urlscan.io logo urlscan.io
SecurityTrails logo

925xtu.com Open in urlscan Pro
2606:4700::6812:a32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://925xtu.com/
Effective URL: https://925xtu.com/
Submission: On August 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 5 countries across 37 domains to perform 75 HTTP transactions. The main IP is 2606:4700::6812:a32, located in United States and belongs to CLOUDFLARENET, US. The main domain is 925xtu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.
This is the only time 925xtu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.224.95.38 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.22.141.132 14618 (AMAZON-AES)
1 34.194.161.83 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.74.194 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.224.193.79 16509 (AMAZON-02)
2 169.50.137.176 36351 (SOFTLAYER)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:219... 16509 (AMAZON-02)
2 3.89.169.255 14618 (AMAZON-AES)
1 151.101.13.27 54113 (FASTLY)
2 162.247.243.147 13335 (CLOUDFLAR...)
16 22 159.253.128.183 36351 (SOFTLAYER)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 35.227.248.159 15169 (GOOGLE)
1 1 18.169.236.234 16509 (AMAZON-02)
1 1 18.194.175.178 16509 (AMAZON-02)
1 13.225.78.15 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
2 35.244.174.68 15169 (GOOGLE)
1 2 54.78.254.47 16509 (AMAZON-02)
1 3.217.41.235 14618 (AMAZON-AES)
1 104.111.215.191 16625 (AKAMAI-AS)
1 2 52.209.129.133 16509 (AMAZON-02)
1 2 72.251.249.13 29791 (VOXEL-DOT...)
1 1 142.250.185.226 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2 185.33.221.14 29990 (ASN-APPNEX)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 35.244.159.8 15169 (GOOGLE)
3 3 142.250.185.130 15169 (GOOGLE)
75 39
20    2606:4700::6812:a32 (United States)

ASN13335 (CLOUDFLARENET, US)
925xtu.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.95.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-38.zrh50.r.cloudfront.net
cdn.parsely.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:20eb:6400:7:5253:f880:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.listenlive.co
2    2600:9000:21f3:5200:c:2267:880:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.go-fet.ch
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.22.141.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-141-132.compute-1.amazonaws.com
api.parsely.com
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
1    13.224.193.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-79.fra2.r.cloudfront.net
media.fraud.net
2    169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com
tag.simpli.fi
i.simpli.fi
4    2606:4700::6812:565 (United States)

ASN13335 (CLOUDFLARENET, US)
experiencefeeds.bbgi.com
1    2600:9000:2190:6e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    3.89.169.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-169-255.compute-1.amazonaws.com
device.fraud.net
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
22    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2600:1f18:612b:4264:a698:31e8:5977:4024 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    18.169.236.234 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-236-234.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    18.194.175.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-175-178.eu-central-1.compute.amazonaws.com
d.agkn.com
1    13.225.78.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-15.fra2.r.cloudfront.net
sync.intentiq.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    3.217.41.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-41-235.compute-1.amazonaws.com
sync.bfmio.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
24 simpli.fi
tag.simpli.fi
i.simpli.fi
um.simpli.fi
14 KB
20 925xtu.com
925xtu.com
618 KB
6 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
117 KB
4 bbgi.com
experiencefeeds.bbgi.com
7 KB
3 fraud.net
media.fraud.net
device.fraud.net
31 KB
3 parsely.com
cdn.parsely.com
api.parsely.com
p1.parsely.com
20 KB
3 google-analytics.com
www.google-analytics.com
19 KB
2 openx.net
us-u.openx.net
481 B
2 adnxs.com
ib.adnxs.com
2 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 lijit.com
ce.lijit.com
968 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 exelator.com
loadm.exelator.com
2 KB
2 rlcdn.com
idsync.rlcdn.com
108 B
2 pro-market.net
fei.pro-market.net
830 B
2 agkn.com
aa.agkn.com
d.agkn.com
965 B
2 tapad.com
pixel.tapad.com
887 B
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 gstatic.com
fonts.gstatic.com
41 KB
2 googletagmanager.com
www.googletagmanager.com
85 KB
2 go-fet.ch
c.go-fet.ch
39 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
6 KB
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 google.de
www.google.de
154 B
1 google.com
www.google.com
283 B
1 googleadservices.com
www.googleadservices.com
309 B
1 bluekai.com
stags.bluekai.com
603 B
1 bfmio.com
sync.bfmio.com
421 B
1 intentiq.com
sync.intentiq.com
1 tremorhub.com
simplifi.partners.tremorhub.com
183 B
1 newrelic.com
js-agent.newrelic.com
12 KB
1 quantcount.com
rules.quantcount.com
353 B
1 lytics.io
c.lytics.io
599 B
1 listenlive.co
sdk.listenlive.co
260 KB
1 googletagservices.com
www.googletagservices.com
25 KB
1 cloudflare.com
cdnjs.cloudflare.com
5 KB
75 37
Domain Requested by
22 um.simpli.fi 16 redirects
20 925xtu.com 1 redirects 925xtu.com
4 experiencefeeds.bbgi.com www.googletagmanager.com
3 cm.g.doubleclick.net 3 redirects
3 www.google-analytics.com 925xtu.com
www.google-analytics.com
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 idsync.rlcdn.com
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 bam-cell.nr-data.net js-agent.newrelic.com
2 device.fraud.net media.fraud.net
2 securepubads.g.doubleclick.net www.googletagservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com 925xtu.com
2 c.go-fet.ch 925xtu.com
c.go-fet.ch
1 pixel.rubiconproject.com
1 www.google.de
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 stags.bluekai.com
1 sync.bfmio.com
1 sync.intentiq.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 i.simpli.fi tag.simpli.fi
1 js-agent.newrelic.com 925xtu.com
1 pixel.quantserve.com 925xtu.com
1 rules.quantcount.com secure.quantserve.com
1 tag.simpli.fi www.googletagmanager.com
1 media.fraud.net www.googletagmanager.com
1 c.lytics.io 925xtu.com
1 secure.quantserve.com www.googletagmanager.com
1 p1.parsely.com 925xtu.com
1 api.parsely.com 925xtu.com
1 fonts.googleapis.com ajax.googleapis.com
1 sdk.listenlive.co 925xtu.com
1 www.googletagservices.com 925xtu.com
1 cdn.parsely.com 925xtu.com
1 cdnjs.cloudflare.com 925xtu.com
1 ajax.googleapis.com 925xtu.com
75 47
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-28 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.listenlive.co
Amazon		 2020-10-02 -
2021-11-03		 a year crt.sh
*.go-fet.ch
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.fraud.net
Amazon		 2020-09-22 -
2021-10-24		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.intentiq.com
Amazon		 2021-04-04 -
2022-05-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.bfmio.com
Amazon		 2021-05-16 -
2022-06-14		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
www.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://925xtu.com/
Frame ID: 7271D013A9EFFA02F0FA5DC4CE9B127D
Requests: 75 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://925xtu.com/ HTTP 301
    https://925xtu.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

