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 56307eae3e276522022ad2f99d227531
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "ad36f5f13353f0e8d80edaea3db141f031492bd5"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/11/video-game-addiction-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 5203
x-amz-cf-id: quLK9oN1PlhKe8mdkldE0KmMMO1JJPRbmvIuKLMuNNGLZ0XG3rcGKw==
x-gateway-cache-status: BYPASS

GET
H2 200 Negativity-Workplace-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/09/ 5 KB
6 KB 121ms
118ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/09/Negativity-Workplace-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 178c936745175c4747d640b48d0179d5aa9098cb9dd6b8bfda2e65d974636c05

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 50678799ea90703280cef90816a797bf
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "f10019aa1633fda19f5600e8ccf4b3e769d19057"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/09/Negativity-Workplace-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 5426
x-amz-cf-id: ILemtTpTaS_DyNaGMhqxKwyEfImatpyMokH-eSJnM3a9pMakfHGyAw==
x-gateway-cache-status: BYPASS

GET
H2 200 Ways-Grow-Positive-Attitude-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/10/ 4 KB
5 KB 110ms
107ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/10/Ways-Grow-Positive-Attitude-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: c47b990b0158abc0b3321477148d2c90a07d242782e5b77c53b8402bca09e9c7

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 2912e702094a60802b2b50b90eb40068
date: Thu, 05 Mar 2020 13:36:19 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "326a30727cb5db31ca9aa1cb3013e2a09a93662a"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/10/Ways-Grow-Positive-Attitude-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4470
x-amz-cf-id: FPXLXKlEiS8jQ8xdxfbaBJ90pR23wEqfIbbCltPp-l1i7sdBSTH5vw==
x-gateway-cache-status: BYPASS

GET
H2 200 1-en_1000x1500-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/11/ 3 KB
4 KB 121ms
119ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/11/1-en_1000x1500-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 71773004e39610f83a18744ddffebaa0a58318eab3aa70d34f62b8db05b5fe7c

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: f06e2b22974168f6ec3014595ea6c162
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "936ec2aebe1a0edd35e0a95dbac77b5ee0bbf0a1"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/11/1-en_1000x1500-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 3263
x-amz-cf-id: E03hAUvMCKiXo0K9Aft3mb37x5SK1AVLDgJYaFZjnpdshLwRAw69mg==
x-gateway-cache-status: BYPASS

GET
H2 200 46786584_2323984694554798_949836571450862924_n-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/11/ 3 KB
3 KB 106ms
103ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/11/46786584_2323984694554798_949836571450862924_n-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 4cb1b36a53582214f1c5925af2548c0a6b87292d199fd41a0cacf7cfdd0c9385

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: bb51f79aa56ab6bc7604d4d459466a3f
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "a05fb1c3dbd748a60479daaaab506012382ab04d"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/11/46786584_2323984694554798_949836571450862924_n-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 2886
x-amz-cf-id: SriUyi80oNziDQxsZkuDRDrGtdMKEVJru1OI9HEiGmHqft8u8L9LeQ==
x-gateway-cache-status: BYPASS

GET
H2 200 5b329bac1ae66241008b597f-960-720-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/11/ 4 KB
5 KB 106ms
104ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/11/5b329bac1ae66241008b597f-960-720-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 7769629291758f0f38b1014a0e8dfab8d04e66ed89dde9982a9dfbc5185a0fa0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: cf98e5afd8674607169f262382803882
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "099403bff0e36814833caa5a1897df693a3dfb3f"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/11/5b329bac1ae66241008b597f-960-720-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4369
x-amz-cf-id: bEzLCkd1fJ_498aMxpcJV6n3R1sM-o3hJuoV6tDVGHmQPg94b8CxwQ==
x-gateway-cache-status: BYPASS

GET
H2 200 microsoft-surface-headphones-26-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/12/ 4 KB
5 KB 140ms
138ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/12/microsoft-surface-headphones-26-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: e856f9c41b796ff6b913364c5b4db81e01a12c31956681de2ea9c41684f7c780

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: d49499f7ee0801e4f0c1fb6db95ecdab
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "d52ab5b9c66181e5bcf7865aac80ec12793672da"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/12/microsoft-surface-headphones-26-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4450
x-amz-cf-id: mn8C3vLIUPHE8xsIdNl7faU9kKsZoXaAJ2NAqKqbYSX-XIbnFb5urQ==
x-gateway-cache-status: BYPASS

GET
H2 200 download-1-e1544291528270-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/12/ 4 KB
4 KB 111ms
108ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/12/download-1-e1544291528270-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 11153b262bd54fb5d51730ead80cad8415b6728de4e4c2f70001fbeac20b193c

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 4283a7bbb27ed8ed816e52b236eafd9d
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "efdf6e2f6b342f4bae1ac972b30350de200e6e88"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/12/download-1-e1544291528270-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 3697
x-amz-cf-id: esqSK_fgXJVskCwn2WgxjYTIkVHmcRWKIuC3QRWOEa5FWf204KshRg==
x-gateway-cache-status: BYPASS

GET
H2 200 best-launchers-july-2018-nova-smart-patriotic-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/12/ 6 KB
6 KB 106ms
104ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/12/best-launchers-july-2018-nova-smart-patriotic-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 7e5c74c4db14645a7cac29a8b56cfd7bf1e25c8cffa49efdb64a52c51860e3b6

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 54e5580eb1d8dcab56d6af12e1bbcd70
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "2080b6fa6bb64541d7a877791563dc73a833d380"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/12/best-launchers-july-2018-nova-smart-patriotic-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 5684
x-amz-cf-id: R_lmZpdBj5yqizh05SHZ0oMvc022RDA9LiTnG_oCeZa-Ms74SOQ8-A==
x-gateway-cache-status: BYPASS

GET
H2 200 Direct-Draw-3D-Acceleration-Unavialable-Featured-720x405.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/05/ 54 KB
54 KB 108ms
106ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/05/Direct-Draw-3D-Acceleration-Unavialable-Featured-720x405.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 067a5e6187899d2f84b081c427fafbcc0a444e16990e8b647c525b1c44aa4828

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 6a0ac204b02da94ba850bf6537dfad17
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "1b46a74e8b2699f4375972271fc38959cdc882d9"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/05/Direct-Draw-3D-Acceleration-Unavialable-Featured-720x405.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 54959
x-amz-cf-id: Z0pUrCpOc9e5tpwaumvwdTYdbPYOSG5CvokOApVrO937hKVeggtMqw==
x-gateway-cache-status: BYPASS

GET
H2 200 fix-chrome-download-errors-720x405.png
s29353.pcdn.co/wp-content/uploads/2017/07/ 150 KB
151 KB 117ms
114ms Image
image/png 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2017/07/fix-chrome-download-errors-720x405.png
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: a37882afdb7b85d7e3831d008ec8b6e8c174087fa06f523aae061dac6c9b7f6c

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 16:07:22 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 16385
x-cache: Hit from cloudfront
status: 200
content-length: 153742
x-gateway-cache-status: BYPASS
x-gateway-request-id: 3f8374526892cd2ceafaa65c89672a32
last-modified: Tue, 22 Jan 2019 10:38:12 GMT
server: Pagely-ARES/1.5.9
etag: "5c46f294-2588e"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2017/07/fix-chrome-download-errors-720x405.png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: LdNzXYiDibOslFen0RuZLLcAuM2A7BBnjO2GgDh2pAvAkQdU1bCWvA==

GET
H2 200 Photoshop-Encountered-Problem-Display-Driver-720x405.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2017/01/ 46 KB
47 KB 120ms
117ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2017/01/Photoshop-Encountered-Problem-Display-Driver-720x405.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: d3a4d55a29b3f267b577c1b5d5bda4d9982d58458b92d85005319c9feea65e1a

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 88d3779731319bdd8176150299c08ce2
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "20547dd271b0201189879ecfd449cfc47162b6ce"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2017/01/Photoshop-Encountered-Problem-Display-Driver-720x405.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 47256
x-amz-cf-id: hqQ5oVkulkoL4xfLHzxoeDw8ocDzcYfEWaAvDglECsVhOTSzy4Wepw==
x-gateway-cache-status: BYPASS

GET
H2 200 images-2.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/09/ 3 KB
3 KB 112ms
109ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/09/images-2.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: fb3b15da67b2491265f63134dbc75f449739996da1dca1df530ca73bdb7064f5

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 5a0b5947fc090c7b74393a57a97f7a99
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "890f21673763489297f22ff0d96df1f51293c2b6"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/09/images-2.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 2627
x-amz-cf-id: x4s9HcPKp1xy6XZU-zKolf-upmePvHe7tsFJymFooBv4N6D_Y3EBUw==
x-gateway-cache-status: BYPASS

GET
H2 200 1565670471100457bd2c9b-1-720x405.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/11/ 66 KB
67 KB 111ms
109ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/11/1565670471100457bd2c9b-1-720x405.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 0f12618299dbd9318ecc73d31f6d38b9d078dcb4461cad33b252cc2e46a138a6

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 263aa96ce83d467adab1cf1c9549ab37
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "db11fe2caf0df5c2c055734ad94cc54e8fb488c6"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/11/1565670471100457bd2c9b-1-720x405.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 67954
x-amz-cf-id: Bq531xzRqdkp55BApzCU-3uUBtBj3d0bMjHpNGjrOnU8KSPUNI6YmQ==
x-gateway-cache-status: BYPASS

GET
H2 200 getty_991494512_2000133320009280365_362445-720x405.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/11/ 25 KB
25 KB 115ms
113ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/11/getty_991494512_2000133320009280365_362445-720x405.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 6597d5579d518fa8219afb672f011ed40d50e8eeafdf1fe8de1ece02cceedb24

