xtremempg.com Open in urlscan Pro
34.160.71.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://phixca.com/
Effective URL:
https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Submission: On October 17 via api (October 17th 2024, 9:59:45 pm UTC) from BE — Scanned from CA

Summary HTTP 55 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 55 HTTP transactions. The main IP is 34.160.71.66, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is xtremempg.com.
TLS certificate: Issued by WR3 on August 24th 2024. Valid for: 3 months.

This is the only time xtremempg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.254.29.24 173.254.29.24	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 21	34.160.71.66 34.160.71.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	142.250.80.42 142.250.80.42	15169 (GOOGLE) (GOOGLE)
3	142.250.65.200 142.250.65.200	15169 (GOOGLE) (GOOGLE)
1	208.90.224.140 208.90.224.140	32413 (EXIGO-EPIC) (EXIGO-EPIC)
6	34.102.209.168 34.102.209.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.13.42 104.26.13.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.11.233.85 3.11.233.85	16509 (AMAZON-02) (AMAZON-02)
5	142.251.35.163 142.251.35.163	15169 (GOOGLE) (GOOGLE)
2	142.250.65.174 142.250.65.174	15169 (GOOGLE) (GOOGLE)
1	142.250.64.106 142.250.64.106	15169 (GOOGLE) (GOOGLE)
3	142.250.80.46 142.250.80.46	15169 (GOOGLE) (GOOGLE)
55	15

1 173.254.29.24 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: just2054.justhost.com

phixca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.160.71.66 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.71.160.34.bc.googleusercontent.com

xtremempg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.80.42 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.200 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.90.224.140 (United States)

ASN32413 (EXIGO-EPIC, US)

mpgxtreme.corpadmin.directscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.209.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.209.102.34.bc.googleusercontent.com

cdn.raveretailer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.13.42 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.gtranslate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.233.85 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-233-85.eu-west-2.compute.amazonaws.com

api.fontshare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.35.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.174 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.46 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	xtremempg.com 1 redirects xtremempg.com	966 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 maps.googleapis.com — Cisco Umbrella Rank: 445	195 KB
6	raveretailer.com cdn.raveretailer.com	889 KB
5	gstatic.com fonts.gstatic.com	116 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	249 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
2	gtranslate.net cdn.gtranslate.net — Cisco Umbrella Rank: 18453	7 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	21 KB
1	fontshare.com api.fontshare.com — Cisco Umbrella Rank: 77450	4 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	3 KB
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1941	12 KB
1	directscale.com mpgxtreme.corpadmin.directscale.com	36 KB
1	phixca.com 1 redirects phixca.com	440 B
55	14

	Domain	Requested by
21	xtremempg.com	1 redirects xtremempg.com
6	cdn.raveretailer.com	xtremempg.com
5	fonts.gstatic.com	fonts.googleapis.com
4	maps.googleapis.com	xtremempg.com maps.googleapis.com
4	fonts.googleapis.com	xtremempg.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	xtremempg.com www.googletagmanager.com
2	www.youtube.com	xtremempg.com www.youtube.com
2	cdn.gtranslate.net	xtremempg.com
2	cdn.jsdelivr.net	xtremempg.com
1	api.fontshare.com	xtremempg.com
1	cdnjs.cloudflare.com	xtremempg.com
1	player.vimeo.com	xtremempg.com
1	mpgxtreme.corpadmin.directscale.com	xtremempg.com
1	phixca.com	1 redirects
55	15

This site contains links to these domains. Also see Links.

Domain
office2.mpgxtreme.com
cdn.raveretailer.com

Subject Issuer	Validity	Valid
xtremempg.com WR3	`2024-08-24` - `2024-11-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.corpadmin.directscale.com Go Daddy Secure Certificate Authority - G2	`2024-03-29` - `2025-04-30`	a year	crt.sh
cdn.raveretailer.com WR3	`2024-09-07` - `2024-12-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
player.vimeo.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
gtranslate.net WE1	`2024-09-14` - `2024-12-13`	3 months	crt.sh
*.fontshare.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-27`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Frame ID: 15DB6ADA3B9610A91423FD91399C9F65
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Become an ISR pHix Pack | XtremeMPG

Page URL History Show full URLs

https://phixca.com/ HTTP 301
https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

55
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

15
IPs

3
Countries

2530 kB
Transfer

5190 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://office2.mpgxtreme.com/#/Login
Title: Back Office Login

Search URL Search Domain Scan URL

URL: https://cdn.raveretailer.com/4450703AD7/2024/08/GSR_66d31ccc165425795831725115100.pdf
Title: Opportunity

Search URL Search Domain Scan URL

URL: https://cdn.raveretailer.com/4450703AD7/2023/08/GSR_64dfcb8756f898220451692391831.pdf
Title: ISR Agreement

Search URL Search Domain Scan URL

URL: https://cdn.raveretailer.com/4450703AD7/2023/02/GSR_63ebd6f8edafe2720511676403976.pdf
Title: ISR Policies and Procedures

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://phixca.com/ HTTP 301
https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://xtremempg.com/custom-css.css HTTP 302
https://xtremempg.com/myaintlgroup/custom-css.css

55 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request isr-instructions-freedom-phix Show response
xtremempg.com/myaintlgroup/
Redirect Chain

https://phixca.com/
https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

101 KB
20 KB

1020ms
960ms

Document
text/html

34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

ca7ed444a388771b3078136fd9f8f50ca56afa978bbf2a78bfab6b162c630b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 17 Oct 2024 21:59:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: RaveRetailer
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: 1.1 google
x-robots-tag: all