75
Requests

100 %
HTTPS

42 %
IPv6

37
Domains

47
Subdomains

39
IPs

5
Countries

1309 kB
Transfer

4002 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://925xtu.com/ HTTP 301
    https://925xtu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=EE1FD2BBF75C4E35AC846E78601AA433
Request Chain 54
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EE1FD2BBF75C4E35AC846E78601AA433 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EE1FD2BBF75C4E35AC846E78601AA433
Request Chain 55
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=EE1FD2BBF75C4E35AC846E78601AA433 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1628388286&ip=89.249.64.171&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164870903872000012998 HTTP 302
  • https://um.simpli.fi/aa_px?sk=164870903872000012998
Request Chain 57
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EE1FD2BBF75C4E35AC846E78601AA433
Request Chain 60
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=EE1FD2BBF75C4E35AC846E78601AA433;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=EE1FD2BBF75C4E35AC846E78601AA433;mimetype=img;sr HTTP 302
  • https://idsync.rlcdn.com/398696.gif?partner_uid=-3697359759969727696
Request Chain 61
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EE1FD2BBF75C4E35AC846E78601AA433&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EE1FD2BBF75C4E35AC846E78601AA433&j=0&xl8blockcheck=1
Request Chain 63
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=EE1FD2BBF75C4E35AC846E78601AA433
Request Chain 64
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=EE1FD2BBF75C4E35AC846E78601AA433
Request Chain 65
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EE1FD2BBF75C4E35AC846E78601AA433 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EE1FD2BBF75C4E35AC846E78601AA433
Request Chain 66
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EE1FD2BBF75C4E35AC846E78601AA433 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EE1FD2BBF75C4E35AC846E78601AA433&dnr=1
Request Chain 67
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=EE1FD2BBF75C4E35AC846E78601AA433
Request Chain 68
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1628388286433&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=899011292&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vjsPYZTKHPyi7_UPrtKEgAs&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=899011292&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vjsPYZTKHPyi7_UPrtKEgAs&random=4170345609 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=899011292&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vjsPYZTKHPyi7_UPrtKEgAs&random=4170345609&ipr=y
Request Chain 69
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EE1FD2BBF75C4E35AC846E78601AA433 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EE1FD2BBF75C4E35AC846E78601AA433&__user_check__=1&sync_id=0155a88a-f7ed-11eb-ac7d-186cd56e0306
Request Chain 70
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=EE1FD2BBF75C4E35AC846E78601AA433 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEE1FD2BBF75C4E35AC846E78601AA433
Request Chain 71
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EE1FD2BBF75C4E35AC846E78601AA433&expires=365
Request Chain 72
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EE1FD2BBF75C4E35AC846E78601AA433 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EE1FD2BBF75C4E35AC846E78601AA433
Request Chain 73
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEIBFDi1JpYdTASdVyz0310g&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EE1FD2BBF75C4E35AC846E78601AA433 HTTP 302
  • https://um.simpli.fi/g_match?id=

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
925xtu.com/
Redirect Chain
  • http://925xtu.com/
  • https://925xtu.com/
262 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce6232f47730935fd51f2d84f5452cf0f9a964a8ca06bc9d447d286d9b61569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
925xtu.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-type
text/html; charset=UTF-8
last-modified
Sun, 08 Aug 2021 02:04:37 GMT
cache-control
max-age=52, must-revalidate
vary
Cookie
x-ua-compatible
IE=edge
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
feature-policy
accelerometer 'none'; camera 'none'; geolocation *; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
link
<https://925xtu.com/wp-json/>; rel="https://api.w.org/"
x-tec-api-version
v1
x-tec-api-root
https://925xtu.com/wp-json/tribe/events/v1/
x-tec-api-origin
https://925xtu.com
served
1
x-cache
EXPIRED
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67b52cfb9ca0178a-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Sun, 08 Aug 2021 02:04:44 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 08 Aug 2021 03:04:44 GMT
Location
https://925xtu.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
67b52cfb68121f39-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
prebid4.43.0.js
925xtu.com/wp-content/plugins/prebidjs/ 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/plugins/prebidjs/prebid4.43.0.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b7ec27dd2d2bb9847c864f6348d13aade15a93113069be24172b8f903558bf9

Request headers

:path
/wp-content/plugins/prebidjs/prebid4.43.0.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
age
4511
cf-polished
origSize=200610
last-modified
Thu, 29 Jul 2021 17:46:45 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"6102e985-30fa2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
67b52cfedc9fdfcf-FRA
served
3
expires
Sun, 08 Aug 2021 06:04:45 GMT
style.min.css
925xtu.com/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 May 2021 22:14:24 GMT
server
cloudflare
age
4511
etag
W/"60a6df40-d293"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
67b52cfedca5dfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
served
3
expires
Sun, 08 Aug 2021 06:04:45 GMT
wp-parsely.css
925xtu.com/wp-content/plugins/wp-parsely/ 		2 KB
844 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/plugins/wp-parsely/wp-parsely.css?ver=1627564396
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115c7b67d5ef5d6fac8f12989a63efc39f2ccc39855b33e031a2a65519040e0b

Request headers

:path
/wp-content/plugins/wp-parsely/wp-parsely.css?ver=1627564396
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 26 Mar 2021 13:07:30 GMT
server
cloudflare
etag
W/"605ddc92-706"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
67b52cfedca6dfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
served
1
expires
Sun, 08 Aug 2021 06:04:45 GMT
common-skeleton.min.css
925xtu.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.10.3
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9749cb30c06ea230f2c4df168c1af5f1be53837218fbdd22138b0bdd04efe412

Request headers

:path
/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.10.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Feb 2020 22:43:50 GMT
server
cloudflare
age
4511
etag
W/"5e55a326-58b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
67b52cfedca3dfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
served
1
expires
Sun, 08 Aug 2021 06:04:45 GMT
tooltip.min.css
925xtu.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 		2 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.10.3
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34119901f74b4d927c3b3ac787f1b99819174e6308ad5d4cb05ba5409cb5ffa5