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: a9f6f6634e543ea5a18269c7a6ae88e3
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "6bbeae3131230b76fbf12556f9b5d709e3b64435"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/11/getty_991494512_2000133320009280365_362445-720x405.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 25492
x-amz-cf-id: 2AjGeNTJyZm4sFSrl0eE__ksTMAL9hoUwGYXLljo9bATstj5utaJ0A==
x-gateway-cache-status: BYPASS

GET
H2 200 loader.gif
s29353.pcdn.co/wp-content/plugins/facebook-pagelike-widget/ 8 KB
9 KB 110ms
108ms Image
image/gif 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/plugins/facebook-pagelike-widget/loader.gif
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: dede012563c945321fbe3952281658f48ee6bda0531c3301bc82e28efc01421f

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 06:20:58 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 51568
x-cache: Hit from cloudfront
status: 200
content-length: 8238
x-gateway-cache-status: BYPASS
x-gateway-request-id: d336717fb04a411e142a76be455c2994
last-modified: Wed, 04 Dec 2019 05:23:21 GMT
server: Pagely-ARES/1.5.9
etag: "5de742c9-202e"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/plugins/facebook-pagelike-widget/loader.gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: iXACIzCPLxrBF9PaYhmgqlSQZ5fyaawTL6rLTyx1K5rrJAzYXIi0eQ==

GET
H2 200 7d6-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/10/ 4 KB
5 KB 110ms
108ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/10/7d6-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: c1b0035911b9558d3e557c87c964b5a1bc9096f5280bfe6b0ff0ef0d8afb0515

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 0030aca4897449d65c25a629c1174cdb
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "9570706df9d5bd26990d8f28b93486a2fc7b175c"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/10/7d6-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4563
x-amz-cf-id: EcgYEqXjVviFBkOLy8DgGIwuuVJffMqiZLtizqS3taUHacDhtYfQtQ==
x-gateway-cache-status: BYPASS

GET
H2 200 soccer-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2018/10/ 7 KB
7 KB 115ms
113ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2018/10/soccer-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 8a96d126bbc4629b4d48bd1b7133c53e2d812f499309385d4affacb347c12558

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: ec17cfc381a8f3dbcd0c8f0a91554cbc
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "de3bdcd0064a9d44794002ffe340b7be0bfcbb92"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2018/10/soccer-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 7099
x-amz-cf-id: v2J0QQEPA0l7B9n9TdfJMx0XvQddyeMZxmU60SNBeBwLed5tm41ewQ==
x-gateway-cache-status: BYPASS

GET
H2 200 goldmine-3-160x120.png
s29353.pcdn.co/wp-content/uploads/2019/01/ 32 KB
32 KB 112ms
110ms Image
image/png 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/01/goldmine-3-160x120.png
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 0ae0408284f49294130eece825154f88518ef0a72d5c5326266ef64d01101a42

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 25447
x-cache: Hit from cloudfront
status: 200
content-length: 32277
x-gateway-cache-status: BYPASS
x-gateway-request-id: 9918c4f6689863e436a245211e77e7f7
last-modified: Tue, 22 Jan 2019 08:11:29 GMT
server: Pagely-ARES/1.5.9
etag: "5c46d031-7e15"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/01/goldmine-3-160x120.png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 8iiuaGGHxRDHulHTyDyExMAZdEOUSG_sVdoDaFa08K69PESi92ZSqg==

GET
H2 200 bigpuppy-17-160x120.png
s29353.pcdn.co/wp-content/uploads/2019/02/ 40 KB
40 KB 114ms
112ms Image
image/png 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/02/bigpuppy-17-160x120.png
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 8673d76617305b9737c559a70f83c84452eaadf89fb6b652b6b346a5d77ada58

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 25447
x-cache: Hit from cloudfront
status: 200
content-length: 40860
x-gateway-cache-status: BYPASS
x-gateway-request-id: aaf8e1ed419c605d5d04d7964f55d1f2
last-modified: Wed, 27 Feb 2019 09:20:13 GMT
server: Pagely-ARES/1.5.9
etag: "5c76564d-9f9c"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/02/bigpuppy-17-160x120.png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: VNJ0lIdvsdMaFI8swyTiXARSpQV5xXx_KndBi5uTM-gg7h0PLGSgXQ==

GET
H2 200 Microsoft-Edge-Browser-Extentions-720x405.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2015/12/ 37 KB
37 KB 113ms
111ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2015/12/Microsoft-Edge-Browser-Extentions-720x405.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 2758c00f3eba60b69de9049537dbbff0ff3d6bd1301cd35892870e3cd09db578

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: da21c2bbb6b34b1e4541def12e5fd0c2
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "9db1dc7f40f842b295c5c2279f87a34ed95f5464"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2015/12/Microsoft-Edge-Browser-Extentions-720x405.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 37454
x-amz-cf-id: DJTBzKWrkvreWmByHP1qglBMlwP_yTFQd5u-KJXi_ofRfqCXxb6PHA==
x-gateway-cache-status: BYPASS

GET
H2 200 tech-companies-name-meaning-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/09/ 6 KB
6 KB 114ms
112ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/09/tech-companies-name-meaning-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 256a39a0c064c7b247b8d206dc5cf82d78f70e905a07216b2af799c2c030d432

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 1c4615865e4eac6495358b37457b7b52
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "f2f2ea02a1d14b4d3552405c60f0ebcfaabf839b"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/09/tech-companies-name-meaning-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 5864
x-amz-cf-id: J0kWN0BDEDGOervryTZIfdP-ap2xD3gW1AH4brfKam-5vbL-JXPCAQ==
x-gateway-cache-status: BYPASS

GET
H2 200 Canon-EOS-5Ds-HD-Feature-Image-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/01/ 4 KB
5 KB 120ms
118ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/01/Canon-EOS-5Ds-HD-Feature-Image-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: f4bfda75fd783f45f2f6e576a5e7635b129d1f883f100dce922936f72c17f6de

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 2b8084691a1296a104dbeef206dcf875
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "5196e8831aac6629f9c97958a05cd1fe7dc33ad2"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/01/Canon-EOS-5Ds-HD-Feature-Image-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4227
x-amz-cf-id: 9J0BpGVgvaEwkPmXRDYNPPOQdZUcr-YK4iyD023Sg0Wqqnveu2v1NQ==
x-gateway-cache-status: BYPASS

GET
H2 200 Tech-7-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/11/ 5 KB
5 KB 121ms
119ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/11/Tech-7-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 4e806ffd3db5ccbc6af5d81a539943cd29e47a6caf145316c11c5d49d2c79013

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 2952bdc0aabc4fd315779a444c12d0a6
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "956454d2862e8cdb8437616121a062f3fb384408"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/11/Tech-7-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4893
x-amz-cf-id: _gNZEuzSz3JOiLoDMVwosSeLIulsmPOA_v6yzsY09otHvsAJg06yug==
x-gateway-cache-status: BYPASS

GET
H2 200 Tech-14-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/11/ 5 KB
5 KB 121ms
119ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/11/Tech-14-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 6cc5e434a2d4da2b1561c2348c81fe7536251d2a515790de4b4257f4184fa95b

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: d4dd4d9da4ea2fa9db77aea76ade77c3
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "3434fdaf197c47e9214903b5804ce78e62087687"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/11/Tech-14-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4609
x-amz-cf-id: EptySfsCAIGWSkvCNXG7U6tTgx4kRNfTqOTP88Cj4138peY6LpdN2g==
x-gateway-cache-status: BYPASS

GET
H2 200 post4-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/12/ 5 KB
5 KB 120ms
118ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/12/post4-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: b1d144734911ba874c3fd82fcee0031c72b72e1acb6ac1d8b39e7f24aeb748f9

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 858fb4956ab5ea37516437868c214c3b
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "d9a92a9f17af878a35408904455fd13a32a6e3cd"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/12/post4-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4727
x-amz-cf-id: uI0tHBc4q74JAdauYODmpXIYJC6jtxegS_AkKBsQ2P1ORVfArmnABQ==
x-gateway-cache-status: BYPASS

GET
H2 200 Tech-11-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2016/11/ 6 KB
7 KB 119ms
117ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2016/11/Tech-11-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: b7129215243f7a506aee4ea67fca4b14565f2a9d374a1ed02fea04bf3a1cc5f9

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: 59e31effb7d8b79bf55730ff21dae848
date: Thu, 05 Mar 2020 13:36:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 25447
etag: "637a9e46a38f306b280bc34313747daad29e202e"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2016/11/Tech-11-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 6476
x-amz-cf-id: sCHi_6K3ZaF4jqgr1wUscRPAR4W2RzT50uAd7VXdD-BqtNfYXzAqbw==
x-gateway-cache-status: BYPASS

GET
H2 200 XtremeRain-Logo-300x83.png
s29353.pcdn.co/wp-content/uploads/2019/01/ 12 KB
12 KB 119ms
117ms Image
image/png 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/01/XtremeRain-Logo-300x83.png
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 071d6ebc509963de87539a8730926c33f375794f74fe907973982a0a470a96b1

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 09:09:41 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 41446
x-cache: Hit from cloudfront
status: 200
content-length: 12143
x-gateway-cache-status: BYPASS
x-gateway-request-id: daf7909a4239a4baf901dd4325aa20b9
last-modified: Thu, 17 Jan 2019 18:17:34 GMT
server: Pagely-ARES/1.5.9
etag: "5c40c6be-2f6f"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/01/XtremeRain-Logo-300x83.png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: b9DCxLKkKbkThIcNGL-w-Zc_YADQoZtvcQf92GcJfX9h2Yx4XQjDvg==

GET
H2 200 TenantTrash-19-160x120.jpeg
s29353.pcdn.co/wp-content/uploads/2019/02/ 7 KB
7 KB 119ms
117ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/02/TenantTrash-19-160x120.jpeg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 3c3fd23be315e188cb14a803233467f9490bf8ac359373b87f06eb24c0421299