Redirect headers

cache-control: max-age=7200
content-length: 272
content-type: text/html; charset=iso-8859-1
date: Thu, 17 Oct 2024 21:59:36 GMT
expires: Thu, 17 Oct 2024 23:59:36 GMT
location: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
server: Apache

GET
H2 200 site-styles.css
xtremempg.com/css/ 382 KB
65 KB 100ms
97ms Stylesheet
text/css 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

8f80f658fc152c2aa6ee738790a5d941c6fa87c0aae703c0d8aa660ce538192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "5f645-5f86143ef2a41-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:37 GMT
last-modified: Sun, 02 Apr 2023 21:38:38 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: text/css

GET
H2 200 basic-template.css
xtremempg.com/css/ 94 KB
15 KB 75ms
73ms Stylesheet
text/css 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/css/basic-template.css?id=6bf37d9ac61a63863ba1

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

3dd889ba566bd24a22f59a1ca33943f792c9e86671df5bcc42ef0e3bbbaef566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "177bc-618faa35ca4e5-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15253
date: Thu, 17 Oct 2024 21:59:37 GMT
last-modified: Tue, 21 May 2024 18:03:41 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: text/css

GET
H2 200 bootstrap-datetimepicker.min.css
xtremempg.com/plugins/bootstrap-datetimepicker/css/ 8 KB
1 KB 72ms
70ms Stylesheet
text/css 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/plugins/bootstrap-datetimepicker/css/bootstrap-datetimepicker.min.css

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

c8c8da579e363feab54671fa5c1c823c37d416198e69f59b78b3e6a8a875d73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "1e69-5b826a57a0b4d-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1323
date: Thu, 17 Oct 2024 21:59:37 GMT
last-modified: Tue, 05 Jan 2021 12:50:08 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: text/css

GET
H3

200

custom-css.css
xtremempg.com/myaintlgroup/
Redirect Chain

https://xtremempg.com/custom-css.css
https://xtremempg.com/myaintlgroup/custom-css.css

8 KB
2 KB

212ms
211ms

Stylesheet
text/css

34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/myaintlgroup/custom-css.css

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

999ea019eaf0d9bb72de94cccbf174b4f541856b5653270779aa0475eaa47e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
x-robots-tag: all
cache-control: no-cache, private
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:37 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
server: RaveRetailer

Redirect headers

strict-transport-security: max-age=63072000
cache-control: no-cache, private
location: https://xtremempg.com/myaintlgroup/custom-css.css
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:37 GMT
content-type: text/html; charset=UTF-8
server: RaveRetailer

GET
H2 200 css
fonts.googleapis.com/ 774 B
838 B 174ms
51ms Stylesheet
text/css 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

ESF /

Resource Hash

52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 21:59:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:37 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 17 Oct 2024 21:14:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
79 KB 131ms
53ms Script
application/javascript 142.250.65.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205453072-44

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7058cde2eef74e33211de108bc2b5191d581f67d83e7369966fd11a12870519d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 21:59:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 21:10:08 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80297
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK ProfileImage
mpgxtreme.corpadmin.directscale.com//BackOffice/ 35 KB
36 KB 330ms
130ms Image
image/png 208.90.224.140
EXIGO-EPIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mpgxtreme.corpadmin.directscale.com//BackOffice/ProfileImage?id=64489

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

208.90.224.140 , United States, ASN32413 (EXIGO-EPIC, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e5bdfd6b138b3edaeed515e7e0eef755452a624da93d25dee3d8b6bf1944238e

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

X-DirectScale-RequestId: d45fe86d-0a3e-46c5-aa93-7acc8551c071
X-Content-Type-Options: nosniff
Expires: Fri, 18 Oct 2024 21:59:37 GMT
Date: Thu, 17 Oct 2024 21:59:36 GMT
Content-Type: image/png
Last-Modified: Thu, 17 Oct 2024 21:59:37 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'
Cache-Control: private, max-age=86400, s-maxage=0
X-AspNet-Version: 4.0.30319
Access-Control-Allow-Origin: *
Content-Length: 35940
X-XSS-Protection: 1; mode=block
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2

GET
H2 200 GSR_6692944edd6243317061720885854.png
cdn.raveretailer.com/4450703AD7/2024/07/images/ 29 KB
30 KB 443ms
20ms Image
image/png 34.102.209.168
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.raveretailer.com/4450703AD7/2024/07/images/GSR_6692944edd6243317061720885854.png
Requested by: Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.209.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 168.209.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c5cfd6df8c0ae0bc184d7350e882615fea383ab03d7fbf8d5baa72857f67829d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=hpO7/A==, md5=u5u2hyNyBwolNvO4fUs/Mw==
etag: "bb9bb6872372070a2536f3b87d4b3f33"
age: 2517
x-goog-stored-content-encoding: identity
expires: Thu, 17 Oct 2024 22:17:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 29750
date: Thu, 17 Oct 2024 21:17:40 GMT
last-modified: Sat, 13 Jul 2024 14:50:55 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY0IaFlzHrtYbfMyxzffZ-VRCTfNJnZC86-btEGOjyT0qUXRbOsPWz-19KWiLInD16_JrY0
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1720882255193778
content-length: 29750
server: UploadServer