Request headers

:path
/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.10.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jun 2019 03:39:16 GMT
server
cloudflare
age
4511
etag
W/"5d12e8e4-663"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
67b52cfedca2dfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
served
3
expires
Sun, 08 Aug 2021 06:04:45 GMT
main.css
925xtu.com/wp-content/themes/experience-engine/bundle/ 		135 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/themes/experience-engine/bundle/main.css?ver=1627914168
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd49b0078b6eb9141d84ce5490b1863da14ffbdf69ff23e690facd9c340c26bc

Request headers

:path
/wp-content/themes/experience-engine/bundle/main.css?ver=1627914168
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
age
4510
last-modified
Thu, 29 Jul 2021 13:13:08 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"6102a964-216b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
67b52cfedca4dfcf-FRA
served
1
expires
Sun, 08 Aug 2021 06:04:45 GMT
jquery.js
925xtu.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
age
4510
cf-polished
origSize=96873
last-modified
Thu, 20 May 2021 22:13:49 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"60a6df1d-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
67b52cfedca1dfcf-FRA
served
1
expires
Sun, 08 Aug 2021 06:04:45 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 16:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Aug 2022 16:13:43 GMT
iframeResizer.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.1/iframeResizer.min.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd3c9ac3c7d63f8005ab22bd26a19260c89d30c1d6a16020857f0e4df01f334
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2786471
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4562
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-3335"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6useHBRlhzzib0SxhSZHhjSGW4z83y4CEwnvq%2BHYAin27KdjR7okrq4XohIcVwDiSAggOiYPc4F7HEe8iQGD0ZzceIa%2FAR7ntewi1bzx9H7ai1NQoJHxh7G1NWQQc4%2Bn9fTY3HhwjCtNEm1iHQgIOMtW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b52cff5cec97d8-FRA
expires
Fri, 29 Jul 2022 02:04:45 GMT
XTU-Reversed.png
925xtu.com/wp-content/uploads/sites/89/2019/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://925xtu.com/wp-content/uploads/sites/89/2019/06/XTU-Reversed.png?width=154&height=88&anchor=middlecenter
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e69a4fa7bf4dcfe0f77dac875313ba87d49db178c32b52040a7976b78b6dd2

Request headers

:path
/wp-content/uploads/sites/89/2019/06/XTU-Reversed.png?width=154&height=88&anchor=middlecenter
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
vary
Accept
cf-cache-status
HIT
age
2779074
cf-polished
origFmt=png, origSize=12027
content-disposition
inline; filename="XTU-Reversed.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7746
cf-bgj
imgq:85,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-imageflow-perf
execute 50.97ms getinfo 0.03ms fetch-through: 41.86ms
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
67b52cff8d17dfcf-FRA
served
2
expires
Mon, 08 Aug 2022 02:04:45 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3064
date
Sun, 08 Aug 2021 01:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 03:13:41 GMT
large-BMG60YearsLogo.png
925xtu.com/wp-content/themes/experience-engine/assets/images/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://925xtu.com/wp-content/themes/experience-engine/assets/images/large-BMG60YearsLogo.png
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec5fab34e9083ec528fcad52cd1bba2daa256398bf5dbd02ed88b41451f3b0ec

Request headers

:path
/wp-content/themes/experience-engine/assets/images/large-BMG60YearsLogo.png
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
cf-cache-status
HIT
age
4508
cf-polished
origFmt=png, origSize=265937
last-modified
Mon, 01 Feb 2021 18:49:08 GMT
content-disposition
inline; filename="large-BMG60YearsLogo.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
144616
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"60184d24-40ed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
67b52d007da0dfcf-FRA
served
1
expires
Sun, 08 Aug 2021 06:04:45 GMT
itunes.svg
925xtu.com/wp-content/themes/experience-engine/assets/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://925xtu.com/wp-content/themes/experience-engine/assets/images/itunes.svg
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431587866a4c58e1ecf9ff344de99a95294d6a2815831eb53c117b6bdd30df07

Request headers

:path
/wp-content/themes/experience-engine/assets/images/itunes.svg
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Mar 2019 12:55:47 GMT
server
cloudflare
age
4508
etag
W/"5c9b72d3-1cf8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
67b52d019e35dfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
served
2
expires
Sun, 08 Aug 2021 06:04:45 GMT
googleplay.svg
925xtu.com/wp-content/themes/experience-engine/assets/images/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://925xtu.com/wp-content/themes/experience-engine/assets/images/googleplay.svg
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232a094b190f7708f80112d1f7b26bd1858511505c05906f52dbf5956d4f8f64

Request headers

:path
/wp-content/themes/experience-engine/assets/images/googleplay.svg
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Oct 2019 22:37:10 GMT
server
cloudflare
age
4508
etag
W/"5da4f896-1899"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
67b52d019e36dfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
served
1
expires
Sun, 08 Aug 2021 06:04:45 GMT
p.js
cdn.parsely.com/keys/925xtu.com/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/925xtu.com/p.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-38.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
4eb5367c8facd542b6c16ab0ce57e3d2558872c860c361241be467da89a865d0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma
public
date
Sat, 07 Aug 2021 06:37:55 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 19:25:03 GMT
server
nginx
age
70010
etag
W/"602ebf0f-cd43"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
zl3V7vFfg12z6-gHrL1Fja73T0TiRgnf6Ap7hOd-MJvJqWp2-TAT1w==
expires
Sun, 08 Aug 2021 06:37:55 GMT
underscore-before.js
925xtu.com/wp-content/plugins/the-events-calendar/common/src/resources/js/ 		409 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b49afbda53cb80ad17ca11665ba1884b11721ca9cadd0c407dfdc48773cfb635

Request headers

:path
/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
age
4510
cf-polished
origSize=1278
last-modified
Thu, 27 Sep 2018 10:01:33 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"5bacaa7d-4fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
67b52d014e02dfcf-FRA
served
1
expires
Sun, 08 Aug 2021 06:04:45 GMT
underscore.min.js
925xtu.com/wp-includes/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path
/wp-includes/js/underscore.min.js?ver=1.8.3
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 May 2021 22:14:25 GMT
server
cloudflare
age
4510
etag
W/"60a6df41-3ead"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
67b52d018e2ddfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
served
3
expires
Sun, 08 Aug 2021 06:04:45 GMT
underscore-after.js
925xtu.com/wp-content/plugins/the-events-calendar/common/src/resources/js/ 		150 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234510ad35c46d552aefeea78ae832481cfca6e4c030256c51119281005fa094