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 06:20:59 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 51568
x-cache: Hit from cloudfront
status: 200
content-length: 6932
x-gateway-cache-status: BYPASS
x-gateway-request-id: 8f338811545a6c08fe81396ce153b34b
last-modified: Wed, 27 Feb 2019 13:16:53 GMT
server: Pagely-ARES/1.5.9
etag: "5c768dc5-1b14"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/02/TenantTrash-19-160x120.jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: Fpb73Vo5ZD2GDCbbkEZ1iAkYzJS-AdTiKYAHrIFu9-H7caJgZVC6tg==

GET
H2 200 preggo-baby-7-160x120.png
s29353.pcdn.co/wp-content/uploads/2019/02/ 35 KB
35 KB 120ms
118ms Image
image/png 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/02/preggo-baby-7-160x120.png
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: de4593f41c3a8d9ee8071680feb9b634dc7791e727bd61df05bc9ce5a15a86d8

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 09:09:41 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
age: 41446
x-cache: Hit from cloudfront
status: 200
content-length: 35647
x-gateway-cache-status: BYPASS
x-gateway-request-id: 5ab793eaa9752202ab8fcc5b9f741d8d
last-modified: Wed, 27 Feb 2019 13:19:20 GMT
server: Pagely-ARES/1.5.9
etag: "5c768e58-8b3f"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/02/preggo-baby-7-160x120.png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: DCUJcphLKXkfK22OE7WZb6ZIDGj-CUdpUIBt8I5Vrna9cY0O8F4H3A==

GET
H2 200 15-68-160x120.jpg.optimal.jpg
s29353.pcdn.co/wp-content/uploads/2019/03/ 5 KB
5 KB 120ms
118ms Image
image/jpeg 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29353.pcdn.co/wp-content/uploads/2019/03/15-68-160x120.jpg.optimal.jpg
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.9 /
Resource Hash: 95e0056dec18c70d2c713c794bac401824b1e5b779d70403742da1f7e68f0257

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-gateway-request-id: f8037befbad05153c1ca1287a70269de
date: Thu, 05 Mar 2020 19:38:41 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Pagely-ARES/1.5.9
age: 3706
etag: "9d9b28e048a724d57eb2e6553d41d2d0c5dad428"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/uploads/2019/03/15-68-160x120.jpg.optimal.jpg
status: 200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
content-length: 4632
x-amz-cf-id: 3RbISPOkJNWar2FMK_xDWHEaXfMkz_ea_cZF-BU9EXGMVSLS5GQqEQ==
x-gateway-cache-status: BYPASS

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:27 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 14:09:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e610815-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 56f6a6f2aee90eaf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Sat, 07 Mar 2020 20:40:27 GMT

GET
H/1.1 200
OK TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ Show response
cdn.distiltag.com/api/v1/script/ 87 KB
30 KB 124ms
36ms Script
text/javascript 143.204.101.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.distiltag.com/api/v1/script/TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ?GA_TID=UA-46526001-2&GA_CDI=11
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-112.fra50.r.cloudfront.net
Software: / Express
Resource Hash: 4ae7d3b3431cc6a4c4343102e3d91c146797a103d4ca3fd6bdd083cc851f0a49

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 20:35:45 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA50-C1
Age: 282
X-Powered-By: Express
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript
X-Amz-Cf-Id: 2h3LwKJFPBNNGYQOBoz8qTlYZ9_xXSD8TArNf36vC-TGWue6BMWK3A==

GET
H2 200 fb.js Show response
s29353.pcdn.co/wp-content/plugins/facebook-pagelike-widget/ 651 B
950 B 93ms
67ms Script
application/javascript 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 544176bafee5678e0476285fd3aa964b9acc65155ca7d72214afc1e96e921d5a

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 07:21:28 GMT
content-encoding: gzip
age: 1603139
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: e366698a043d2353c38e2132167f019a
last-modified: Wed, 04 Dec 2019 05:23:21 GMT
server: Pagely-ARES/1.5.1
etag: W/"5de742c9-28b"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: xGkzr3-0Ql5Ux43_yc-TjXPRxzY0Lq0rCCxGRnGL4BajycRLJfjzVg==
expires: Tue, 17 Mar 2020 07:21:28 GMT

GET
H2 200 wp-embed.min.js Show response
s29353.pcdn.co/wp-includes/js/ 1 KB
1 KB 90ms
64ms Script
application/javascript 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 07:21:28 GMT
content-encoding: gzip
age: 1603139
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: 0479181a6a06c7330240950eb9fa98c8
last-modified: Wed, 18 Dec 2019 23:33:49 GMT
server: Pagely-ARES/1.5.1
etag: W/"5dfab75d-577"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-includes/js/wp-embed.min.js?ver=5.3.2
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: s2zIbhXsIVebuECDlR5Z_OTNjvCxXY7QubM9DXfEitLrh5zs2QAk6Q==
expires: Tue, 17 Mar 2020 07:21:28 GMT

GET
H2 200 customscript.js Show response
s29353.pcdn.co/wp-content/themes/envo-magazine/js/ 5 KB
3 KB 90ms
64ms Script
application/javascript 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-content/themes/envo-magazine/js/customscript.js?ver=1.4.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 837c12eee5b5b4cf89db4aef89a72a741172cc4a6fe1e4f76c1a33349c8d112a

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 10:41:09 GMT
content-encoding: gzip
age: 1677558
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: 66d6584da6a64077ea3e0d60a74c04e2
last-modified: Mon, 08 Apr 2019 15:52:45 GMT
server: Pagely-ARES/1.5.1
etag: W/"5cab6e4d-139e"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/themes/envo-magazine/js/customscript.js?ver=1.4.1
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: MGCyGY8qrE0RCNJ_5FdnyuSG0yBLfpiN0NmsJEMdq5IKoEG8LqH_yg==
expires: Mon, 16 Mar 2020 10:41:09 GMT

GET
H2 200 bootstrap.min.js Show response
s29353.pcdn.co/wp-content/themes/envo-magazine/js/ 7 KB
3 KB 92ms
66ms Script
application/javascript 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-content/themes/envo-magazine/js/bootstrap.min.js?ver=3.3.7
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 07:21:28 GMT
content-encoding: gzip
age: 1603139
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: d19e829270043ccd9556c1752244a488
last-modified: Wed, 16 Jan 2019 17:24:54 GMT
server: Pagely-ARES/1.5.1
etag: W/"5c3f68e6-1c20"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/themes/envo-magazine/js/bootstrap.min.js?ver=3.3.7
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: jBPZUTjzvIp3NErkF3sRmP1Am2wnsUJN6JMuylpipl_TwzPfnQOgUw==
expires: Tue, 17 Mar 2020 07:21:28 GMT

GET
H/1.1 200
OK videoloader.js Show response
dalia-media.videoplayerhub.com/ 97 KB
25 KB 125ms
22ms Script
application/javascript 13.225.87.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dalia-media.videoplayerhub.com/videoloader.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bab3073aeb32f989279da2d80e6e2466c1bdc2e222f04bdff847b249cfdf3bfb

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 1PHLzSwIgUpfueGMzXbKSBDtmzvqjVCs
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 15:41:01 GMT
Server: AmazonS3
Age: 74
Date: Thu, 05 Mar 2020 20:39:38 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: jonP18Zm_z4bnvqjFFHGb0Hw3oDazzmelz6-RojzC4gMT_X-lkBGlA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46526001-2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0366e7d3cf06668847216b506b2343b7970373662c342bd697d7df61009fad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:27 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28477
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 18:28:37 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Mar 2020 20:40:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
s29353.pcdn.co/wp-includes/js/jquery/ 10 KB
5 KB 75ms
49ms Script
application/javascript 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 06:27:20 GMT
content-encoding: gzip
age: 1606387
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: 94c707fb3680253ecb55eaea10fcdbfe
last-modified: Wed, 18 Dec 2019 23:33:49 GMT
server: Pagely-ARES/1.5.1
etag: W/"5dfab75d-2748"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: sjIn57u7WtzLTtARhrXmb10PdctU7rascCtbSOA3u0qfVwuEjTlQvQ==
expires: Tue, 17 Mar 2020 06:27:20 GMT

GET
H2 200 jquery.js Show response
s29353.pcdn.co/wp-includes/js/jquery/ 95 KB
39 KB 96ms
71ms Script
application/javascript 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 06:27:20 GMT
content-encoding: gzip
age: 1606387
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: b3a0b2c0024708b777bfaef98659199c
last-modified: Wed, 18 Dec 2019 23:33:49 GMT
server: Pagely-ARES/1.5.1
etag: W/"5dfab75d-17a69"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: uJA4x-B6BMCot-oHUEWmRKQGm43iXGdBqKk3EKDD08kZDGkcv6-rOA==
expires: Tue, 17 Mar 2020 06:27:20 GMT

GET
H2 200 jita.js Show response
376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/ 351 KB
114 KB 133ms
32ms Script
application/javascript 151.139.240.1
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/jita.js?dfp=1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.1 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 7fa5cb287c60f9ec5807290fb60f8303effbc7b50652f2c4bbc5cb2bac06ce4a

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:27 GMT
content-encoding: gzip
x-amz-request-id: 3B9D49BF6BC48F56
x-cache: HIT
status: 200
content-disposition: inline
x-amz-id-2: WdBgFPoP4VOpK8HGAU2ERIgnVqu7nV+/GJ3d54Yf7feqnp5LF4MK8J4rWdTZIGurr0aRqY8Ff/o=
last-modified: Wed, 04 Mar 2020 10:12:44 GMT
server: nginx
etag: W/"e7864f9794ebb53f6dc99e6314eacb86"
vary: Accept-Encoding
x-amz-version-id: PmWQggNlE4B_umuR5Bbnf9K_93rKIQoh
cache-control: max-age=86400
accept-ranges: bytes
content-type: application/javascript
link: <https://s3.amazonaws.com/jita-cdn/Z1UP/1tMS_0DDL_FwF9/jita.js>; rel="canonical"
expires: Fri, 06 Mar 2020 20:40:27 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 02:40:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 64775
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11052
x-xss-protection: 0
expires: Fri, 05 Mar 2021 02:40:52 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:02:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:17 GMT
server: sffe
age: 3667080
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10996
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:02:27 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 23:09:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:22 GMT
server: sffe
age: 855087
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10968
x-xss-protection: 0
expires: Tue, 23 Feb 2021 23:09:00 GMT