GET
H2 200 GSR_62f4fdead0aa15618221660226554.jpg
cdn.raveretailer.com/4450703AD7/2022/08/images/ 103 KB
103 KB 28ms
27ms Image
image/jpeg 34.102.209.168
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.raveretailer.com/4450703AD7/2022/08/images/GSR_62f4fdead0aa15618221660226554.jpg
Requested by: Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.209.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 168.209.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4cbc77443232fa36df000011389125f1a198bbedb85302e911338ea0d91b57f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=z0FJHg==, md5=IHfuQi0uZBsQmVNsdDycYw==
etag: "2077ee422d2e641b1099536c743c9c63"
age: 2517
x-goog-stored-content-encoding: identity
expires: Thu, 17 Oct 2024 22:17:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 105234
date: Thu, 17 Oct 2024 21:17:40 GMT
last-modified: Thu, 11 Aug 2022 13:02:35 GMT
content-type: image/jpeg
x-guploader-uploadid: AHmUCY095ovmqpwwpkHrPZKvucRLHFeGVciheOMJ7DBfMkWYgkl8j3aRjEdgxsvqtt48mmJEnUI
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1660222955003955
content-length: 105234
server: UploadServer

GET
H2 200 GSR_66979b73b603e9675471721215363.png
cdn.raveretailer.com/4450703AD7/2024/07/images/ 230 KB
231 KB 30ms
28ms Image
image/png 34.102.209.168
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.raveretailer.com/4450703AD7/2024/07/images/GSR_66979b73b603e9675471721215363.png
Requested by: Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.209.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 168.209.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 069bb588fba3a754608ac7ce81b4b9da52abb856f2485f8e24c21d569f4f0212

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=kNrRsg==, md5=RT74oThqOdfPuNrApAvVew==
etag: "453ef8a1386a39d7cfb8dac0a40bd57b"
age: 2517
x-goog-stored-content-encoding: identity
expires: Thu, 17 Oct 2024 22:17:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 235683
date: Thu, 17 Oct 2024 21:17:41 GMT
last-modified: Wed, 17 Jul 2024 10:22:43 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY3RUu60PSoMldWyQLV9uJKnyC1nfauysbBivza_5QVOeqGGRRPtC3DOvq-w-t_kwIfD214
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1721211763915295
content-length: 235683
server: UploadServer

GET
H3 200 css
fonts.googleapis.com/ 6 KB
698 B 56ms
56ms Stylesheet
text/css 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

ESF /

Resource Hash

abba6f93285dbd43173b5024d882a2da2a0eb7892ad8268413a9b65d456751f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 21:59:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 17 Oct 2024 21:59:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 GSR_6697f1323737a360331721237314.png
cdn.raveretailer.com/4450703AD7/2024/07/images/ 318 KB
318 KB 22ms
22ms Image
image/png 34.102.209.168
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.raveretailer.com/4450703AD7/2024/07/images/GSR_6697f1323737a360331721237314.png
Requested by: Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.209.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 168.209.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b0c32a12ff5287093af2a85aa8df60d64614dde94d55a14e016878219dc766ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=V1KRGg==, md5=Y1hylVY6uSTdezZWfOd8qg==
etag: "63587295563ab924dd7b36567ce77caa"
age: 3165
x-goog-stored-content-encoding: identity
expires: Thu, 17 Oct 2024 22:06:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 325714
date: Thu, 17 Oct 2024 21:06:53 GMT
last-modified: Wed, 17 Jul 2024 16:28:34 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY0xnbTlQgz8ZG1AjRDo0zCqwZ8pbwVn_MBaXUcGD5QWFISFAKw59TMhzCeGOcqa_MicQAg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1721233714381587
content-length: 325714
server: UploadServer

GET
H3 200 GSR_6697f14f649b88140091721237343.png
cdn.raveretailer.com/4450703AD7/2024/07/images/ 204 KB
204 KB 22ms
20ms Image
image/png 34.102.209.168
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.raveretailer.com/4450703AD7/2024/07/images/GSR_6697f14f649b88140091721237343.png
Requested by: Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.209.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 168.209.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63bb24cedab4db536c6dc5e4f34d4f39a2f4e971f41be9e971e72d00d32dee2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=fBPmCA==, md5=3Z29JU8zV8Wfy5nm+7vBnA==
etag: "dd9dbd254f3357c59fcb99e6fbbbc19c"
age: 3165
x-goog-stored-content-encoding: identity
expires: Thu, 17 Oct 2024 22:06:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 208949
date: Thu, 17 Oct 2024 21:06:53 GMT
last-modified: Wed, 17 Jul 2024 16:29:03 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY1x8Ls3M8JZ5U7Lc8j1UBWLpkzOIy-RPkTt64eBM62iEzQ_COiOSTN9eQvUbiq0coTgdw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1721233743566827
content-length: 208949
server: UploadServer

GET
H3 200 messages.js Show response
xtremempg.com/js/ 373 KB
93 KB 57ms
57ms Script
application/javascript 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/js/messages.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

0e9ac8b13340d578f85465eb212b404cec892af5d282a65bd39350cc82be975b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "5d50e-62498aeff18a3-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Wed, 16 Oct 2024 14:14:09 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: application/javascript

GET
H3 200 scripts.js Show response
xtremempg.com/js/ 465 KB
129 KB 59ms
58ms Script
application/javascript 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/js/scripts.js?id=59b98e8c6e69180de828