Request headers

:path
/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
age
4510
cf-polished
origSize=920
last-modified
Thu, 27 Sep 2018 10:01:54 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"5bacaa92-398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
67b52d019e2edfcf-FRA
served
3
expires
Sun, 08 Aug 2021 06:04:45 GMT
greatermedia-timed-content.js
925xtu.com/wp-content/plugins/greatermedia-timed-content/js/ 		1 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/plugins/greatermedia-timed-content/js/greatermedia-timed-content.js?ver=5.5.5
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2569b66d0037932ef6ddd61c202d84710df40062b920f483773348f2321fa24e

Request headers

:path
/wp-content/plugins/greatermedia-timed-content/js/greatermedia-timed-content.js?ver=5.5.5
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
age
4509
cf-polished
origSize=1960
last-modified
Wed, 31 Jan 2018 19:03:16 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"5a7212f4-7a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
67b52d019e30dfcf-FRA
served
1
expires
Sun, 08 Aug 2021 06:04:45 GMT
gpt.js
www.googletagservices.com/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e444fa83699450c75b020380ba5266e17bc2a8a687dcada9236f95293598cacf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"952 / 571 of 1000 / last-modified: 1628287791"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24936
x-xss-protection
0
expires
Sun, 08 Aug 2021 02:04:45 GMT
td-sdk.min.js
sdk.listenlive.co/web/2.9/ 		946 KB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.listenlive.co/web/2.9/td-sdk.min.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6400:7:5253:f880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7099df1a6e579601e1452471dc14bf1e025c771c37df56b73fe6c97bdbdc3b49

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 01:09:18 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 06:02:05 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1625740744/atime:1625740744/md5:da3943a80eee51bc83d61945b0b00574/ctime:1625740744
age
4699
etag
W/"da3943a80eee51bc83d61945b0b00574"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
KMPNvc-3oNZ5W2tn6G44c4WRvYckIR5dbaUO5LvAZxoUpQ6KR8tneg==
embed.js
c.go-fet.ch/a/ 		178 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.go-fet.ch/a/embed.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5200:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
595ab2730671c050a8bbc63ace1d214d582d2a9eeaad48da03db69e68eb22405

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 01:59:14 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 20:31:22 GMT
server
AmazonS3
age
344
etag
W/"b3de490d33813d2828586cca86f078e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
public,max-age=900
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
vA6yNG7IHICunlENM160uR0Rrue-KN-jNbUSyQmrWtkfFLwG3GUV0A==
app.js
925xtu.com/wp-content/themes/experience-engine/bundle/ 		927 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-content/themes/experience-engine/bundle/app.js?ver=1627914168
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1179aab9025a09b51cc420aa880198a739fdd5d517c0a06726022d6a1417379f

Request headers

:path
/wp-content/themes/experience-engine/bundle/app.js?ver=1627914168
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
age
4509
cf-polished
origSize=970706
last-modified
Mon, 02 Aug 2021 14:22:43 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"6107ffb3-ecfd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
67b52d019e33dfcf-FRA
served
2
expires
Sun, 08 Aug 2021 06:04:45 GMT
wp-embed.min.js
925xtu.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://925xtu.com/wp-includes/js/wp-embed.min.js?ver=5.5.5
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.5.5
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 May 2021 22:14:25 GMT
server
cloudflare
age
4509
etag
W/"60a6df41-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
67b52d019e34dfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
served
3
expires
Sun, 08 Aug 2021 06:04:45 GMT
gtm.js
www.googletagmanager.com/ 		127 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MZ6NK9
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53ee3613ef928f8bf30645245133860edd9ccf6c17776f04ecf473a72a31f9b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47811
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 02:04:45 GMT
XTU-Reversed.png
925xtu.com/wp-content/uploads/sites/89/2019/06/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://925xtu.com/wp-content/uploads/sites/89/2019/06/XTU-Reversed.png?maxwidth=250&
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de7deaf8a6ecef0e62ef5c25e0a93bf9a2bf7f073f523053110bd414d709b53b

Request headers

:path
/wp-content/uploads/sites/89/2019/06/XTU-Reversed.png?maxwidth=250&
pragma
no-cache
cookie
_ga=GA1.2.1187979229.1628388285; _gid=GA1.2.1724301560.1628388285
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
925xtu.com
referer
https://925xtu.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:45 GMT
vary
Accept
cf-cache-status
HIT
age
1483025
cf-polished
origFmt=png, origSize=21584
content-disposition
inline; filename="XTU-Reversed.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12754
cf-bgj
imgq:85,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-imageflow-perf
execute 57.84ms getinfo 0.03ms fetch-through: 51.17ms
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
67b52d01ae41dfcf-FRA
served
2
expires
Mon, 08 Aug 2022 02:04:45 GMT
truncated
/ 		334 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9b9d481f1261437bce2b10c36ee09e4f4cf50a6c95d730999b0199664b828f4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
css
fonts.googleapis.com/ 		7 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,600,700%7COpen+Sans:600
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eca521b86e8ac71d0a65a88387ed1788ae921bed02c508bddf7a9831051f5e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 02:04:45 GMT
server
ESF
date
Sun, 08 Aug 2021 02:04:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 02:04:45 GMT
profile
api.parsely.com/v2/ 		270 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.parsely.com/v2/profile?apikey=925xtu.com&uuid=pid=b4b6049dea7d88b24f9ba9bbea29593f&url=https://925xtu.com/&callback=jQuery112407745980108122315_1628388285671&_=1628388285672
Requested by
Host: 925xtu.com
URL: https://925xtu.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.141.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-141-132.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b079b8892853d642f244100f65e543778ddbaff7e9c736c465cb02e23678fa09