GET
H2 200 fontawesome-webfont.woff2
s29353.pcdn.co/wp-content/themes/envo-magazine/fonts/ 75 KB
76 KB 75ms
32ms Font
font/woff2 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-content/themes/envo-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://s29353.pcdn.co/wp-content/themes/envo-magazine/css/font-awesome.min.css?ver=4.7.0
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 06:28:38 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 1692708
x-cache: Hit from cloudfront
status: 200
access-control-allow-methods: GET, HEAD, OPTIONS
content-length: 77160
x-gateway-cache-status: BYPASS
x-gateway-request-id: f4193c5383cecb6662af37ca8a3140c4
last-modified: Wed, 16 Jan 2019 17:24:54 GMT
server: Pagely-ARES/1.5.1
etag: "5c3f68e6-12d68"
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-content/themes/envo-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: b9yDuLlwSO1n96k9dGz8BcGNxV2KUqBY_RoV7ZKvM5nRmxmyaHa9eA==
expires: Mon, 16 Mar 2020 06:28:38 GMT

GET
H2 200 wp-emoji-release.min.js Show response
s29353.pcdn.co/wp-includes/js/ 14 KB
6 KB 22ms
22ms Script
application/javascript 143.204.101.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s29353.pcdn.co/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-38.fra50.r.cloudfront.net
Software: Pagely-ARES/1.5.1 /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 10:41:09 GMT
content-encoding: gzip
age: 1677557
x-cache: Hit from cloudfront
status: 200
x-gateway-cache-status: BYPASS
x-gateway-request-id: 89c6e148de4a3e34cc303a07e6a2eafa
last-modified: Wed, 18 Dec 2019 23:33:49 GMT
server: Pagely-ARES/1.5.1
etag: W/"5dfab75d-362a"
vary: Accept-Encoding
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s29353.p1102.sites.pressdns.com||/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: _s-51dkk87K_nW_y4cQKlkQyTDyMk5a7d_wZ6I9-GfqKeJwZlEMBMQ==
expires: Mon, 16 Mar 2020 10:41:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46526001-2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0366e7d3cf06668847216b506b2343b7970373662c342bd697d7df61009fad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:27 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28477
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 18:28:37 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Mar 2020 20:40:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46526001-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2897
date: Thu, 05 Mar 2020 19:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 05 Mar 2020 21:52:10 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1070404/ 61 KB
21 KB 170ms
116ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1070404/tfa.js
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c941687b2eafb6679e977de36b7b3df1b96127df35b219af9b60796c047799c5

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: xbJIysc70SUF0mwPATGbKjAzoCGpTbDp
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
date: Thu, 05 Mar 2020 20:40:27 GMT
x-amz-replication-status: COMPLETED
content-length: 21111
x-amz-id-2: PgtHwq/aTMBIJG4xsp/skZbR8XDo6Mnqi92SAGzLesUvJxwG5V5S8H13eGVd2xGBLqcDDzvvDTg=
x-served-by: cache-hhn4071-HHN
last-modified: Wed, 29 Jan 2020 13:44:55 GMT
server: AmazonS3
x-timer: S1583440828.879848,VS0,VE95
etag: "725bee3ad11dbfb230f23af24d3734e0"
vary: Accept-Encoding
x-amz-request-id: 79F085E2F1A74DBD
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 41
x-cache-hits: 1

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
991 B 71ms
21ms Script
application/x-javascript 13.224.194.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: dalia-media.videoplayerhub.com
URL: https://dalia-media.videoplayerhub.com/videoloader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 2052
date: Thu, 05 Mar 2020 20:06:16 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: LxzS3u20bme_NdF813UOapEVsx1BbAMh0NXxOeAgx_rqgKnc4nSJgQ==
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
13ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1563464862&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xtremerain.com%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20XtremeRain&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1649593102&gjid=1836240803&cid=618503689.1583440828&tid=UA-46526001-2&_gid=912588445.1583440828&_r=1&gtm=2ou2q2&z=421879366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
133 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1563464862&t=pageview&_s=2&dl=https%3A%2F%2Fwww.xtremerain.com%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20XtremeRain&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=&gjid=&cid=618503689.1583440828&tid=UA-46526001-2&_gid=912588445.1583440828&gtm=2ou2q2&z=1598847065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 18 Jan 2020 01:27:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4130005
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 33ms
13ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1caf753396395be5d4abb9c1af726f9fae3e45da4104827f091c116611536c6

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:27 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 188283
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=604800
cf-ray: 56f6a6f69b201f55-FRA
x-proxy-cache: HIT
expires: Thu, 12 Mar 2020 20:40:27 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 86ms
20ms Script
text/javascript 13.224.194.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 02 Mar 2020 05:18:36 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 314512
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
X-Amz-Cf-Id: yNk0WDJTGyBsHfffEKInWkuHeN36IRSpRcgulmx20zOjkySVBoTIFw==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s29353.pcdn.co
URL: https://s29353.pcdn.co/wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1aa54088d7d2b37c4e5dd11c47b00095bf5dab0b7e5abfab2c8d09b7ea5192e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1OhJhdKmp/ifd0J9tYGvoQ==
status: 200
date: Thu, 05 Mar 2020 20:40:27 GMT, Thu, 05 Mar 2020 20:40:27 GMT
expires: Thu, 05 Mar 2020 20:52:30 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 1780
x-fb-debug: jP9E4aniURTBdfQDetSLXQr5uWDNXQ2cInTq31zCuqj6ls0Ar7oEtUuIfjxDrWa6u+HW047KelF9a6Z/UMkTaA==
x-fb-trip-id: 1850256238
x-fb-content-md5: 9a8737fe3a72a7ec5f3c81825f78dd74
etag: "6320ea17639534ecfbe17c642b82a24e"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 73ms
24ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:27 GMT
content-encoding: gzip
x-amz-request-id: 3F6B13CD94955BD2
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: owq7LTC2ddnOfWY1uKv5BtBpowDIkcMDm/PvX4TjjjLvjnZV9HT8nBCSuZA0UK8UjkDDMb8Gv+k=
x-served-by: cache-fra19179-FRA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1583440828.986266,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 18140

HEAD
H/1.1 200
OK gdpr Show response
jita.rtk.io/ 0
298 B 59ms
20ms XHR
application/octet-stream 151.139.240.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://jita.rtk.io/gdpr
Requested by: Host: 376.hostedprebid.com
URL: https://376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/jita.js?dfp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.35 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 20:40:27 GMT
Server: nginx
X-Gdpr: 1
X-Cache: MISS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Gdpr,X-Country
X-Country: BE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

OPTIONS
H/1.1 204
No Content TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ Show response
proxy.distiltag.com/ga/ 0
435 B 449ms
349ms XHR
text/plain 192.225.209.8
WHISKEYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy.distiltag.com/ga/TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ?ak=a8bfeb3a10e2bc18bd5e35df435fb7dea&cb=1583440827955:6363224
Requested by: Host: cdn.distiltag.com
URL: https://cdn.distiltag.com/api/v1/script/TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ?GA_TID=UA-46526001-2&GA_CDI=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.225.209.8 , United States, ASN62660 (WHISKEYNET, US),
Reverse DNS
Software: nginx / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.xtremerain.com
Referer: https://www.xtremerain.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,x-distil-ajax

Response headers

Date: Thu, 05 Mar 2020 20:40:28 GMT
Server: nginx
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Methods: POST, OPTIONS
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Access-Control-Allow-Origin: https://www.xtremerain.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type, Content-encoding, X-Distil-Ajax
Content-Length: 0

GET
H/1.1 200
OK kitten
proxy.distiltag.com/ Frame 03B3 0
0 458ms
366ms Document
text/html 192.225.209.8
WHISKEYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy.distiltag.com/kitten?ak=a8bfeb3a10e2bc18bd5e35df435fb7dea&pk=TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ&AYAH_VERSION=2.0&cookiesync=true
Requested by: Host: cdn.distiltag.com
URL: https://cdn.distiltag.com/api/v1/script/TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ?GA_TID=UA-46526001-2&GA_CDI=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.225.209.8 , United States, ASN62660 (WHISKEYNET, US),
Reverse DNS
Software: nginx / Express
Resource Hash

Request headers

Host: proxy.distiltag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.xtremerain.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.xtremerain.com/

Response headers

Server: nginx
Date: Thu, 05 Mar 2020 20:40:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=600
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
X-Powered-By: Express
X-Distil-CS: MISS
Content-Encoding: gzip

POST
H/1.1 204
No Content events Show response
origin.distiltag.com/ 0
424 B 430ms
108ms XHR
text/plain 35.169.10.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.distiltag.com/events?cb=1583440827974:3739138&ak=a8bfeb3a10e2bc18bd5e35df435fb7dea
Requested by: Host: cdn.distiltag.com
URL: https://cdn.distiltag.com/api/v1/script/TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ?GA_TID=UA-46526001-2&GA_CDI=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.10.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-10-124.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.xtremerain.com
Date: Thu, 05 Mar 2020 20:40:28 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Powered-By: Express
Vary: Origin
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"