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

2267408b4fbcec1c59d2f6647a89c0b349e561708e707c8e0f20870446d7a24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "74436-62475e6b4c8cf-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Mon, 14 Oct 2024 20:44:20 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: application/javascript

GET
H3 200 rr-datatable.js Show response
xtremempg.com/js/ 89 KB
30 KB 56ms
55ms Script
application/javascript 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/js/rr-datatable.js?id=ba3972e43f350e84a043

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

74a7f9083a6540048286385ee81db243381371657625c06b8001eb624c6e1b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "1639c-5d63f99b33e25-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30857
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Sun, 23 Jan 2022 13:12:13 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: application/javascript

GET
H2 200 algoliasearch.umd.js Show response
cdn.jsdelivr.net/npm/algoliasearch@4/dist/ 34 KB
8 KB 88ms
20ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/algoliasearch@4/dist/algoliasearch.umd.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c6e0857916a61679d05f92fbdc000cb509f3d52d71c2286299ce5d5602392aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"88fe-001ddTua5xc3heKJ11QiOZAv2w0"
age: 39908
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220154-FRA, cache-yyz4557-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8191
x-jsd-version: 4.24.0

GET
H3 200 moment.js Show response
xtremempg.com/plugins/dateRangePicker/ 132 KB
29 KB 59ms
54ms Script
application/javascript 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/plugins/dateRangePicker/moment.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

2b4b2181df3354ebd90f04ad95742fe254fd437307e34c529b1ea55bf760a759

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "20efa-5b826a57a2a8e-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29514
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Tue, 05 Jan 2021 12:50:08 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: application/javascript

GET
H3 200 bootstrap-datetimepicker.min.js Show response
xtremempg.com/plugins/bootstrap-datetimepicker/js/ 38 KB
9 KB 55ms
50ms Script
application/javascript 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/plugins/bootstrap-datetimepicker/js/bootstrap-datetimepicker.min.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

e5899ac40c0c8c8a4cad594af3863ff8d8c2a4a9c561af1b59605b50748119f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "966e-5b826a57a0b4d-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9494
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Tue, 05 Jan 2021 12:50:08 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: application/javascript

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 232 KB
78 KB 85ms
78ms Script
text/javascript 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyD8nQB8Yiu_tTKzjyrmDesNld0EKd_CPFk&callback=initMap&libraries=&v=weekly

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

de0654b597fe070df872bc029aeeda65f24f20de939ba24777d18c7e20aadf17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 28aa6179
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80089
date: Thu, 17 Oct 2024 21:59:38 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 98ms
33ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 1670
x-backend-server: player-backend-edge-entry
expires: Thu, 17 Oct 2024 18:01:49 GMT
x-player-backend: g
x-cache: HIT
Date: Thu, 17 Oct 2024 21:59:38 GMT
Content-Type: application/javascript;charset=utf-8
x-bapp-server
x-served-by: cache-yyz4521-YYZ
x-cache-hits: 996
vary: Accept-Encoding
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Cache-Control: max-age=1800
x-timer: S1729202378.317234,VS0,VE0
Connection: keep-alive
via: 1.1 varnish
CF-RAY: 8d438e906f0a39ed-YYZ
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 11434
Server: cloudflare

GET
H3 200 cart.js Show response
xtremempg.com/js/ 16 KB
5 KB 54ms
49ms Script
application/javascript 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/js/cart.js?id=62634ce14446bec2782d

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

f42da7bf5ee892800a6cafdca2cf76713ef01727d84d7818c9240cb993745041

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "3e67-62498ae9772dd-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5159
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Wed, 16 Oct 2024 14:14:03 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: application/javascript

GET
H3 200 jquery.payment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/ 8 KB
3 KB 64ms
36ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-210b"
age: 84061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZy%2FN0WTISRUtFF3EWftLel0hlnWm6l92hprsBPhLKXOY90sCqbI0lZmbOFW%2BNFKBprttsfI2r9RxrZkOnIVUo30tG1RtUHcC%2B67z40A32QS80y16ypooD4dqdqBFxv09His0gw8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 21:59:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d438e903ee4544f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2420
server: cloudflare

GET
H3 200 jquery-ui.min.js Show response
xtremempg.com/plugins/jquery-ui/ 248 KB
66 KB 62ms
58ms Script
application/javascript 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/plugins/jquery-ui/jquery-ui.min.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "3dee5-5b826a57a49ce-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Tue, 05 Jan 2021 12:50:08 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: application/javascript

GET
H3 200 jquery.validate.min.js Show response
xtremempg.com/plugins/validate/ 22 KB
7 KB 54ms
50ms Script
application/javascript 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/plugins/validate/jquery.validate.min.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
etag: "59f0-5b826a57a884f-gzip"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7425
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Tue, 05 Jan 2021 12:50:08 GMT
vary: Accept-Encoding
server: RaveRetailer
content-type: application/javascript

GET
H2 200 popup.js Show response
cdn.gtranslate.net/widgets/latest/ 16 KB
6 KB 97ms
30ms Script
application/javascript 104.26.13.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gtranslate.net/widgets/latest/popup.js
Requested by: Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d376e6f8cf2de99a9f7056cfb9372144ecdb1cc0023b09874eee5450570743cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"644ef5be-487f"
age: 84062
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wgtvmewDiiVAAmPUJ7UAboefigarl%2BXxghBc28h1R%2BfwgRH5RvF7%2F%2FQYXsIy3Rm5txNJXBsluvKMiJffa8lxVa3e4Z8Q3HEpq5cUXUbjTkgnfXiWAyrjud4BVafcnwyKvqmGw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 16 Oct 2025 22:38:36 GMT
cf-polished: origSize=18559
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: application/javascript
last-modified: Sun, 30 Apr 2023 23:11:58 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d438e907d3136cc-YYZ
server: cloudflare