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 Aug 2021 02:04:46 GMT
server
nginx
content-length
270
content-type
application/json
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1628388285878&plid=23317600&idsite=925xtu.com&url=https%3A%2F%2F925xtu.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2F925xtu.com%2F&sref=&sts=1628388285874&slts=0&title=92.5+XTU+-+92.5+XTU+Philadelphia%27s+Country+Station&date=Sun+Aug+08+2021+04%3A04%3A45+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=74544093&u=pid%3Db4b6049dea7d88b24f9ba9bbea29593f
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 02:04:46 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 08-Aug-2021 02:04:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v7/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,600,700%7COpen+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://925xtu.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:57:14 GMT
x-content-type-options
nosniff
age
436052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27240
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:06:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 00:57:14 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,600,700%7COpen+Sans:600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://925xtu.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:03:30 GMT
x-content-type-options
nosniff
age
122476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:53:15 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:03:30 GMT
pubads_impl_2021080401.js
securepubads.g.doubleclick.net/gpt/ 		328 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
d3722344dc2b0b07af6a39d0594966bede1a0dbdf0e524795cc6aaab2a6e2845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 04 Aug 2021 08:37:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117056
x-xss-protection
0
expires
Sun, 08 Aug 2021 02:04:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		61 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=925xtu.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
f7638fa3815d18f44a6084f9abd9faea66c61747a77bfa6260b05ffe796b0ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66
x-xss-protection
0
expires
Sun, 08 Aug 2021 02:04:46 GMT
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZ6NK9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 15 Aug 2021 02:04:46 GMT
latest.min.js
c.lytics.io/api/tag/e005f31bbda11a2478c0c70245457003/ 		67 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/e005f31bbda11a2478c0c70245457003/latest.min.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f69381ea57d77ab23881f6edb377f4c4e0a09108aea44ca300c22d71924f953
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

cf-ray
67b52d044f091f21-FRA
date
Sun, 08 Aug 2021 02:04:46 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3412
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxiliDAnCyrtPs7MvZ3TvTzEVMhoTJMlt%2F%2BG%2FizfYEWDbB5%2FhWlTBwCkV137Tyi52vz41gL0nstW%2F7R1J9hkoJlN4BkfrH4GwDiRmEx5J4OooO96mcRsm8bhtH%2BOrfvHCLmLE2cismV3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
strict-transport-security
max-age=63072000;
content-encoding
br
analytics.js
media.fraud.net/shield/js/v1/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.fraud.net/shield/js/v1/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZ6NK9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
gzip
last-modified
Thu, 28 Feb 2019 18:42:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"7479109d61e7cc42fa7496c3a2a11d5e"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control
max-age=300, no-transform, public
accept-ranges
bytes
content-length
30572
x-amz-cf-id
LNSyuLVXG3V7_xvqbl-up0E1QKEtuU6B0CIBeVrc9UsIJia9IbT1qg==
273421f0-841f-0135-dc80-06659b33d47c
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/273421f0-841f-0135-dc80-06659b33d47c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZ6NK9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
0b8e31acd1ab2695d6f478d08df27b62a1d0bfb9defbcb6725ae4cbcb40e9b8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3100
x-request-id
FpkyhMjO62UBaiIZlZGB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
authwatcher_tag.js
experiencefeeds.bbgi.com/tags/authwatcher/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experiencefeeds.bbgi.com/tags/authwatcher/authwatcher_tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZ6NK9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f424b48f165b0b6c32784c68d2f26bd9a018cf3f16bfafc29ea2bee8144d39fd

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Mar 2020 02:42:29 GMT
server
cloudflare
age
3412
etag
W/"b2c89b126be3d97d5d62cd8f9a466f0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
67b52d045d0342e1-FRA
x-amz-request-id
A3ME56RCZ1T36ENX
x-amz-id-2
0CIpsV9tVNMaNKyufNmQLcSJshSMyTs15nenSvMy+44MHPXJr8ffYtNkGcE30ptsd57fX2VgMOs=
showschedule_tag.js
experiencefeeds.bbgi.com/tags/showschedule/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experiencefeeds.bbgi.com/tags/showschedule/showschedule_tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZ6NK9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18dac71adc1b6f54f9d5ecd0a32c11e7635097049e4416b3c4f57583a32ede16

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 16 Aug 2019 02:46:50 GMT
server
cloudflare
age
3412
etag
W/"997e820a582ecb9ca40de4c133f2c78e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
67b52d045d0542e1-FRA
x-amz-request-id
A3ME4W5HH9C4T5ND
x-amz-id-2
vTP1Gx8BRLhIkEVEb2TnpH/1oHTcDr1g8IZZPr8s+JnQW2YE/D7z11k7CgTTjq/+UgfHcCRZexM=
stream_tag_prod.js
experiencefeeds.bbgi.com/tags/streamconsumption/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experiencefeeds.bbgi.com/tags/streamconsumption/stream_tag_prod.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZ6NK9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
105ec523f6de6aeabe039afb5236e990502e4209d79ce28ccf5904d0f6f6d7f5

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2019 19:41:25 GMT
server
cloudflare
age
3412
etag
W/"9fde5b4d9330ef3227e6a82efc96dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
67b52d045d0742e1-FRA
x-amz-request-id
A3MAXJ00FB8RJXV5
x-amz-id-2
IkGWU+x90s1PDTSxps/T9NU/PNmrgtEBP+pE8XSB4/S46eNzqQSh2kvZqoTGEJXpglxNwsnqkxU=
lytics-ribbon-tracking-tag.js
experiencefeeds.bbgi.com/tags/ribbontracking/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experiencefeeds.bbgi.com/tags/ribbontracking/lytics-ribbon-tracking-tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZ6NK9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954e4fd9342a268e0d02fd674c8901fe984d915ce52b58362d56b808214add22