GET
H/1.1 200
OK rates.json Show response
jita.rtk.io/assets/ 3 KB
2 KB 19ms
18ms XHR
application/json 151.139.240.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://jita.rtk.io/assets/rates.json
Requested by: Host: 376.hostedprebid.com
URL: https://376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/jita.js?dfp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.35 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed9f9b25b4831c0a1c29aa860cabfaf2518dc7d58c387946d0494a40d10af67

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 20:40:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 20:00:03 GMT
Server: nginx
x-amz-request-id: FC5B13302D46E080
ETag: "719b3d11933e1247e7d62f81fe9f4a16"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/json
Access-Control-Allow-Origin: *
Content-Length: 1505
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: zMw1pIh6IOE.JCBJD2x7YZORtRTYdEKG
x-amz-id-2: 9WrLqFEOs9fp61lBKnomdTdG3YStVh2khN6oS6erQjIRKxiHjP4u+aNCAVDCyuoPVp50e+Fj3eA=

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 390 KB
113 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a649b87f595fd5dda94866cb67a37805&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

845686d2b834d6367ea8780a81fc5b34782057d4eff04b600274e229dde6fd58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IPsOdVAPPg7L0AATiUTVvA==
status: 200
date: Thu, 05 Mar 2020 20:40:28 GMT, Thu, 05 Mar 2020 20:40:28 GMT
expires: Fri, 05 Mar 2021 20:37:53 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 115474
x-fb-debug: 7vjJeX13iDBdUl8ipq07Ql0Mn43NCjWlE135qbStsU+RKRtfmtE1n6B6rTSb7xyWAEc7qUsocB9sAoUq34yzlA==
x-fb-trip-id: 2047048586
x-fb-content-md5: a65e6fb1df116d4d3596037938a4d2fd
etag: "c9aeeac25942aac435aacd9f7642c69a"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK 61aa1bf03a Show response
bam.nr-data.net/1/ 57 B
275 B 430ms
108ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/61aa1bf03a?a=280086884&v=1167.2a4546b&to=bgBTYUoFXkRWVkBZXFdKcFZMDV9ZGEFRXUNVBEVQFQxfWlJFVVdW&rst=1468&ref=https://www.xtremerain.com/&ap=138&be=1222&fe=1369&dc=1359&perf=%7B%22timing%22:%7B%22of%22:1583440826558,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:21,%22c%22:21,%22s%22:26,%22ce%22:41,%22rq%22:41,%22rp%22:739,%22rpe%22:741,%22dl%22:741,%22di%22:752,%22ds%22:771,%22de%22:771,%22dc%22:1220,%22l%22:1220,%22le%22:1231%7D,%22navigation%22:%7B%7D%7D&fp=889&fcp=889&at=QkdQFwIfTUo%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 97ms
30ms Image
image/gif 13.224.194.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Homepage%20-%20XtremeRain&time=1583440828027&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.xtremerain.com%2F&random_number=9198574162&sess_cookie=1553d5b7170ac6d967b98240944&sess_cookie_flag=1&user_cookie=1553d5b7170ac6d967b98240944&user_cookie_flag=1&dynamic=true&domain=xtremerain.com&account=8iJym1akGFL1L7&jsv=20130128&user_lang=en-US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 05 Mar 2020 07:05:21 GMT
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-meta-alexa-last-modified: 20110117123941
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 48907
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: -lBI9cxBK1oRQOMXEi52BQD-JQmjlRH68J_RuANkkE4AGu7stQduGA==

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
992 B 21ms
21ms Script
application/x-javascript 13.224.194.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: dalia-media.videoplayerhub.com
URL: https://dalia-media.videoplayerhub.com/videoloader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 2053
date: Thu, 05 Mar 2020 20:06:19 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: UIRCqd0dBpB1gljtwrwtoKDHVbnzC_94mZ7V7QV5Yq9PbX2Iipf0qg==
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 44 KB
15 KB 83ms
32ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 376.hostedprebid.com
URL: https://376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/jita.js?dfp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

4ff15c701ae319f9e2e324ae48114c214e5fc3f8ed334455e672e7771c22a6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "448 / 124 of 1000 / last-modified: 1583428060"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
expires: Thu, 05 Mar 2020 20:40:28 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 87 KB
25 KB 94ms
49ms Script
application/javascript 143.204.90.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: 376.hostedprebid.com
URL: https://376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/jita.js?dfp=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 22:01:18 GMT
content-encoding: gzip
server: Server
age: 81550
etag: 1dcfbf3986ee8b9c3abbc67eb808ab43
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: kWNTqNXVCnGySzJYOiuFa5sCRY2FEf1IQWP3kCKZtSAGZVBbnXehWw==
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)

GET
H2 200 page.php
www.facebook.com/v2.4/plugins/ Frame A9E3 0
0 159ms
159ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df6efe2ea5439ec%26domain%3Dwww.xtremerain.com%26origin%3Dhttps%253A%252F%252Fwww.xtremerain.com%252Ff17aef8de7c544%26relation%3Dparent.parent&container_width=360&height=500&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fxtremerain%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&small_header=false&width=300px

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a649b87f595fd5dda94866cb67a37805&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.4/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df6efe2ea5439ec%26domain%3Dwww.xtremerain.com%26origin%3Dhttps%253A%252F%252Fwww.xtremerain.com%252Ff17aef8de7c544%26relation%3Dparent.parent&container_width=360&height=500&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fxtremerain%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&small_header=false&width=300px
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.xtremerain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.xtremerain.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v2.12
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: /0v5q7yqRZ7R1862lVwqeRA7SvM1X7FpqIHm7mtbMsieaN/7yA/lKsduid92DPlg8t77J2+ntrB2fWOB/ZVyIQ==
date: Thu, 05 Mar 2020 20:40:28 GMT Thu, 05 Mar 2020 20:40:28 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
778 B 36ms
17ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.xtremerain.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.xtremerain.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020022701.js Show response
securepubads.g.doubleclick.net/gpt/ 164 KB
60 KB 85ms
85ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

dfc3f558d7ab9659f6fc3a1c61fa7c5c6c905adecd8bff069652254c13f84b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61148
x-xss-protection: 0
expires: Thu, 05 Mar 2020 20:40:28 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 62ms
22ms XHR
application/javascript 143.204.90.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 08:36:16 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 43453
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 05 Mar 2020 08:28:46 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3SC6o9ZSsif3TKvFSgm9JGyrg3_cyivdLtWOc6Bk_vU_UuJSXC7lRA==

GET
H2 200 in.php Show response
in.getclicky.com/ 181 B
468 B 453ms
149ms Script
text/javascript 198.145.13.14
IINET-2044

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101133525&type=pageview&href=%2F&title=Homepage%20-%20XtremeRain&res=1600x1200&lang=en&jsuid=2646296216&mime=js&x=0.15374108143065146
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.14 , United States, ASN2044 (IINET-2044, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 72452a1693b918caa1fb2f6bc8180014a86af7c2b232ca0b3246e4a55d977162

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:28 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
385 B 21ms
21ms Image
image/gif 13.224.194.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.13297265996647156
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 21:28:49 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 83500
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/gif
content-length: 43
x-amz-cf-id: 2Su4ARcTfCQkQ7rfrBU7ZYvktbD6N3O4MSCQ5G37anrO2kSvjoPj2w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 114 B
502 B 311ms
311ms XHR
text/javascript 143.204.90.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.xtremerain.com%2F&pid=ZWyCZ1V82v0Fc&cb=0&ws=1600x1200&v=7.47.00&t=1600&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21762636049%2Fxtremerain.com_desktop_300x250_1_is%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21762636049%2Fxtremerain.com_desktop_300x600_1_is%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%2C%22234x60%22%2C%22300x50%22%2C%22320x50%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F21762636049%2Fxtremerain.com_desktop_728x90_1_is%22%7D%5D&cfgv=0&pubid=16f7910e-a2fc-4bc4-a42a-e77d5f914f0f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: b52bc9a560ebbc71b13da30fdcf9307215e4ca02616185797dc658a13c489a01

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 20:40:28 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA50-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.xtremerain.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 124
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-id: A9Qte0JRitM_4zk3ExTP896mFkUtAN-H-u9nA7kM9nb4whS4lkbS4g==

POST
H/1.1 200
OK TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ Show response
proxy.distiltag.com/ga/ 2 B
525 B 379ms
367ms XHR
text/plain 192.225.209.8
WHISKEYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy.distiltag.com/ga/TdxqbCn62Gw8OvySAfUMCbvn4MUQeMNMLVmK6WLQ?ak=a8bfeb3a10e2bc18bd5e35df435fb7dea&cb=1583440827955:6363224
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.225.209.8 , United States, ASN62660 (WHISKEYNET, US),
Reverse DNS
Software: nginx / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
X-Distil-Ajax: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 05 Mar 2020 20:40:28 GMT
Server: nginx
X-Powered-By: Express
Vary: Origin
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Access-Control-Allow-Origin: https://www.xtremerain.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain
Content-Length: 2

GET
H2 200 px.gif
ad-delivery.net/ 43 B
385 B 22ms
21ms Image
image/gif 13.224.194.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.13297265996647156
Requested by: Host: dalia-media.videoplayerhub.com
URL: https://dalia-media.videoplayerhub.com/videoloader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 21:28:49 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 83500
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/gif
content-length: 43
x-amz-cf-id: 2KHOlOa5aag6fRyr_Bm1CcXx0RCTCshAtvcQ7YLD4MkgBlSydZ5gpg==

GET
H/1.1 200
OK jquery.color-2.1.2.min.js Show response
cluster-na.cdnjquery.com/color/ 91 B
355 B 641ms
316ms Script
text/javascript 52.1.207.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1583440828490&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.xtremerain.com%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%228c29f69c-5f21-11ea-b85d-e5323ff62b1c%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.xtremerain.com%2F&csVersion=1.21.42&clearThroughOptions=undefined