GET
H2 200 css
api.fontshare.com/ 3 KB
4 KB 325ms
110ms Stylesheet
text/css 3.11.233.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fontshare.com/css?f[]=chillax@200,300,400,500,600,700&display=swap
Requested by: Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/custom-css.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.233.85 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-233-85.eu-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 40c163b797329bdd9762c8093982ad6ebac6cf5af6866029aa74a4ca9902cc48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

x-request-id: F_9cZrdj6jaAds8YwyTB
cache-control: private, max-age=86400, stale-while-revalidate=604800
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://api.fontshare.com
content-length: 3502
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: text/css
server: Cowboy
access-control-allow-headers: content-type, authorization, cookie

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
742 B 52ms
50ms Stylesheet
text/css 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/custom-css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

ESF /

Resource Hash

1f59a1b487bdcf53e767b6efdfb0776b27f5d883f066d377fc08f12177243930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 21:59:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:37 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 17 Oct 2024 21:56:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
695 B 52ms
51ms Stylesheet
text/css 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/custom-css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

ESF /

Resource Hash

6b78976e0a15138b3b1bde71abfa5bbb603eff6bdf1fc4d4eaffaeeaab0abc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 21:59:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:37 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 17 Oct 2024 21:12:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
76 KB 170ms
94ms Script
application/javascript 142.250.65.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ML6PK7N

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9e24034b38f34d8a0f4a82d896357594947ff5e7886481afc590bade7a08a9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 17 Oct 2024 21:59:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 21:06:20 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77126
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 252 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5848c61d14d03bb70749432e210c21ebda67a1d214992ceaf37dbe65cb0acdd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 252 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cde270f029f89eb8c363ffcf677803333762e3989e7a9027a655674227218c86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 106ms
59ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://fonts.googleapis.com/

Response headers

age: 107073
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 16:15:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 16:15:05 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 117ms
71ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://fonts.googleapis.com/

Response headers

age: 50362
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 08:00:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:00:16 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 fa-solid-900.woff2
xtremempg.com/webfonts/ 137 KB
137 KB 55ms
51ms Font
font/woff2 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/webfonts/fa-solid-900.woff2

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Response headers

strict-transport-security: max-age=63072000
etag: "225a0-5b826a57f5ac6"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140704
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Tue, 05 Jan 2021 12:50:08 GMT
content-type: font/woff2
server: RaveRetailer

GET
H3 200 fa-regular-400.woff2
xtremempg.com/webfonts/ 169 KB
169 KB 57ms
53ms Font
font/woff2 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/webfonts/fa-regular-400.woff2

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Response headers

strict-transport-security: max-age=63072000
etag: "2a4a4-5b826a57f2be5"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173220
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Tue, 05 Jan 2021 12:50:08 GMT
content-type: font/woff2
server: RaveRetailer

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 131ms
85ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://fonts.googleapis.com/

Response headers

age: 60610
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:09:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 05:09:28 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 93ms
47ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://fonts.googleapis.com/

Response headers

age: 50380
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 07:59:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 07:59:58 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 fa-light-300.woff2
xtremempg.com/webfonts/ 185 KB
185 KB 57ms
55ms Font
font/woff2 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/webfonts/fa-light-300.woff2

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

dbbe0d8ca25eef4edbbd3248feb22f8f9cc20ded608cd3e5c410f27bf7e97f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Response headers

strict-transport-security: max-age=63072000
etag: "2e40c-5b826a57eed64"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 189452
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Tue, 05 Jan 2021 12:50:08 GMT
content-type: font/woff2
server: RaveRetailer

GET
H3 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 81ms
36ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://fonts.googleapis.com/

Response headers

age: 105675
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 16:38:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 16:38:23 GMT
last-modified: Wed, 13 Sep 2023 22:52:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15396
x-xss-protection: 0
server: sffe

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 134ms
59ms Script
text/javascript 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/js/scripts.js?id=59b98e8c6e69180de828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f14.1e100.net

Software

ESF /

Resource Hash

1fcce91080e0c58b41ddc4bb6e9dad66c72e78802dc59622d8b0a42e5458d3af

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Thu, 17 Oct 2024 21:59:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H3 200 algoliasearch.esm.browser.js Show response
cdn.jsdelivr.net/npm/algoliasearch@4/dist/ 84 KB
13 KB 43ms
20ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/algoliasearch@4/dist/algoliasearch.esm.browser.js