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 09 Oct 2019 15:36:25 GMT
server
cloudflare
age
5289
etag
W/"9bcdaca3157afc7c14c6c205dfcbacb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
67b52d045d0442e1-FRA
x-amz-request-id
A3M6K41WR595XEFE
x-amz-id-2
VI9MMvcird/fwzPEaH0BoG5tXqQ7T0Snsxn8D5ejPAOTa02CBGQYK3G+UN5uCfyboyniPykWFzY=
gtm.js
www.googletagmanager.com/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KM8CCP2
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98afd9c5a6a09a121d5998faa6787fc9a38dfdaf5982cc7e1a071afa295d5937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39450
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 02:04:46 GMT
925xtu.com.json
c.go-fet.ch/hosts/ 		3 B
445 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.go-fet.ch/hosts/925xtu.com.json
Requested by
Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5200:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 06:37:58 GMT
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
last-modified
Tue, 30 Oct 2018 18:22:13 GMT
server
AmazonS3
age
70009
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Error from cloudfront
x-amz-cf-pop
FRA2-C2
content-length
3
x-amz-cf-id
VZNxjROxlEdw5-11I4_wue_CjJf5JMvMzrzo1eMq0BlM1zeazT7OOQ==
rules-p-44CeRhgfGPG_s.js
rules.quantcount.com/ 		2 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-44CeRhgfGPG_s.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 01:57:31 GMT
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
server
AmazonS3
age
435
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
ZRH50-C1
content-length
2
x-amz-cf-id
FiRlyChInVeu9cpL33oRi0ed3kfD-ckBGNJHt_4StnZLTspwMVcogw==
tp2
device.fraud.net/com.snowplowanalytics.snowplow/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Server
3.89.169.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-169-255.compute-1.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://925xtu.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
content-length
0
access-control-allow-origin
https://925xtu.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.1.12
tp2
device.fraud.net/com.snowplowanalytics.snowplow/ 		2 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: media.fraud.net
URL: https://media.fraud.net/shield/js/v1/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.169.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-169-255.compute-1.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://925xtu.com
date
Sun, 08 Aug 2021 02:04:46 GMT
access-control-allow-credentials
true
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=130215248&t=pageview&_s=1&dl=https%3A%2F%2F925xtu.com%2F&ul=en-us&de=UTF-8&dt=92.5%20XTU%20-%2092.5%20XTU%20Philadelphia%27s%20Country%20Station&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAC~&jid=905329520&gjid=1131900130&cid=1187979229.1628388285&tid=UA-111452396-3&_gid=1724301560.1628388285&_r=1&gtm=2wg840KM8CCP2&z=631588356
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://925xtu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=130215248&t=event&ni=0&_s=1&dl=https%3A%2F%2F925xtu.com%2F&ul=en-us&de=UTF-8&dt=92.5%20XTU%20-%2092.5%20XTU%20Philadelphia%27s%20Country%20Station&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DML&ea=Version&el=20210723-utm-content-13-g7195608_prod_dev&_u=aGDAAEABAAAAAC~&jid=1313639203&gjid=1905342886&cid=1187979229.1628388285&tid=UA-111452396-5&_gid=1724301560.1628388285&_r=1&gtm=2wg840KM8CCP2&z=1147061393
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://925xtu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1761976920;source=gtm;rf=0;a=p-44CeRhgfGPG_s;url=https%3A%2F%2F925xtu.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-921969287-1628388286396;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-202105172334...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1761976920;source=gtm;rf=0;a=p-44CeRhgfGPG_s;url=https%3A%2F%2F925xtu.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-921969287-1628388286396;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=925xtu.com;je=0;sr=1600x1200x24;dst=1;et=1628388286396;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.92%252E5%20XTU%20-%2092%252E5%20XTU%20Philadelphia's%20Country%20Station%2Cdescription.92%252E5%20XTU%20Philadelphia's%20Country%20Station%2Curl.https%3A%2F%2F925xtu%252Ecom%2F%2Csite_name.92%252E5%20XTU
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: 925xtu.com
URL: https://925xtu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
H89KM1RV4S7TFTBC
x-cache
HIT
content-length
11781
x-amz-id-2
2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by
cache-fra19179-FRA
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1628388286.430747,VS0,VE0
date
Sun, 08 Aug 2021 02:04:46 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
431
p
i.simpli.fi/ 		750 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=19240&cb=sifi_att_547831938._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/273421f0-841f-0135-dc80-06659b33d47c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e7e9a57f72680a3289b9012159792eb7ab2d2b4e89d44c0679c3893777d182e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
e992b339c5
bam-cell.nr-data.net/1/ 		49 B
887 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/e992b339c5?a=167181830&v=1210.e2a3f80&to=ZVJTbBZUDBFXBRVfVlwYZEoNGgsMUgMZGElaRw%3D%3D&rst=1762&ck=1&ref=https://925xtu.com/&ap=9&be=562&fe=1729&dc=1315&perf=%7B%22timing%22:%7B%22of%22:1628388284683,%22n%22:0,%22f%22:36,%22dn%22:37,%22dne%22:37,%22c%22:37,%22s%22:42,%22ce%22:53,%22rq%22:53,%22rp%22:460,%22rpe%22:834,%22dl%22:463,%22di%22:1314,%22ds%22:1314,%22de%22:1362,%22dc%22:1729,%22l%22:1729,%22le%22:1744%7D,%22navigation%22:%7B%7D%7D&fp=1168&fcp=1168&at=SRVQGl5OHx8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 02:04:47 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVQCgEDUVFVFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoFC1YNVHRMB05WAhtDVQUNVwQGAFUACQNfXQRQBUBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
67b52d069c773b13-CDG
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=EE1FD2BBF75C4E35AC846E78601AA433
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=EE1FD2BBF75C4E35AC846E78601AA433
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:a698:31e8:5977:4024 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://simplifi.partners.tremorhub.com/sync?UISF=EE1FD2BBF75C4E35AC846E78601AA433
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 07 Aug 2021 02:04:46 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EE1FD2BBF75C4E35AC846E78601AA433
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EE1FD2BBF75C4E35AC846E78601AA433
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EE1FD2BBF75C4E35AC846E78601AA433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EE1FD2BBF75C4E35AC846E78601AA433
date
Sun, 08 Aug 2021 02:04:46 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=EE1FD2BBF75C4E35AC846E78601AA433
  • https://d.agkn.com/pixel/10751/?che=1628388286&ip=89.249.64.171&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164870903872000012998
  • https://um.simpli.fi/aa_px?sk=164870903872000012998
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/aa_px?sk=164870903872000012998
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 07 Aug 2021 02:04:46 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 02:04:46 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://um.simpli.fi/aa_px?sk=164870903872000012998
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
nexage
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/nexage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 07 Aug 2021 02:04:46 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EE1FD2BBF75C4E35AC846E78601AA433
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EE1FD2BBF75C4E35AC846E78601AA433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-15.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Redirect headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EE1FD2BBF75C4E35AC846E78601AA433
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 07 Aug 2021 02:04:46 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 07 Aug 2021 02:04:46 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 07 Aug 2021 02:04:46 GMT
398696.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=EE1FD2BBF75C4E35AC846E78601AA433;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=EE1FD2BBF75C4E35AC846E78601AA433;mimetype=img;sr
  • https://idsync.rlcdn.com/398696.gif?partner_uid=-3697359759969727696
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398696.gif?partner_uid=-3697359759969727696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-4.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://idsync.rlcdn.com/398696.gif?partner_uid=-3697359759969727696
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EE1FD2BBF75C4E35AC846E78601AA433&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EE1FD2BBF75C4E35AC846E78601AA433&j=0&xl8blockcheck=1
0
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=EE1FD2BBF75C4E35AC846E78601AA433&j=0&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sun, 08 Aug 2021 02:04:46 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=EE1FD2BBF75C4E35AC846E78601AA433&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 07 Aug 2021 02:04:46 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=EE1FD2BBF75C4E35AC846E78601AA433
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=EE1FD2BBF75C4E35AC846E78601AA433
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.41.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-41-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 08 Aug 2021 02:04:46 GMT