Requested by

Host: dalia-media.videoplayerhub.com
URL: https://dalia-media.videoplayerhub.com/videoloader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.207.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-207-152.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

c2d5d46acadcfd822f8783e6e3f41e83543e0d9c1b51fec7d67dce574f9f7049

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 20:40:29 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
ETag: W/"5b-tiPcUuhv0PL/Kw2Ux/sPgVkdPrw"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Charset: utf8
Connection: keep-alive
Content-Length: 83

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 702A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dmx
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dmx&dcc=t

0
0

204ms
204ms

Document
text/html

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dmx&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.xtremerain.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7YdC8xEW0qap7BORoFXcUQ|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.xtremerain.com/

Response headers

Server: Server
Date: Thu, 05 Mar 2020 20:40:28 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 189
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A7YdC8xEW0qap7BORoFXcUQ; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2020 20:40:28 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Tue, 01-Apr-2025 20:40:28 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Thu, 05 Mar 2020 20:40:28 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dmx&dcc=t
Set-Cookie: ad-id=A7YdC8xEW0qap7BORoFXcUQ|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2020 20:40:28 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
16 KB 395ms
394ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4177736772941482&correlator=3290836077145434&output=ldjh&impl=fifs&adsid=NT&eid=21062452%2C21062832%2C21064169&vrg=2020022701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200305&iu_parts=21762636049%2Cxtremerain.com_desktop_300x250_1_is%2Cxtremerain.com_desktop_300x600_1_is%2Cxtremerain.com_desktop_728x90_1_is&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x600%2C320x50%7C728x90%7C234x60%7C300x50%7C320x50%7C468x60&fluid=height%2Cheight%2Cheight&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1583440828&dt=1583440828673&dlt=1583440827299&idt=1018&frm=20&biw=1585&bih=1200&oid=3&adxs=1003%2C1003%2C223&adys=591%2C3075%2C1198&adks=2465067842%2C1326420703%2C2624665905&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.xtremerain.com%2F&dssz=38&icsg=2269184&std=22&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x271%7C360x621%7C750x111&msz=360x271%7C360x621%7C750x111&ga_vid=618503689.1583440828&ga_sid=1583440829&ga_hid=1563464862&fws=4%2C4%2C4&ohw=1585%2C1585%2C1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba458b65ebf65f0b84cf8f14fada5d60129655dada2266ca3f5752bd76d785b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 20:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15399
x-xss-protection: 0
google-lineitem-id: -1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.xtremerain.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020022701.js Show response
securepubads.g.doubleclick.net/gpt/ 69 KB
25 KB 33ms
33ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

8b81c098f8cd1362848b2d9b10a139bbf07ed1aa0411712c7d502d31a1734506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25762
x-xss-protection: 0
expires: Thu, 05 Mar 2020 20:40:28 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012002192257490/ Frame 4A92 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23c6db2aad79c099d48bac09371e980079a3995d071fa8d8c0ddf40b36a994a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13944
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55776
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 16:48:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ef402632ed7828b5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 16:48:05 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012002192257490/ Frame 4A92 200 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23c6db2aad79c099d48bac09371e980079a3995d071fa8d8c0ddf40b36a994a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13944
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55776
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 16:48:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ef402632ed7828b5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 16:48:05 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 4A92 16 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c83987a64881c948026b94a025613e0b23e00a7dd45a2160697c59ab29eead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38009
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5731
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 10:07:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c74b1adbb57314b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 10:07:00 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 4A92 92 KB
28 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2330d883dd19a510c1f22595372339a0d087b268c122e0ce88a117077fe9512e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13951
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28193
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 16:47:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7a316e35698494ac"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 16:47:58 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 4A92 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9acae2affd2b439257a9a6d6cb05b3b11688e46f4372171a33b93019c255887

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38013
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 10:06:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6ab65d382fa06140"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 10:06:56 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 4A92 46 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e547999f1ea38d895bb9d1e6aea9c9fc709ebea2c5353083ef7cf8e6022078c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38006
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14840
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 10:07:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d7a69f9de78cc680"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 10:07:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4A92 7 KB
839 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=nl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 20:40:29 GMT
server: ESF
date: Thu, 05 Mar 2020 20:40:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Mar 2020 20:40:29 GMT

GET
DATA 200
OK truncated
/ Frame 4A92 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8a7f9494ddf0ed1b6f58df2f022fb70e7f9a05e980dff71ecf961855aa2c571

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012002192257490/ 20 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6e4151723a408b5ac112d5a5418d57da536b66eece45b0eb6b654fa4955c85a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 5098
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7147
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 19:15:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5f4d41a8d71ac199"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 19:15:31 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4894838824196818739/ Frame 4A92 135 KB
135 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4894838824196818739/downsize_200k_v1

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d83e12d79feedff90a74f9309750814d32bb1500d7f2b55f1567e0496052002d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 08:58:12 GMT
x-content-type-options: nosniff
age: 1424537
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 137822
x-xss-protection: 0
last-modified: Tue, 17 Dec 2019 08:53:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Feb 2021 08:58:12 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4A92 0
0 39ms
34ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CduptvGNhXvKRLdPi3wP0zoCIBZGM895avZWU1NMKvdbL9OEYEAEg3aGdH2C56L6A1AGgAZvP7tADyAEJqQJshCrNScyyPuACAKgDAcgDCqoE3QFP0AQHPnZPdjVzwcBpgAaivSWxgijd270s_-lq5CqvqowexKmEMzXvUedQi7eZjtGILJJMjJ2ftXpKqEIgLQ-KVqr6rQSZqa16J1PHXAFj-BUaRp9zsgcqcOmvITB6aEJXlTvjBE99RBLec9ZyvrmHy_Yo_04T5DuT2d2H3Kbz9z2xpd3As-_8ghR86dhr1WeEbqp-1MtpEYUAach0t3mUqBIAgy_0WWiMT278zHMhJye7OdDgqsU3a4tDqxm0wTlQYx59-Twa-rgTo3nsHVrBhUuDh0UA4L_6DV3kK8AErPm2vMMC4AQBoAYugAfNsJEvqAeOzhuoB9XJG6gHk9gbqAef2xuoB7oGqAfy2RuoB6a-G6gH7NUb2AcA8gcEEPPgAtIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tODAwNTA3MDU2MjMxMzU3NYAKA8gLAdgTAw&sigh=LL8y1pE4JWs&template_id=5000&tpd=AGWhJms7ruR5L7tDgVPSiiEGwuDdSCYksdKhh66NEHOZT9aTow
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A92 2 KB
3 KB 12ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 23:33:47 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 76002
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Mar 2020 23:33:47 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A92 295 B
422 B 12ms
7ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 21:53:20 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 82029
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Mar 2020 21:53:20 GMT

OPTIONS
H2 200 analytics Show response
bucket.rtk.io/ 0
339 B 75ms
25ms XHR
text/html 172.105.79.150
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.rtk.io/analytics
Requested by: Host: 376.hostedprebid.com
URL: https://376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/jita.js?dfp=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.105.79.150 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2040-150.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.xtremerain.com
Referer: https://www.xtremerain.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:29 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: https://www.xtremerain.com
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
content-length: 0
expires: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012002192257490/ Frame 7BDF 200 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23c6db2aad79c099d48bac09371e980079a3995d071fa8d8c0ddf40b36a994a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13944
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55776
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 16:48:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ef402632ed7828b5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 16:48:05 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012002192257490/ Frame 7BDF 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23c6db2aad79c099d48bac09371e980079a3995d071fa8d8c0ddf40b36a994a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13944
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55776
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 16:48:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ef402632ed7828b5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 16:48:05 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 7BDF 16 KB
6 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c83987a64881c948026b94a025613e0b23e00a7dd45a2160697c59ab29eead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38009
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5731
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 10:07:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c74b1adbb57314b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 10:07:00 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 7BDF 92 KB
28 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2330d883dd19a510c1f22595372339a0d087b268c122e0ce88a117077fe9512e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13951
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28193
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 16:47:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7a316e35698494ac"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 16:47:58 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 7BDF 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9acae2affd2b439257a9a6d6cb05b3b11688e46f4372171a33b93019c255887

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38013
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 10:06:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6ab65d382fa06140"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 10:06:56 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 7BDF 46 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012002192257490/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e547999f1ea38d895bb9d1e6aea9c9fc709ebea2c5353083ef7cf8e6022078c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38006
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14840
x-xss-protection: 0
server: sffe
date: Thu, 05 Mar 2020 10:07:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d7a69f9de78cc680"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 10:07:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7BDF 7 KB
790 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 20:40:29 GMT
server: ESF
date: Thu, 05 Mar 2020 20:40:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Mar 2020 20:40:29 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7BDF 2 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 23:33:47 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 76002
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Mar 2020 23:33:47 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7BDF 295 B
360 B 8ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 21:53:20 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 82029
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Mar 2020 21:53:20 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/4894838824196818739/ Frame 7BDF 71 KB
71 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4894838824196818739/2076313506083323656

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cad9e8c045a5d52c7062656390fc0841b4107015993adddf07602d0c87d80a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 19:58:15 GMT
x-content-type-options: nosniff
age: 1384934
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 72519
x-xss-protection: 0
last-modified: Tue, 17 Dec 2019 08:53:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Feb 2021 19:58:15 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16460398209917220646/ Frame 7BDF 5 KB
5 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16460398209917220646/downsize_200k_v1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b5b74f15e8efe599a177c7c5d773f0860c74dc08edc7094bcae64d44d00f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 04:03:59 GMT
x-content-type-options: nosniff
age: 59790
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5101
x-xss-protection: 0
last-modified: Tue, 17 Dec 2019 08:53:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 04:03:59 GMT

GET
DATA 200
OK truncated
/ Frame 7BDF 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7BDF 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4e029072e7dc5db1fd8298d13bbe9c873320b7cbf09644d11dd0a39b798dab