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6063c0b267f79f5079ed81ed759ad3cd21139534052d9e09a38ac3b144b0e28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xtremempg.com
Referer: https://xtremempg.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"14e28-iST+etgxW1/FM2wfLWQ4gl8WIyQ"
age: 26760
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220037-FRA, cache-yyz4543-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12817
x-jsd-version: 4.24.0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 123ms
57ms XHR
application/json 142.250.64.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD8nQB8Yiu_tTKzjyrmDesNld0EKd_CPFk&callback=initMap&libraries=&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.106 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://xtremempg.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Thu, 17 Oct 2024 21:59:38 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 en-us.png
cdn.gtranslate.net/flags/32/ 695 B
1 KB 28ms
27ms Image
image/png 104.26.13.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gtranslate.net/flags/32/en-us.png
Requested by: Host: xtremempg.com
URL: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529bcccc5a1659f26fe9f396a809996d064504598f145bee5abc62b94f7d1ec6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "63692750-33e"
age: 14799865
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbClmLmtI31Yt9%2FKd1XSwJ9KvEdxrl8MInBMClTl%2BVDY480orR7RZvvGWuV%2FQ%2F%2F%2BdFXz4u1Jgxcxm0YWkwVbPf4ouNOWeunUmFYnQcYruMaQ1ikwXfc8apBr6rUsc%2BuTBhJZ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 29 Apr 2025 14:55:13 GMT
cf-polished: origSize=830
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: image/png
last-modified: Mon, 07 Nov 2022 15:42:08 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d438e91ae7436cc-YYZ
accept-ranges: bytes
content-length: 695
server: cloudflare

GET
H3 200 region-language Show response
xtremempg.com/myaintlgroup/shopping-cart/ 7 KB
831 B 195ms
195ms XHR
text/html 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/myaintlgroup/shopping-cart/region-language

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/js/scripts.js?id=59b98e8c6e69180de828

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

fb0c4401d9e14897a00a0a8d4db8d57233ae63e349095cc09a43f4b1af994210

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*

Response headers

strict-transport-security: max-age=63072000
x-robots-tag: all
cache-control: no-cache, private
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: RaveRetailer

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e627e516/www-widgetapi.vflset/ 31 KB
10 KB 34ms
33ms Script
text/javascript 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e627e516/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f14.1e100.net

Software

sffe /

Resource Hash

36cb859be5a639c678f317d76c5c589da1b5e08820fcce41d67c38b517efa959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: br
age: 50334
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 08:00:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:00:44 GMT
last-modified: Wed, 16 Oct 2024 04:17:19 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10417
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
94 KB 57ms
56ms Script
application/javascript 142.250.65.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F5NZJHJY46&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205453072-44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0fc150b76f7515f74291324e5ca605cbd873950af845ca0601741a6f8c3358ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 21:59:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96209
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 106ms
31ms Script
text/javascript 142.250.80.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205453072-44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: gzip
age: 3781
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 22:56:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 20:56:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 47ms
46ms Fetch
text/plain 142.250.80.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-F5NZJHJY46&gtm=45je4ag0v9126197758z89130109725za200&_p=1729202378230&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529666~101533422~101686685&cid=362464021.1729202379&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1729202378&sct=1&seg=0&dl=https%3A%2F%2Fxtremempg.com%2Fmyaintlgroup%2Fisr-instructions-freedom-phix&dt=Become%20an%20ISR%20pHix%20Pack%20%7C%20XtremeMPG&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2448
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F5NZJHJY46&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s34-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://xtremempg.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
304 B 47ms
46ms XHR
text/plain 142.250.80.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1765382382&t=pageview&_s=1&dl=https%3A%2F%2Fxtremempg.com%2Fmyaintlgroup%2Fisr-instructions-freedom-phix&ul=en-ca&de=UTF-8&dt=Become%20an%20ISR%20pHix%20Pack%20%7C%20XtremeMPG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1068309690&gjid=1557137684&cid=362464021.1729202379&tid=UA-205453072-44&_gid=23640881.1729202379&_r=1&gtm=457e4ag0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101686685&jsscut=1&z=2135612717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://xtremempg.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://xtremempg.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

POST
H3 200 website-popup Show response
xtremempg.com/myaintlgroup/ 30 B
50 B 231ms
229ms XHR
application/json 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/myaintlgroup/website-popup

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/js/scripts.js?id=59b98e8c6e69180de828

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

6a335c97471b426803d846a2d1d3febc5c9dabfe220bcf1641ec83a3df4dc85a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=63072000
x-robots-tag: all
cache-control: no-store, no-cache, must-revalidate, no-cache, private
pragma: no-cache
via: 1.1 google
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: application/json
server: RaveRetailer

GET
H3 200 cart-count Show response
xtremempg.com/myaintlgroup/shopping-cart/ 1 B
51 B 204ms
204ms XHR
text/html 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xtremempg.com/myaintlgroup/shopping-cart/cart-count

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/js/scripts.js?id=59b98e8c6e69180de828

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://xtremempg.com/myaintlgroup/isr-instructions-freedom-phix
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*

Response headers

strict-transport-security: max-age=63072000
x-robots-tag: all
cache-control: no-store, no-cache, must-revalidate, no-cache, private
content-encoding: gzip
pragma: no-cache
via: 1.1 google
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 21:59:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: RaveRetailer

GET
H3 200 GSR_669297ba72d4b8621631720886730.jpg
cdn.raveretailer.com/4450703AD7/2024/07/images/ 3 KB
3 KB 23ms
22ms Other
image/jpeg 34.102.209.168
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.raveretailer.com/4450703AD7/2024/07/images/GSR_669297ba72d4b8621631720886730.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.209.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 168.209.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 717ac3481c4223975d2f989e8fc8efa729a3389a99aad730c9104b98bd054ca1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=KBuXAg==, md5=+F0jmTRE3vAqxgxxDNcxxg==
etag: "f85d23993444def02ac60c710cd731c6"
age: 1728
x-goog-stored-content-encoding: identity
expires: Thu, 17 Oct 2024 22:30:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3528
date: Thu, 17 Oct 2024 21:30:50 GMT
last-modified: Sat, 13 Jul 2024 15:05:30 GMT
content-type: image/jpeg
x-guploader-uploadid: AHmUCY2jOCd1XsSIlGttHZd2fntGRcBZsIDWid3uMYUuRayrjBtoARJUjbtHnqjr1qOPSCKDp2CLQJo5OQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1720883130623323
content-length: 3528
server: UploadServer