Redirect headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=EE1FD2BBF75C4E35AC846E78601AA433
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 07 Aug 2021 02:04:46 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=EE1FD2BBF75C4E35AC846E78601AA433
62 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=EE1FD2BBF75C4E35AC846E78601AA433
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 02:04:46 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://stags.bluekai.com/site/29931?id=EE1FD2BBF75C4E35AC846E78601AA433
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 07 Aug 2021 02:04:46 GMT
tpid=EE1FD2BBF75C4E35AC846E78601AA433
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EE1FD2BBF75C4E35AC846E78601AA433
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EE1FD2BBF75C4E35AC846E78601AA433
49 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EE1FD2BBF75C4E35AC846E78601AA433
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.120
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EE1FD2BBF75C4E35AC846E78601AA433
cache-control
no-cache
x-server
10.45.6.178
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=EE1FD2BBF75C4E35AC846E78601AA433
  • https://ce.lijit.com/merge?pid=2&3pid=EE1FD2BBF75C4E35AC846E78601AA433&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=EE1FD2BBF75C4E35AC846E78601AA433&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 02:04:46 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 02:04:46 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=EE1FD2BBF75C4E35AC846E78601AA433&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=EE1FD2BBF75C4E35AC846E78601AA433
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=EE1FD2BBF75C4E35AC846E78601AA433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://idsync.rlcdn.com/419566.gif?partner_uid=EE1FD2BBF75C4E35AC846E78601AA433
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 07 Aug 2021 02:04:46 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1628388286433&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=899011292&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=899011292&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=899011292&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=899011292&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vjsPYZTKHPyi7_UPrtKEgAs&random=4170345609&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=899011292&cv=7&fst=1628388286433&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vjsPYZTKHPyi7_UPrtKEgAs&random=4170345609&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EE1FD2BBF75C4E35AC846E78601AA433
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EE1FD2BBF75C4E35AC846E78601AA433&__user_check__=1&sync_id=0155a88a-f7ed-11eb-ac7d-186cd56e0306
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EE1FD2BBF75C4E35AC846E78601AA433&__user_check__=1&sync_id=0155a88a-f7ed-11eb-ac7d-186cd56e0306
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 02:04:46 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
132
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 08 Aug 2021 02:04:46 GMT
Server
nginx
Location
/partner?adv_id=7797&uid=EE1FD2BBF75C4E35AC846E78601AA433&__user_check__=1&sync_id=0155a88a-f7ed-11eb-ac7d-186cd56e0306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
54
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=EE1FD2BBF75C4E35AC846E78601AA433
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEE1FD2BBF75C4E35AC846E78601AA433
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEE1FD2BBF75C4E35AC846E78601AA433
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 02:04:46 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
99446df1-c4e0-4365-b982-86488da3ade4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 02:04:46 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cfaa6c24-ef8e-47cd-84a6-4c15c94dab89
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEE1FD2BBF75C4E35AC846E78601AA433
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EE1FD2BBF75C4E35AC846E78601AA433&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EE1FD2BBF75C4E35AC846E78601AA433&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EE1FD2BBF75C4E35AC846E78601AA433&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 07 Aug 2021 02:04:46 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EE1FD2BBF75C4E35AC846E78601AA433
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EE1FD2BBF75C4E35AC846E78601AA433
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EE1FD2BBF75C4E35AC846E78601AA433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EE1FD2BBF75C4E35AC846E78601AA433
date
Sun, 08 Aug 2021 02:04:46 GMT
via
1.1 google
server
OXGW/16.213.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEIBFDi1JpYdTASdVyz0310g&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EE1FD2BBF75C4E35AC846E78601AA433
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:04:46 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 07 Aug 2021 02:04:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:04:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e992b339c5
bam-cell.nr-data.net/events/1/ 		24 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/e992b339c5?a=167181830&v=1210.e2a3f80&to=ZVJTbBZUDBFXBRVfVlwYZEoNGgsMUgMZGElaRw%3D%3D&rst=11762&ck=1&ref=https://925xtu.com/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://925xtu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 08 Aug 2021 02:04:56 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://925xtu.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
67b52d44d89a3b13-CDG
Content-Length
24

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require string| googleUidDimension string| GoogleAnalyticsObject function| ga function| pbjsChunk object| pbjs object| _pbjsGlobals object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| $ function| jQuery object| WebFontConfig object| dataLayer object| WebFont function| iFrameResize function| uuidProfileCall undefined| oldonload object| PARSELY function| _typeof object| tribe_l10n_datatables boolean| _lodash_tmp function| _ object| GreaterMediaTimedContent object| googletag boolean| dfp_needs_refresh object| bbgiconfig function| setImmediate function| clearImmediate object| regeneratorRuntime object| firebase object| wp object| ggeac object| google_js_reporting_queue object| google_tag_manager boolean| dml object| _qevents object| jstag function| shield object| DML function| TdPlatform function| TdCompanions object| platform function| lodash function| TDSdk function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| _classCallCheck function| _defineProperties function| _createClass object| Snowplow object| _shield object| sifi_att_547831938 function| JwtDecoder function| isIE11 function| XHRRequest function| tritonDateFormat function| tritonGenderFormat function| AuthWatcher boolean| sentToLyticsAndGA object| authwatcher function| sendGAAuthenticationEvent function| sendUserAuthenticationToLytics function| TritenMediaChangeWatcher function| ShowSchedule object| showSchedule object| ScheduleItemType object| LyticsTrackAudio function| onStreamStatus function| tritonCheck number| setTritonCheck function| pageContentChangedHandler function| debouncedPageContentChanged function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| ad_lazy_loading_enabled string| pubcidCookie

9 Cookies

Domain/Path Name / Value
.925xtu.com/ Name: __qca
Value: P0-921969287-1628388286396
.925xtu.com/ Name: _gat_UA-111452396-5
Value: 1
.925xtu.com/ Name: _gat_UA-111452396-3
Value: 1
925xtu.com/ Name: _sp_id.b84a
Value: a69ccf6a-4c0e-4494-a5a0-0e2ffa0eb0b7.1628388286.1.1628388286.1628388286.3e1f396b-8559-48ab-957b-ad98efe42ba2
.925xtu.com/ Name: _ga
Value: GA1.2.1187979229.1628388285
.925xtu.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=b4b6049dea7d88b24f9ba9bbea29593f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1628388285874}
925xtu.com/ Name: _sp_ses.b84a
Value: *
.925xtu.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://925xtu.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1628388285874%2C%22slts%22:0}
.925xtu.com/ Name: _gid
Value: GA1.2.1724301560.1628388285