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 analytics Show response
bucket.rtk.io/ 0
338 B 32ms
28ms XHR
text/html 172.105.79.150
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.rtk.io/analytics
Requested by: Host: 376.hostedprebid.com
URL: https://376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/jita.js?dfp=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.105.79.150 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2040-150.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.xtremerain.com
Referer: https://www.xtremerain.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:29 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: https://www.xtremerain.com
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
content-length: 0
expires: 0

OPTIONS
H2 200 analytics Show response
bucket.rtk.io/ 0
338 B 30ms
29ms XHR
text/html 172.105.79.150
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.rtk.io/analytics
Requested by: Host: 376.hostedprebid.com
URL: https://376.hostedprebid.com/Z1UP/1tMS_0DDL_FwF9/jita.js?dfp=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.105.79.150 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2040-150.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.xtremerain.com
Referer: https://www.xtremerain.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:29 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: https://www.xtremerain.com
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
content-length: 0
expires: 0

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7BDF 0
0 37ms
35ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Co4oyvGNhXvORLdPi3wP0zoCIBZGM895avZWU1NMKvdbL9OEYEAEg3aGdH2C56L6A1AGgAZvP7tADyAEJqQJshCrNScyyPuACAKgDAcgDCqoE3QFP0IsSKrl8vZHBV05iWSUQnqc2QsyA106ALPsEiwOkPwevYCxuisM-TJbdCpt8xPYl3xQZGDSQMra6JJ4P-K3JyUF9QmnDECfS38XpwIorilZ0bsxxznSkj7RSZ2IYzyn_OfQDbpHYVLLb8NA9cHNcrQhLn5od45c5-b8xdTO_NAlq2FlbiyA5ZSJm261SyemoK-UDDzwHmifSi-aU9GIqB0oJwFKXrhPxoNtUY1U7_wh5_rAOACl2o8d34vmZ4s9_bHoVJCcvwRpjb6wsXiUZUuqHUyJlyrmwvJwHcMAErPm2vMMC4AQBoAYugAfNsJEvqAeOzhuoB9XJG6gHk9gbqAef2xuoB7oGqAfy2RuoB6a-G6gH7NUb2AcA8gcEEPuHAdIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tODAwNTA3MDU2MjMxMzU3NYAKA8gLAdgTAw&sigh=qk7X_epkF2Y&template_id=484&tpd=AGWhJmtADqmR3rnVR_WL5S607HKvbJejO2yby2H1b-Tey80S-g
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 21ms
20ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020022701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

743a8fff6ec924aeef569e68c9b5e39b564aa730eaa4cc6d4ee84a68eb07632d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Mar 2020 20:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5278
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4A92 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=nl
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 01:12:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 847671
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Wed, 24 Feb 2021 01:12:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4A92 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=nl
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 3666494
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:12:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4A92 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=nl
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3634198
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:10:31 GMT

POST
H2 200 analytics Show response
bucket.rtk.io/ 0
338 B 93ms
40ms XHR
text/html 172.105.79.150
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.rtk.io/analytics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.105.79.150 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2040-150.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:29 GMT
server: nginx/1.14.0 (Ubuntu)
status: 200
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.xtremerain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
content-length: 0
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 20:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 05 Mar 2020 20:40:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7BDF 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:07:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 4131159
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sun, 17 Jan 2021 01:07:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7BDF 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.xtremerain.com
URL: https://www.xtremerain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 3666494
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:12:15 GMT

POST
H2 200 analytics Show response
bucket.rtk.io/ 0
339 B 49ms
39ms XHR
text/html 172.105.79.150
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.rtk.io/analytics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.105.79.150 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2040-150.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:29 GMT
server: nginx/1.14.0 (Ubuntu)
status: 200
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.xtremerain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
content-length: 0
expires: 0

POST
H2 200 analytics Show response
bucket.rtk.io/ 0
338 B 64ms
54ms XHR
text/html 172.105.79.150
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.rtk.io/analytics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.105.79.150 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2040-150.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xtremerain.com/
Origin: https://www.xtremerain.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:29 GMT
server: nginx/1.14.0 (Ubuntu)
status: 200
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.xtremerain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
content-length: 0
expires: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4A92
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.xtremerain.com
URL: https://www.xtremerain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 Mar 2020 20:40:29 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C892 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.xtremerain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.xtremerain.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 05 Mar 2020 19:23:27 GMT
expires: Fri, 05 Mar 2021 19:23:27 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4622
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7BDF 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 23:33:47 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 76002
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Mar 2020 23:33:47 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7BDF 295 B
361 B 6ms
6ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 21:53:20 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 82029
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Mar 2020 21:53:20 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 16ms
15ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020022701&jk=4177736772941482&bg=!kJOlk4tYVWFm8PYUhHcCAAAAPlIAAAAJmQFePCYwn_cUjQclsjEAWlI0ogbx1HLAIwcK-PquRSK0kxOEKuQxs84FW8ozSX9YpVmA9290bbSdgFprayCEDEMjTvrSWL5XUMUuk58K96trxLobLYU2vd5n3Hyoc4z81EvKGGzn1pvQd3QlPPIipjv4d1I4PIBvQiJrR6VHtxrAjD_oIG1Z5WBKYqqjoknz5QObQG-zGC3JECsLyFE7XEgzeNxMxGAtxX42-615qdpK7W_rVuig7xqJ4iiqIadIY_t2X7j364hlUoU2K0CfNViOCOsB7qgtdDMttjgqDnhwHQjRAJ7tBWDqHR-lDH4ENy6iaAVnUF1WmXWla6n5z6gBV62u9qxM0Lg9E7hitVtALtVPrPsdnU50pPEh8WrugR1irH3cz6zNGU5xprPIKPevlfMMeKWNW8sO4G3pPJsaQyut18I4rIyxccA8L92mfBi_O3WEOR3WpDdgBOuv57c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4A92 0
0 39ms
38ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMEsJvGNhXvKRLdPi3wP0zoCIBZGM895avZWU1NMKvdbL9OEYEAEg3aGdH2C56L6A1AGgAZvP7tADyAEJqQJshCrNScyyPuACAKgDAaoE3QFP0AQHPnZPdjVzwcBpgAaivSWxgijd270s_-lq5CqvqowexKmEMzXvUedQi7eZjtGILJJMjJ2ftXpKqEIgLQ-KVqr6rQSZqa16J1PHXAFj-BUaRp9zsgcqcOmvITB6aEJXlTvjBE99RBLec9ZyvrmHy_Yo_04T5DuT2d2H3Kbz9z2xpd3As-_8ghR86dhr1WeEbqp-1MtpEYUAach0t3mUqBIAgy_0WWiMT278zHMhJye7OdDgqsU3a4tDqxm0wTlQYx59-Twa-rgTo3nsHVrBhUuDh0UA4L_6DV3kK8AErPm2vMMC4AQBoAYugAfNsJEvqAeOzhuoB9XJG6gHk9gbqAef2xuoB7oGqAfy2RuoB6a-G6gH7NUb2AcA8gcEEPPgAtIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tODAwNTA3MDU2MjMxMzU3NYAKA8gLAdgTAw&sigh=scgn6E2FwmQ&vt=1&template_id=5000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4A92 42 B
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKHYvw9siPsmwXt1M3JJP9W68BX2_fxlbQmjmc-otZ8KiDKnTHjTxB_Z4W7bjaAHUQ3_j-2Py3TtBq4YOLzE4aMcBR0B1TQiP5WwjqproPxqi1z6O8mAeUmU7ytA&sai=AMfl-YS16smfW2I0Ir0ZOeiSUY3qWMWj_MtBK3ZYxYLcDmalWb8zdJO27w0qIo0C-twuEJC39VqO6F4TnnJyEEL2CVyhtSyjFB-VSqATXWSHew&sig=Cg0ArKJSzAXT_oJFRSXUEAE&id=ampim&o=1033,591&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=133&tls=1133&g=100&h=100&tt=1133&r=v&adk=2465067842&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xtremerain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 20:40:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xtremerain.com/	1970-01-19 08:33:52	Name: __cfduid Value: daa19dfbaf975894292ca1980c003da151583440826

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s29353.pcdn.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://dalia-media.videoplayerhub.com/videoloader.js(Line 1) Message: Video gallery initializing
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1070404/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"page_view","id":1070404,"tim":1583440828033}'. TypeError: Cannot read property 'getItem' of null
console-api	info	URL: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js(Line 408) Message: Powered by AMP ⚡ HTML – Version 2002192257490 https://www.xtremerain.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js(Line 408) Message: Powered by AMP ⚡ HTML – Version 2002192257490 https://www.xtremerain.com/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js(Line 20) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=CMEsJvGNhXvKRLdPi3wP0zoCIBZGM895avZWU1NMKvdbL9OEYEAEg3aGdH2C56L6A1AGgAZvP7tADyAEJqQJshCrNScyyPuACAKgDAaoE3QFP0AQHPnZPdjVzwcBpgAaivSWxgijd270s_-lq5CqvqowexKmEMzXvUedQi7eZjtGILJJMjJ2ftXpKqEIgLQ-KVqr6rQSZqa16J1PHXAFj-BUaRp9zsgcqcOmvITB6aEJXlTvjBE99RBLec9ZyvrmHy_Yo_04T5DuT2d2H3Kbz9z2xpd3As-_8ghR86dhr1WeEbqp-1MtpEYUAach0t3mUqBIAgy_0WWiMT278zHMhJye7OdDgqsU3a4tDqxm0wTlQYx59-Twa-rgTo3nsHVrBhUuDh0UA4L_6DV3kK8AErPm2vMMC4AQBoAYugAfNsJEvqAeOzhuoB9XJG6gHk9gbqAef2xuoB7oGqAfy2RuoB6a-G6gH7NUb2AcA8gcEEPPgAtIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tODAwNTA3MDU2MjMxMzU3NYAKA8gLAdgTAw&sigh=scgn6E2FwmQ&vt=1&template_id=5000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

376.hostedprebid.com
aax-eu.amazon-adsystem.com
ad-delivery.net
adservice.google.be
adservice.google.com
ajax.cloudflare.com
bam.nr-data.net
bucket.rtk.io
c.amazon-adsystem.com
cdn.ampproject.org
cdn.distiltag.com
cdn.taboola.com
certify-js.alexametrics.com
certify.alexametrics.com
cluster-na.cdnjquery.com
connect.facebook.net
dalia-media.videoplayerhub.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.getclicky.com
jita.rtk.io
js-agent.newrelic.com
origin.distiltag.com
pagead2.googlesyndication.com
proxy.distiltag.com
s29353.pcdn.co
securepubads.g.doubleclick.net
static.getclicky.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.xtremerain.com
13.224.194.116
13.224.194.39
13.224.194.71
13.225.87.74
143.204.101.112
143.204.101.38
143.204.90.242
151.101.114.2
151.101.14.110
151.139.240.1
151.139.240.35
162.247.242.20
172.105.79.150
192.225.209.8
198.145.13.14
216.58.206.2
2606:4700:3035::681b:98b9
2606:4700::6810:a010
2606:4700::6811:4104
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:814::2001
2a00:1450:4001:815::200a
2a00:1450:4001:816::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2001
2a00:1450:4001:820::2002
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.169.10.124
52.1.207.152
52.95.123.41
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
067a5e6187899d2f84b081c427fafbcc0a444e16990e8b647c525b1c44aa4828
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071d6ebc509963de87539a8730926c33f375794f74fe907973982a0a470a96b1
0ae0408284f49294130eece825154f88518ef0a72d5c5326266ef64d01101a42
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f12618299dbd9318ecc73d31f6d38b9d078dcb4461cad33b252cc2e46a138a6
11153b262bd54fb5d51730ead80cad8415b6728de4e4c2f70001fbeac20b193c
178c936745175c4747d640b48d0179d5aa9098cb9dd6b8bfda2e65d974636c05
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1aa54088d7d2b37c4e5dd11c47b00095bf5dab0b7e5abfab2c8d09b7ea5192e2
1ab894ac96f0d05426ef3f67bbfb54c83a6c6414f4189b780504a19953348401
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2330d883dd19a510c1f22595372339a0d087b268c122e0ce88a117077fe9512e
256a39a0c064c7b247b8d206dc5cf82d78f70e905a07216b2af799c2c030d432
2758c00f3eba60b69de9049537dbbff0ff3d6bd1301cd35892870e3cd09db578
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2db5f938ef1a338ec041efee8871662bb2fdd6f39cef8f8fea3aacccec2ba151
2e11a39a7de5e23f8171829708551abdd8c8578bc1eb78314a2a031ad94c0c5d
30b5b74f15e8efe599a177c7c5d773f0860c74dc08edc7094bcae64d44d00f93
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c3fd23be315e188cb14a803233467f9490bf8ac359373b87f06eb24c0421299
4752a58850ca277cb188e8b97b0f8cb7d98a3b8bd34cd1d1954efddad1780398
482d00bf3d318b348f24693be97bb06d5a3d07bbed680821fb41b8df62ecdd15
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4ae7d3b3431cc6a4c4343102e3d91c146797a103d4ca3fd6bdd083cc851f0a49
4cad9e8c045a5d52c7062656390fc0841b4107015993adddf07602d0c87d80a6
4cb1b36a53582214f1c5925af2548c0a6b87292d199fd41a0cacf7cfdd0c9385
4e806ffd3db5ccbc6af5d81a539943cd29e47a6caf145316c11c5d49d2c79013
4ed9f9b25b4831c0a1c29aa860cabfaf2518dc7d58c387946d0494a40d10af67
4ff15c701ae319f9e2e324ae48114c214e5fc3f8ed334455e672e7771c22a6d7
544176bafee5678e0476285fd3aa964b9acc65155ca7d72214afc1e96e921d5a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6597d5579d518fa8219afb672f011ed40d50e8eeafdf1fe8de1ece02cceedb24
6cc5e434a2d4da2b1561c2348c81fe7536251d2a515790de4b4257f4184fa95b
706d79e0fb39d3d759c094b02db211201e890080655dbcb5403de9e4b3b8c4eb
71773004e39610f83a18744ddffebaa0a58318eab3aa70d34f62b8db05b5fe7c
72452a1693b918caa1fb2f6bc8180014a86af7c2b232ca0b3246e4a55d977162
743a8fff6ec924aeef569e68c9b5e39b564aa730eaa4cc6d4ee84a68eb07632d
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7769629291758f0f38b1014a0e8dfab8d04e66ed89dde9982a9dfbc5185a0fa0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e5c74c4db14645a7cac29a8b56cfd7bf1e25c8cffa49efdb64a52c51860e3b6
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7fa5cb287c60f9ec5807290fb60f8303effbc7b50652f2c4bbc5cb2bac06ce4a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837c12eee5b5b4cf89db4aef89a72a741172cc4a6fe1e4f76c1a33349c8d112a
845686d2b834d6367ea8780a81fc5b34782057d4eff04b600274e229dde6fd58
8673d76617305b9737c559a70f83c84452eaadf89fb6b652b6b346a5d77ada58
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a96d126bbc4629b4d48bd1b7133c53e2d812f499309385d4affacb347c12558
8b81c098f8cd1362848b2d9b10a139bbf07ed1aa0411712c7d502d31a1734506
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
95e0056dec18c70d2c713c794bac401824b1e5b779d70403742da1f7e68f0257
9ba458b65ebf65f0b84cf8f14fada5d60129655dada2266ca3f5752bd76d785b
9fd78475f31dd705ae6091e008a223261dffe3611080f5b8acdb1723b88f8553
a0366e7d3cf06668847216b506b2343b7970373662c342bd697d7df61009fad8
a37882afdb7b85d7e3831d008ec8b6e8c174087fa06f523aae061dac6c9b7f6c
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1d144734911ba874c3fd82fcee0031c72b72e1acb6ac1d8b39e7f24aeb748f9
b2053e08c7677f5f8e4a1d0a9df959d610cd64bbe4af7127565cf447d114a9b1
b23c6db2aad79c099d48bac09371e980079a3995d071fa8d8c0ddf40b36a994a
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2
b52bc9a560ebbc71b13da30fdcf9307215e4ca02616185797dc658a13c489a01
b7129215243f7a506aee4ea67fca4b14565f2a9d374a1ed02fea04bf3a1cc5f9
b9acae2affd2b439257a9a6d6cb05b3b11688e46f4372171a33b93019c255887
bab3073aeb32f989279da2d80e6e2466c1bdc2e222f04bdff847b249cfdf3bfb
c107193f46cf5b2626bb50d5d4525e08da10c3a56c202e98ecbb126c00bfa542
c1b0035911b9558d3e557c87c964b5a1bc9096f5280bfe6b0ff0ef0d8afb0515
c2d5d46acadcfd822f8783e6e3f41e83543e0d9c1b51fec7d67dce574f9f7049
c47b990b0158abc0b3321477148d2c90a07d242782e5b77c53b8402bca09e9c7
c941687b2eafb6679e977de36b7b3df1b96127df35b219af9b60796c047799c5
cd8892615cdfad54eddecb791e8cdee3358f7f75bf83d7960d6289ae9482b00c
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d1caf753396395be5d4abb9c1af726f9fae3e45da4104827f091c116611536c6
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
d38f6b7d9e14b9535d94fd23826dac10b94f140523875a0fe7ed8913e5803446
d3a4d55a29b3f267b577c1b5d5bda4d9982d58458b92d85005319c9feea65e1a
d83e12d79feedff90a74f9309750814d32bb1500d7f2b55f1567e0496052002d
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
de4593f41c3a8d9ee8071680feb9b634dc7791e727bd61df05bc9ce5a15a86d8
dede012563c945321fbe3952281658f48ee6bda0531c3301bc82e28efc01421f
dfc3f558d7ab9659f6fc3a1c61fa7c5c6c905adecd8bff069652254c13f84b9b
e2c83987a64881c948026b94a025613e0b23e00a7dd45a2160697c59ab29eead
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e547999f1ea38d895bb9d1e6aea9c9fc709ebea2c5353083ef7cf8e6022078c5
e6e4151723a408b5ac112d5a5418d57da536b66eece45b0eb6b654fa4955c85a
e856f9c41b796ff6b913364c5b4db81e01a12c31956681de2ea9c41684f7c780
e8a7f9494ddf0ed1b6f58df2f022fb70e7f9a05e980dff71ecf961855aa2c571
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1aabaff29b5420f2e3bd2af1f0c5e25dedf21188d8d84aa8f62424c99858108
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f4bfda75fd783f45f2f6e576a5e7635b129d1f883f100dce922936f72c17f6de
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fb3b15da67b2491265f63134dbc75f449739996da1dca1df530ca73bdb7064f5
fc4e029072e7dc5db1fd8298d13bbe9c873320b7cbf09644d11dd0a39b798dab

www.xtremerain.com Open in urlscan Pro 2606:4700:3035::681b:98b9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

141 Requests

100 %HTTPS

46 %IPv6

26 Domains

35 Subdomains

35 IPs

3 Countries

2909 kBTransfer

5157 kBSize

1 Cookies

0 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xtremerain.com Open in urlscan Pro
2606:4700:3035::681b:98b9 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

100 %
HTTPS

46 %
IPv6

26
Domains

35
Subdomains

35
IPs

3
Countries

2909 kB
Transfer

5157 kB
Size

1
Cookies

141 HTTP transactions
3 data transactions