GET
H3 200 ca.svg
xtremempg.com/flags/4x3/ 728 B
746 B 47ms
47ms Image
image/svg+xml 34.160.71.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xtremempg.com/flags/4x3/ca.svg

Requested by

Host: xtremempg.com
URL: https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.71.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.71.160.34.bc.googleusercontent.com

Software

RaveRetailer /

Resource Hash

5bda905693ffed32df95f79a8eeac1fbf062630de05f48875e109c35681e2331

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/css/site-styles.css?id=03b5b0042ad2e4f3e261

Response headers

strict-transport-security: max-age=63072000
etag: "2d8-5c3e10a680789"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
date: Thu, 17 Oct 2024 21:59:38 GMT
last-modified: Thu, 03 Jun 2021 18:49:53 GMT
content-type: image/svg+xml
server: RaveRetailer

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/9/ 264 KB
55 KB 36ms
35ms Script
text/javascript 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/9/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD8nQB8Yiu_tTKzjyrmDesNld0EKd_CPFk&callback=initMap&libraries=&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

sffe /

Resource Hash

b13c0e0108b0ccd2df90441ccaa1dd4e18e797595fbabf57e497be01aaaf3efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: br
age: 7149
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 20:00:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 20:00:34 GMT
last-modified: Mon, 14 Oct 2024 21:56:15 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56686
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/9/ 190 KB
58 KB 50ms
49ms Script
text/javascript 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/9/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD8nQB8Yiu_tTKzjyrmDesNld0EKd_CPFk&callback=initMap&libraries=&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

sffe /

Resource Hash

4134ee357c4f9cd52362b7105f4297bd4fc01aa9c7870ea763149fe4186e3d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xtremempg.com/

Response headers

content-encoding: br
age: 8750
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 19:33:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 19:33:53 GMT
last-modified: Mon, 14 Oct 2024 21:56:15 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 59185
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

278 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xtremempg.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bdv34e5os1numo9l77r2qo7slv
xtremempg.com/	1970-01-21 02:03:14	Name: ref_user_code Value: eyJpdiI6IjF2b2M5UDVOUE5hdjU1VndcL0w1R1lRPT0iLCJ2YWx1ZSI6InprSWxlbWxLamN1aGd5MEdLS2tYNVhZMGFlUTh3TE5rSjZlMnRDOFZaK25kYU9qcXhGTHJsNm5FaUJ0a3llZkNpeTZiOHNUOEs5TVBTdGE2aittNlF3PT0iLCJtYWMiOiI1OTk2ZjFhZDI3M2E0ZWM4YzlmMDA1ZWQwZjdlYjRhNTg2M2YxZWI1MmY3Y2I2MzVjYmU0NTg2MjE1NWI3OWI5In0%3D
xtremempg.com/	1970-01-21 01:03:14	Name: username_code Value: myaintlgroup
.vimeo.com/	1970-01-21 00:20:04	Name: __cf_bm Value: 3O0vWaOrXtIjXcgRz2iUcV7B71FpS5Pt2zZCRJo8WJs-1729202378-1.0.1.1-eKtmLNvHbs0OhMKrgdiccrLIqqR7hgUyDsbI1jvbvZ_iqfmAI0hQQXHGAWq41lPZ
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 91CpV8hLHMxpPR9IvnP.tz.8HLnTb.O9A5humZJjGQE-1729202378321-0.0.1.1-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1J2RNAUgOc8
.youtube.com/	1970-01-21 04:39:14	Name: VISITOR_INFO1_LIVE Value: rht8H9TKNf4
.youtube.com/	1970-01-21 04:39:14	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgRw%3D%3D
.xtremempg.com/	1970-01-21 09:56:02	Name: _ga_F5NZJHJY46 Value: GS1.1.1729202378.1.0.1729202378.0.0.0
.xtremempg.com/	1970-01-21 09:56:02	Name: _ga Value: GA1.2.362464021.1729202379
.xtremempg.com/	1970-01-21 00:21:28	Name: _gid Value: GA1.2.23640881.1729202379
.xtremempg.com/	1970-01-21 00:20:02	Name: _gat_gtag_UA_205453072_44 Value: 1
xtremempg.com/	1970-01-21 00:21:14	Name: raveapp Value: eyJpdiI6InRyWmhJMzFBYkQweEFNUnN4a05qaVE9PSIsInZhbHVlIjoic2VmdjdwZUFSeVA1YWR2aUc2OFI2cDQxTG5kWXpSWjZEOVMzaFJaXC85THhTZCtITTJKOGNUQld2R2NNM25mV2g2cDhIMkphRmYrMjY1TFlXN2R4cW9TU1Q0MVQ3S3VXM0trbUpuVjhmVmduMXV3V3JvVURNRGZiaERnWjRreE03IiwibWFjIjoiNWFhMGJjNTIzODlhOTIyMDE3MzMxMzQ1MDdhMmJmOTFlY2JiMjg4ZjA5OWEwOGMyMmFjNDdhOTAwMmRiYzZkZSJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.fontshare.com
cdn.gtranslate.net
cdn.jsdelivr.net
cdn.raveretailer.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
mpgxtreme.corpadmin.directscale.com
phixca.com
player.vimeo.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
xtremempg.com
104.17.24.14
104.26.13.42
142.250.64.106
142.250.65.174
142.250.65.200
142.250.80.42
142.250.80.46
142.251.35.163
151.101.193.229
162.159.128.61
173.254.29.24
208.90.224.140
3.11.233.85
34.102.209.168
34.160.71.66
069bb588fba3a754608ac7ce81b4b9da52abb856f2485f8e24c21d569f4f0212
0e9ac8b13340d578f85465eb212b404cec892af5d282a65bd39350cc82be975b
0fc150b76f7515f74291324e5ca605cbd873950af845ca0601741a6f8c3358ea
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1f59a1b487bdcf53e767b6efdfb0776b27f5d883f066d377fc08f12177243930
1fcce91080e0c58b41ddc4bb6e9dad66c72e78802dc59622d8b0a42e5458d3af
2267408b4fbcec1c59d2f6647a89c0b349e561708e707c8e0f20870446d7a24c
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f
2b4b2181df3354ebd90f04ad95742fe254fd437307e34c529b1ea55bf760a759
36cb859be5a639c678f317d76c5c589da1b5e08820fcce41d67c38b517efa959
3dd889ba566bd24a22f59a1ca33943f792c9e86671df5bcc42ef0e3bbbaef566
40c163b797329bdd9762c8093982ad6ebac6cf5af6866029aa74a4ca9902cc48
4134ee357c4f9cd52362b7105f4297bd4fc01aa9c7870ea763149fe4186e3d8d
4cbc77443232fa36df000011389125f1a198bbedb85302e911338ea0d91b57f2
529bcccc5a1659f26fe9f396a809996d064504598f145bee5abc62b94f7d1ec6
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
5848c61d14d03bb70749432e210c21ebda67a1d214992ceaf37dbe65cb0acdd4
58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc
5bda905693ffed32df95f79a8eeac1fbf062630de05f48875e109c35681e2331
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6063c0b267f79f5079ed81ed759ad3cd21139534052d9e09a38ac3b144b0e28a
63bb24cedab4db536c6dc5e4f34d4f39a2f4e971f41be9e971e72d00d32dee2f
6a335c97471b426803d846a2d1d3febc5c9dabfe220bcf1641ec83a3df4dc85a
6b78976e0a15138b3b1bde71abfa5bbb603eff6bdf1fc4d4eaffaeeaab0abc26
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
7058cde2eef74e33211de108bc2b5191d581f67d83e7369966fd11a12870519d
717ac3481c4223975d2f989e8fc8efa729a3389a99aad730c9104b98bd054ca1
74a7f9083a6540048286385ee81db243381371657625c06b8001eb624c6e1b19
794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1
8f80f658fc152c2aa6ee738790a5d941c6fa87c0aae703c0d8aa660ce538192c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
999ea019eaf0d9bb72de94cccbf174b4f541856b5653270779aa0475eaa47e91
9e24034b38f34d8a0f4a82d896357594947ff5e7886481afc590bade7a08a9f0
abba6f93285dbd43173b5024d882a2da2a0eb7892ad8268413a9b65d456751f4
b0c32a12ff5287093af2a85aa8df60d64614dde94d55a14e016878219dc766ef
b13c0e0108b0ccd2df90441ccaa1dd4e18e797595fbabf57e497be01aaaf3efa
b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5cfd6df8c0ae0bc184d7350e882615fea383ab03d7fbf8d5baa72857f67829d
c6e0857916a61679d05f92fbdc000cb509f3d52d71c2286299ce5d5602392aaf
c8c8da579e363feab54671fa5c1c823c37d416198e69f59b78b3e6a8a875d73a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7ed444a388771b3078136fd9f8f50ca56afa978bbf2a78bfab6b162c630b94
cde270f029f89eb8c363ffcf677803333762e3989e7a9027a655674227218c86
d376e6f8cf2de99a9f7056cfb9372144ecdb1cc0023b09874eee5450570743cf
da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5
dbbe0d8ca25eef4edbbd3248feb22f8f9cc20ded608cd3e5c410f27bf7e97f92
de0654b597fe070df872bc029aeeda65f24f20de939ba24777d18c7e20aadf17
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e5899ac40c0c8c8a4cad594af3863ff8d8c2a4a9c561af1b59605b50748119f5
e5bdfd6b138b3edaeed515e7e0eef755452a624da93d25dee3d8b6bf1944238e
f42da7bf5ee892800a6cafdca2cf76713ef01727d84d7818c9240cb993745041
fb0c4401d9e14897a00a0a8d4db8d57233ae63e349095cc09a43f4b1af994210

xtremempg.com Open in urlscan Pro 34.160.71.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

0 %IPv6

14 Domains

15 Subdomains

15 IPs

3 Countries

2530 kBTransfer

5190 kBSize

13 Cookies

4 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xtremempg.com Open in urlscan Pro
34.160.71.66 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

15
IPs

3
Countries

2530 kB
Transfer

5190 kB
Size

13
Cookies

55 HTTP transactions
2 data transactions