8 Console Messages

Source Level URL
Text
console-api info URL: https://c.go-fet.ch/a/embed.js(Line 2)
Message:
Powered by DML ⚡ : 20210723-utm-content-13-g7195608_prod_dev
console-api info URL: https://c.go-fet.ch/a/embed.js(Line 2)
Message:
DML Host : 925xtu.com
console-api warning URL: https://c.lytics.io/api/tag/e005f31bbda11a2478c0c70245457003/latest.min.js(Line 1)
Message:
failed to load lytics due to invalid configuration
console-api log URL: https://925xtu.com/(Line 4014)
Message:
Ad Lazy Loading ENABLED
console-api log URL: https://experiencefeeds.bbgi.com/tags/authwatcher/authwatcher_tag.js(Line 78)
Message:
checking auth
console-api log URL: https://experiencefeeds.bbgi.com/tags/authwatcher/authwatcher_tag.js(Line 78)
Message:
checking auth
console-api log URL: https://experiencefeeds.bbgi.com/tags/authwatcher/authwatcher_tag.js(Line 78)
Message:
checking auth
console-api log URL: https://experiencefeeds.bbgi.com/tags/authwatcher/authwatcher_tag.js(Line 78)
Message:
checking auth

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

925xtu.com
aa.agkn.com
ajax.googleapis.com
api.parsely.com
bam-cell.nr-data.net
bcp.crwdcntrl.net
c.go-fet.ch
c.lytics.io
cdn.parsely.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
d.agkn.com
device.fraud.net
experiencefeeds.bbgi.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
js-agent.newrelic.com
loadm.exelator.com
media.fraud.net
p1.parsely.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
rules.quantcount.com
sdk.listenlive.co
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
104.111.215.191
13.224.193.79
13.224.95.38
13.225.78.15
142.250.185.130
142.250.185.226
142.250.74.194
151.101.13.27
159.253.128.183
162.247.243.147
169.50.137.176
18.169.236.234
18.194.175.178
185.33.221.14
185.94.180.125
2600:1901:0:8eee::
2600:1f18:612b:4264:a698:31e8:5977:4024
2600:9000:20eb:6400:7:5253:f880:93a1
2600:9000:2190:6e00:6:44e3:f8c0:93a1
2600:9000:21f3:5200:c:2267:880:93a1
2606:4700:20::681a:216
2606:4700::6810:135e
2606:4700::6812:565
2606:4700::6812:a32
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::200a
3.217.41.235
3.89.169.255
34.194.161.83
35.227.248.159
35.244.159.8
35.244.174.68
52.209.129.133
52.22.141.132
54.78.254.47
69.173.144.139
72.251.249.13
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8e31acd1ab2695d6f478d08df27b62a1d0bfb9defbcb6725ae4cbcb40e9b8c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda
105ec523f6de6aeabe039afb5236e990502e4209d79ce28ccf5904d0f6f6d7f5
115c7b67d5ef5d6fac8f12989a63efc39f2ccc39855b33e031a2a65519040e0b
1179aab9025a09b51cc420aa880198a739fdd5d517c0a06726022d6a1417379f
15e69a4fa7bf4dcfe0f77dac875313ba87d49db178c32b52040a7976b78b6dd2
18dac71adc1b6f54f9d5ecd0a32c11e7635097049e4416b3c4f57583a32ede16
232a094b190f7708f80112d1f7b26bd1858511505c05906f52dbf5956d4f8f64
234510ad35c46d552aefeea78ae832481cfca6e4c030256c51119281005fa094
2569b66d0037932ef6ddd61c202d84710df40062b920f483773348f2321fa24e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f69381ea57d77ab23881f6edb377f4c4e0a09108aea44ca300c22d71924f953
34119901f74b4d927c3b3ac787f1b99819174e6308ad5d4cb05ba5409cb5ffa5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
431587866a4c58e1ecf9ff344de99a95294d6a2815831eb53c117b6bdd30df07
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd3c9ac3c7d63f8005ab22bd26a19260c89d30c1d6a16020857f0e4df01f334
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb5367c8facd542b6c16ab0ce57e3d2558872c860c361241be467da89a865d0
53ee3613ef928f8bf30645245133860edd9ccf6c17776f04ecf473a72a31f9b3
595ab2730671c050a8bbc63ace1d214d582d2a9eeaad48da03db69e68eb22405
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
7099df1a6e579601e1452471dc14bf1e025c771c37df56b73fe6c97bdbdc3b49
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8eca521b86e8ac71d0a65a88387ed1788ae921bed02c508bddf7a9831051f5e7
954e4fd9342a268e0d02fd674c8901fe984d915ce52b58362d56b808214add22
9749cb30c06ea230f2c4df168c1af5f1be53837218fbdd22138b0bdd04efe412
98afd9c5a6a09a121d5998faa6787fc9a38dfdaf5982cc7e1a071afa295d5937
9b7ec27dd2d2bb9847c864f6348d13aade15a93113069be24172b8f903558bf9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
b079b8892853d642f244100f65e543778ddbaff7e9c736c465cb02e23678fa09
b49afbda53cb80ad17ca11665ba1884b11721ca9cadd0c407dfdc48773cfb635
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bce6232f47730935fd51f2d84f5452cf0f9a964a8ca06bc9d447d286d9b61569
bd49b0078b6eb9141d84ce5490b1863da14ffbdf69ff23e690facd9c340c26bc
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c9b9d481f1261437bce2b10c36ee09e4f4cf50a6c95d730999b0199664b828f4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3722344dc2b0b07af6a39d0594966bede1a0dbdf0e524795cc6aaab2a6e2845
de7deaf8a6ecef0e62ef5c25e0a93bf9a2bf7f073f523053110bd414d709b53b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fa83699450c75b020380ba5266e17bc2a8a687dcada9236f95293598cacf
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7e9a57f72680a3289b9012159792eb7ab2d2b4e89d44c0679c3893777d182e2
ec5fab34e9083ec528fcad52cd1bba2daa256398bf5dbd02ed88b41451f3b0ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f424b48f165b0b6c32784c68d2f26bd9a018cf3f16bfafc29ea2bee8144d39fd
f7638fa3815d18f44a6084f9abd9faea66c61747a77bfa6260b05ffe796b0ac1
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb