| www.clkmg.com/flowers12/wwxipromo/jana@earenfroe.com/wellnesswisdomway.com/B/WWXI3_2/WWXI/ | 44.241.228.163 | 302 Found | 230 B |
URL User Request GET HTTP/1.1www.clkmg.com/flowers12/wwxipromo/jana@earenfroe.com/wellnesswisdomway.com/B/WWXI3_2/WWXI/ IP44.241.228.163:443
CertificateIssuerGlobalSign nv-sa Subject*.clkmg.com Fingerprint63:8A:A6:9B:36:83:0A:EC:38:E5:D8:2E:98:37:F2:E2:93:A9:E6:B6 ValidityWed, 28 Feb 2024 22:20:05 GMT - Mon, 31 Mar 2025 22:20:04 GMT
File typeHTML document, ASCII text Hash849487c61ea75f8ca34e2105b6809229 224556f945b6e5514edcea0d21caa6ad2648a429 1e2585796c0d0daae4bb4e350e861f20bba2e64acc9148fd2733c41eb3857d95
GET /flowers12/wwxipromo/jana@earenfroe.com/wellnesswisdomway.com/B/WWXI3_2/WWXI/ HTTP/1.1
Host: www.clkmg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: undefined-origin
Access-Control-Max-Age: 300
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 24 Apr 2024 08:21:53 GMT
Location: https://mweboutstanding.com/8712/178/3/?subid=
P3P: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server: nginx
Set-Cookie: alc=1; domain=.clkmg.com; expires=Wed Apr 24 08:21:58 2024; path=/;
vid=1002720726; domain=.clkmg.com; expires=Thu Apr 24 08:21:53 2025; path=/; SameSite=None; Secure;
X-CM-FE: httpfe-1
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Length: 230
Connection: keep-alive
|
|
| tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240424082432313&aff_sub=178 | 54.78.40.72 | 302 Found | 392 B |
URL User Request GET HTTP/1.1tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240424082432313&aff_sub=178 IP54.78.40.72:443
CertificateIssuerAmazon Subjecttracking.getxitox-at.com Fingerprint93:AF:69:32:64:D7:9D:1C:FB:83:DD:A7:3C:31:62:F9:8B:AD:7D:8D ValidityThu, 27 Jul 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash795bddd8dc536fc65af66f62ed4078a6 a223347b373134a28878c6148569943aaaeae4f8 eb58c9df633be4d51f11510023deda99314d2ed29c30e16777c09b6adb383bc3
GET /aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240424082432313&aff_sub=178 HTTP/1.1
Host: tracking.getxitox-at.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:21:53 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 392
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_111=1969; expires=Thu, 25 Apr 2024 08:21:53 GMT; path=/; SameSite=None; Secure
enc_aff_session_111=ENC037a77fd20453396ec4a831bdf6cf2af54575a746aece1c869f342b9e8d22b314b7921327881e8907812cb15b01e9ae58ee77a51aabffca7708b4d17145e1a5bb1f22a7559fe77bb78b6923723ee6efa9d8877ec16bb67dba095f248d80728c1f48ec59348953f70fc4ffef03670d2dc2ef8a290cbe2cd34f08682a6963bbb5bc0382b7b244d8b4f27dad159adce86ef19767a8d3f0e1f68d9146c60fa2900b331248e797f; expires=Fri, 24 May 2024 08:21:53 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Fri, 19 Mar 2027 19:01:53 GMT; path=/; SameSite=None; Secure
Tracking_id: 10294c8037ba3b57bfdff819d758bb
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 8dcb10d1ae88e12763774d2f57f87df0
Access-Control-Allow-Headers: Tune-SDK-Version
|
|
| getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 | 184.73.2.163 | 301 Moved Permanently | 134 B |
URL User Request GET HTTP/1.1getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 IP184.73.2.163:80
File typeHTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 24 Apr 2024 08:21:54 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://getxitox.com:443/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
|
|
| getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 | 34.204.163.183 | 301 Moved Permanently | 17 kB |
URL User Request GET HTTP/1.1getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 IP34.204.163.183:80
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (456) Hashdb13bbb7fc2050c070c4643ea62aaf28 d0b38be2a7b9f53b77dfab44d5a7869201d1cb84 ff475a47fdfe77b1705c8a5d62c594ea886ae5da5f1777efe98dc92f312c4805
GET /go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:54 GMT
content-type: text/html; charset=UTF-8
content-length: 17114
server: nginx/1.22.1
x-powered-by: PHP/5.6.40
set-cookie: signifyd_token=756568796247001818; expires=Thu, 25-Apr-2024 08:21:54 GMT; Max-Age=86400; path=/
hasoffers_affiliate_id=2629; expires=Thu, 25-Apr-2024 08:21:54 GMT; Max-Age=86400; path=/
hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; expires=Sat, 22-Apr-2034 08:21:54 GMT; Max-Age=315360000; path=/; domain=.getxitox.com
aff_sub1=178; path=/; domain=.getxitox.com
aff_sub5=8712_sessid20240424082432313; path=/; domain=.getxitox.com
visitedindexnoaffprog-maxwebphp=1; expires=Tue, 23-Jul-2024 08:21:54 GMT; Max-Age=7776000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-169212633-21 | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-169212633-21 IP142.250.74.168:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashfa1599028e45ee522747c956b962c911 b607ef313815a35da935499dcd86d51cc5567ccb dab61b85769872115fe83e0cea828c715285693520e3ccfedb5c6f0a0f7405e3
GET /gtag/js?id=UA-169212633-21 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:21:55 GMT
expires: Wed, 24 Apr 2024 08:21:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73349
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/all.min.css | 34.204.163.183 | 200 OK | 12 kB |
URL GET HTTP/2getxitox.com/css/all.min.css IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (54998), with no line terminators Hashedd84d47691f748dbd6414c9c0234d78 107a773061dee58f1ebec5738f49b8ba2c230bbb c5c6e9f9c3344800ce30b5186cecaa2502c43338e3083072a9fe25893dc11cef
GET /css/all.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: text/css
content-length: 11944
server: nginx/1.22.1
last-modified: Mon, 22 Apr 2024 10:00:58 GMT
etag: "d6d6-616ac83948a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/main.css | 34.204.163.183 | 200 OK | 2.9 kB |
URL GET HTTP/2getxitox.com/css/main.css IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeassembler source, ASCII text Hashe4e674b25abd1be51b1534dbce77c66b 556a1f78b26f233333259ad453956f85dc56358f 3b480a14755e94f7e571c13d16ebdb9c335a415f8e4cfd90c9e81bc5ec3683bb
GET /css/main.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: text/css
content-length: 2920
server: nginx/1.22.1
last-modified: Mon, 22 Apr 2024 10:00:58 GMT
etag: "2fb4-616ac83948a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/redscarcitybar2.css | 34.204.163.183 | 200 OK | 901 B |
URL GET HTTP/2getxitox.com/css/redscarcitybar2.css IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeassembler source, ASCII text Hash61bf4c685b40b856be942d3bb821e648 c2677116b2a29935e903bb916f1f43b091ccb24e 6c54cb4464bf269625714bf7c58f4799e6ba8528d7d7de58be62a3881a1e866f
GET /css/redscarcitybar2.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: text/css
content-length: 901
server: nginx/1.22.1
last-modified: Mon, 22 Apr 2024 10:00:58 GMT
etag: "e1a-616ac83948a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp | 54.230.111.127 | 200 OK | 63 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash29c062cc5de9d03762bf531f09c243ad 34f557539b1226e9ee6d8635d9b0c3b7ffd7da02 35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 63072
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 Apr 2024 15:05:23 GMT
etag: "29c062cc5de9d03762bf531f09c243ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BlcbfC8gGjSKiJQANqHkYlPxim6ZAJXkTNbHMFkmwlmDoaRqzW9AZQ==
age: 62193
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp | 54.230.111.127 | 200 OK | 14 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha95ee5c046085a1dc469198e6531a013 3ec4c8806bd2c987f9b9199394f2e2e8185af8a7 c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9
GET /xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 13484
last-modified: Fri, 11 Aug 2023 09:35:58 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9
x-amz-meta-s3b-last-modified: 20230811T093449Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 Apr 2024 17:39:18 GMT
etag: "a95ee5c046085a1dc469198e6531a013"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7b0s-NxOvWG7VooTMlUWgefC9mrEMCdz1O1FGIvXuCZ1HNzGy5ItBA==
age: 52958
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp | 54.230.111.127 | 200 OK | 69 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash09455703253cc258426078c211587e22 7c0b8afb0b3906a00c241a042794900eb65f22dd 8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 68632
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f
x-amz-meta-s3b-last-modified: 20230406T073709Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 Apr 2024 15:05:21 GMT
etag: "09455703253cc258426078c211587e22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GkzXBV83Q2wVtcKMh-uyYT7P_XqZx4q3xRDvVOXAUpjee350PxzdLw==
age: 62194
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/citroburn/images/MBG-Desktop.png | 54.230.111.127 | 200 OK | 57 kB |
URL GET HTTP/2cdn.truegcloud.com/citroburn/images/MBG-Desktop.png IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 750 x 150, 8-bit/color RGB, non-interlaced Hashc05b836a7658a41daf2dc51be5737be0 a6af6ccb982624a38f1f86c60934c7e4428dabf4 fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5
GET /citroburn/images/MBG-Desktop.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 57158
last-modified: Thu, 20 Aug 2020 10:52:29 GMT
x-amz-meta-sha256: fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5
x-amz-meta-s3b-last-modified: 20200820T105220Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 Apr 2024 22:22:22 GMT
etag: "c05b836a7658a41daf2dc51be5737be0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uU1KqlM5g9o6ozWV_wL52njos1rvebDReD0uHfAEQDRUSuTUPgsHUA==
age: 35974
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/icon-location1.svg | 54.230.111.127 | 200 OK | 913 B |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-location1.svg IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd3439fa1b0a4ae681311fec979521f2b 11ddfe16802c9d418318933e47478bc4766a297f f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503
GET /nutonen/icon-location1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 913
date: Wed, 24 Apr 2024 02:38:16 GMT
last-modified: Tue, 07 May 2019 07:49:38 GMT
etag: "d3439fa1b0a4ae681311fec979521f2b"
x-amz-meta-sha256: f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503
x-amz-meta-s3b-last-modified: 20190411T064308Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w-RF2Iio-Vjc8zgkon8XuPWkfXLIu2WqbjN4bf2t3FE9JmL6tcXIOQ==
age: 20620
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/footer-logo.png | 54.230.111.127 | 200 OK | 18 kB |
URL GET HTTP/2cdn.truegcloud.com/nutonen/footer-logo.png IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 422 x 248, 8-bit/color RGBA, non-interlaced Hash86596e58694fe751bc0e74ef3a60986a 9c313a53061f7ed13900b1dc8d1c5bdf60236834 ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef
GET /nutonen/footer-logo.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 18384
last-modified: Tue, 07 May 2019 07:37:36 GMT
x-amz-meta-sha256: ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef
x-amz-meta-s3b-last-modified: 20190411T081706Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 05:04:38 GMT
etag: "86596e58694fe751bc0e74ef3a60986a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 68zBmAr5_sdzrJB8gg-rzD90x1eCtUGnAF5MgOaV7NnetP31lyn_KA==
age: 11838
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp | 54.230.111.127 | 200 OK | 22 kB |
URL GET HTTP/2cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash0b9b41de247a630e02f2e70b9ad4e6be 033d5726086977b3eab3423bf8f0879f9ef65c27 3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee
GET /epishieldplus/optimized-images/newseal.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22242
last-modified: Mon, 29 Jun 2020 07:01:49 GMT
x-amz-meta-sha256: 3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee
x-amz-meta-s3b-last-modified: 20200629T070116Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 07:35:21 GMT
etag: "0b9b41de247a630e02f2e70b9ad4e6be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Kx1eCJSChNbTJTLXFtawVbqtirgnOORVaGVsa9ZXA_yj51PQjGQoNg==
age: 9195
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/icon-mail1.svg | 54.230.111.127 | 200 OK | 878 B |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-mail1.svg IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashf89f1e4f86398ef896edd781d500d16f 0894b8e3cfb486cfc9269842e3a5e77f033d618d 4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3
GET /nutonen/icon-mail1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 878
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: 4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3
x-amz-meta-s3b-last-modified: 20190411T064330Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 02:27:18 GMT
etag: "f89f1e4f86398ef896edd781d500d16f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qmb8bqfFERadS5bCvySzDLoxUkEbsGsAS2YBgXl7Gmp1Ua_q6F-kxg==
age: 21278
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/skeleton.min.css | 34.204.163.183 | 200 OK | 23 kB |
URL GET HTTP/2getxitox.com/css/skeleton.min.css IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65324) Hasha15c2ac3234aa8f6064ef9c1f7383c37 6e10354828454898fda80f55f3decb347fd9ed21 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
GET /css/skeleton.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: text/css
content-length: 23238
server: nginx/1.22.1
last-modified: Mon, 22 Apr 2024 10:00:58 GMT
etag: "2606e-616ac83948a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png | 54.230.111.127 | 200 OK | 19 kB |
URL GET HTTP/2cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 216 x 133, 8-bit/color RGBA, non-interlaced Hashaf6ffdf43cacfbdebbbed0a4a27c804e 0424ceeb566c683b7f4616f5f96484962e2ee3af 4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f
GET /simplepromise/SP-Logo-Hanging.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 18574
date: Wed, 24 Apr 2024 01:48:10 GMT
last-modified: Mon, 13 Apr 2020 03:02:47 GMT
etag: "af6ffdf43cacfbdebbbed0a4a27c804e"
x-amz-meta-sha256: 4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f
x-amz-meta-s3b-last-modified: 20200413T030146Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZqRsQmTJgy_9HqWs-LHw9v1ety7dbIWaH_ACFgqrExtpq6xopBkVhw==
age: 23626
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/slidereveal.js | 34.204.163.183 | 200 OK | 1.6 kB |
URL GET HTTP/2getxitox.com/js/slidereveal.js IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash31f5a3f634189d0d865a11c9e11d0d79 c00f665e9d15a33455d947b2fa75b731cbd54753 79cddd678b3f3282adb888ed5685ea33f61c3d7dfd562025aa1231fe40ba1140
GET /js/slidereveal.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: application/javascript
content-length: 1550
server: nginx/1.22.1
last-modified: Mon, 22 Apr 2024 10:00:58 GMT
etag: "159f-616ac83948a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp | 54.230.111.127 | 200 OK | 54 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash022d788f32d49ab893e886a0b76cd2fc 4a8afaf743570c7cf07102b4d802ae5b35907e1d 4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 53456
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 Apr 2024 15:05:21 GMT
etag: "022d788f32d49ab893e886a0b76cd2fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1MB0r265qzgtl0PUFJHwLxwVHnvs4Lytoo-ivBorf0yWglVtD48uLA==
age: 62194
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/skeleton.bundle.min.js | 34.204.163.183 | 200 OK | 22 kB |
URL GET HTTP/2getxitox.com/js/skeleton.bundle.min.js IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65297) Hasha454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
GET /js/skeleton.bundle.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: application/javascript
content-length: 22295
server: nginx/1.22.1
last-modified: Mon, 22 Apr 2024 10:00:58 GMT
etag: "1332b-616ac83948a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/jquery.min.js | 34.204.163.183 | 200 OK | 31 kB |
URL GET HTTP/2getxitox.com/js/jquery.min.js IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashf832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
GET /js/jquery.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: application/javascript
content-length: 30675
server: nginx/1.22.1
last-modified: Mon, 22 Apr 2024 10:00:58 GMT
etag: "15850-616ac83948a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| main.tgoptimize.com/load.js?r=0.3806336887878422&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629 | 52.22.184.18 | 200 OK | 1.4 kB |
URL GET HTTP/2main.tgoptimize.com/load.js?r=0.3806336887878422&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629 IP52.22.184.18:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectmain.tgoptimize.com Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14 ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashf41372fd1dc36dd28d73ce202cde90f1 6f1bf1cd6ac40be7a7e8e5f1f9e6885785b630c9 4b7b0f8b33774558204f4fd7fc3ce7053e490a89fc8aded7537f9c5ac07fe1a8
GET /load.js?r=0.3806336887878422&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: text/html; charset=UTF-8
content-length: 1430
server: Apache
set-cookie: tgopt_id=ig88yi3Ko4di4JMHp1Ji0UgCGtFi7g12; expires=Thu, 21-Apr-2039 08:21:55 GMT; Max-Age=473040000; path=/
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC | 142.250.74.168 | 200 OK | 106 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC IP142.250.74.168:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (53481) Size106 kB (105880 bytes) Hash8174cfe3d2a0a99fd169125548c9fcf7 1a6d31d09dd4926fbe7f42d9f64992961a3efbf4 086c98fafda20d5d3e5bd2cfced021c1456d79451bc5749e5682186c7febf3b8
GET /gtm.js?id=GTM-KMZ74FC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:21:55 GMT
expires: Wed, 24 Apr 2024 08:21:55 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=ig88yi3Ko4di4JMHp1Ji0UgCGtFi7g12&r=0.8663133480874494&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629 | 52.22.184.18 | 200 OK | 35 B |
URL GET HTTP/2main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=ig88yi3Ko4di4JMHp1Ji0UgCGtFi7g12&r=0.8663133480874494&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629 IP52.22.184.18:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectmain.tgoptimize.com Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14 ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT
File typeGIF image data, version 87a, 1 x 1 Hash729c3007a8ed0597531b0c76d54a94bb 90fe9b8a8142548fdfab29f59cb0a164a0eaef81 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /my.gif?verifier=&tgopt_12129=1&tgopt_id=ig88yi3Ko4di4JMHp1Ji0UgCGtFi7g12&r=0.8663133480874494&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: image/gif
content-length: 35
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/epishieldplus/newseal.png | 54.230.111.127 | 200 OK | 29 kB |
URL GET HTTP/2cdn.truegcloud.com/epishieldplus/newseal.png IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 318 x 311, 8-bit colormap, non-interlaced Hashe279243ea699343e8c39ed7b821e8430 6e91efc8e714a73b63a0f91022987ae06d620f44 f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b
GET /epishieldplus/newseal.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 28820
last-modified: Mon, 29 Jun 2020 07:24:56 GMT
x-amz-meta-sha256: f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b
x-amz-meta-s3b-last-modified: 20200629T072358Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 07:35:22 GMT
etag: "e279243ea699343e8c39ed7b821e8430"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _gReu6mDQ_ATtXqEbyADHJnuDRCFAGwo--SgvaDRqIDN438JL8d_KQ==
age: 5731
X-Firefox-Spdy: h2
|
|
| mweboutstanding.com/8712/178/3/?subid= | 172.67.177.109 | 302 Found | 36 kB |
URL User Request GET HTTP/2mweboutstanding.com/8712/178/3/?subid= IP172.67.177.109:443
CertificateIssuerGoogle Trust Services LLC Subjectmweboutstanding.com Fingerprint64:75:FE:F0:0D:ED:C1:64:48:80:FA:A9:1F:DF:C4:F2:3F:B7:60:49 ValiditySat, 09 Mar 2024 10:12:33 GMT - Fri, 07 Jun 2024 10:12:32 GMT
File typegzip compressed data, from Unix Hashaa9a6290db3fa82ab32f40fb303750d7 a3331a5a91d97a8999cc9503a4a9b4abc6302cda 8ec2d48e018e0fe3d7af9990a564288b207a2de00674be90fbc22554bffe1f33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8712/178/3/?subid= HTTP/1.1
Host: mweboutstanding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 08:21:53 GMT
content-type: text/html; charset=UTF-8
location: https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240424082432313&aff_sub=178
cache-control: max-age=3600, private
pragma: no-cache
expires: Wed, 24 Apr 2024 09:24:09 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbTui4UBbxBxHCp; SameSite=Lax; path=/; expires=Thu, 25-Apr-24 07:21:53 GMT; HttpOnly
server: cloudflare
cf-ray: 8794aeb05c2fb505-OSL
X-Firefox-Spdy: h2
|
|
| getxitox.com/webfonts/fa-solid-900.woff2 | 34.204.163.183 | 200 OK | 74 kB |
URL GET HTTP/2getxitox.com/webfonts/fa-solid-900.woff2 IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 73852, version 1.0 Hashfb493903265cad425ccdf8e04fc2de61 fef2f08d60e907750df0bc41ce64a7139642ddf0 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
GET /webfonts/fa-solid-900.woff2 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/css/all.min.css
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313; tgopt_12129=1; tgopt_id=ig88yi3Ko4di4JMHp1Ji0UgCGtFi7g12
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-length: 73852
server: nginx/1.22.1
last-modified: Mon, 22 Apr 2024 10:00:58 GMT
etag: "1207c-616ac83948a80"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/images/bottle_mention.png | 54.230.111.127 | 200 OK | 188 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/images/bottle_mention.png IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 1308 x 939, 8-bit colormap, non-interlaced Size188 kB (187749 bytes) Hash5cab986cff18198ae5e79fd393ff75cb f00667912fd25062171b351245f0f7d0cc289f9e 2d5f155a2e8e45ecdf9294cc6995f06baceb35fd27cb14751d726c6bb662308c
GET /xitox/images/bottle_mention.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 187749
last-modified: Thu, 13 Apr 2023 08:58:00 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 03:43:03 GMT
etag: "5cab986cff18198ae5e79fd393ff75cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bPGc3xshhJO7gTvLIDTQ6kP0RHgABBjjqYdmyNyPGZBkG7U-78s9cQ==
age: 16732
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Merriweather&display=swap | 142.250.74.74 | 200 OK | 24 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Merriweather&display=swap IP142.250.74.74:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash815aeb2844fa883dc97607d79ee0e527 cb61726ecc35a7bda35809dee493a3e7f205ea8e 1a27398c4d999a703888e8e7b2f3d4f466a12da6c159a8ceb79b930097e20e0d
GET /css2?family=Merriweather&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 08:21:55 GMT
date: Wed, 24 Apr 2024 08:21:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:21:46 GMT
expires: Fri, 18 Apr 2025 17:21:46 GMT
cache-control: public, max-age=31536000
age: 486009
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.bestclickssl.com/wwxipromo/jana@earenfroe.com/wellnesswisdomway.com/B/WWXI3_2/WWXI/ | 188.114.96.1 | 302 Found | 66 kB |
URL User Request GET HTTP/2www.bestclickssl.com/wwxipromo/jana@earenfroe.com/wellnesswisdomway.com/B/WWXI3_2/WWXI/ IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectbestclickssl.com FingerprintF9:4B:1F:D6:90:52:FD:B6:BF:E2:F3:68:B9:FC:10:35:DF:8C:E3:2E ValidityWed, 13 Mar 2024 23:49:55 GMT - Tue, 11 Jun 2024 23:49:54 GMT
Hash66c73343ffe49a2e2058bb10fc8bd0bd a3aed9c9c40f25501550e52916a6b425b2336db3 5a45cf86c937856c4a1ce96adbb9e0a682e12a38b3d038c206140dcfd4526bf5
GET /wwxipromo/jana@earenfroe.com/wellnesswisdomway.com/B/WWXI3_2/WWXI/ HTTP/1.1
Host: www.bestclickssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 08:21:52 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.clkmg.com/flowers12/wwxipromo/jana@earenfroe.com/wellnesswisdomway.com/B/WWXI3_2/WWXI/
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-2
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psw5zsX4QzEI6HIzoFKrMnHEapy8oJspKPSIvuHqraK5gpDBwEL1rTpqqhbSUhIsqSBZHMVkrOhg835j%2BGk9%2B7yvFsL44XIKGuJuwSSCox5PDUjJ7YI18OCxuwja1DNoYsIb0ZfabA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794aea66eebb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 | 216.58.207.227 | 200 OK | 34 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 34288, version 1.0 Hash71221d6bf4204042b1bbc3902d08a81b 92a10d7982d33e1e216ee8e1aec79c3ae8bcb8b6 92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
GET /s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:57:06 GMT
expires: Fri, 18 Apr 2025 02:57:06 GMT
cache-control: public, max-age=31536000
age: 537889
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn-scripts.signifyd.com/api/company_toolkit.js | 143.204.55.126 | 200 OK | 29 kB |
URL GET HTTP/2cdn-scripts.signifyd.com/api/company_toolkit.js IP143.204.55.126:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn-scripts.signifyd.com Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hashd4023a5c407812574dee742d18be81a0 f52d93e8ecad780f5b4bb107158005b6f02a321e 430e88614f1db37fbf1bb69eaad7afd81953750ba0a71c0a3d77db42094dcc7d
GET /api/company_toolkit.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 30 May 2023 10:18:44 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 24 Apr 2024 08:01:27 GMT
cache-control: max-age=1800
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NdrqJlm8pruHSd0NMI4OlOJjMZHX0PPN-y_IiJ_7NqCUigdcsa-JtA==
age: 1230
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 87 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Hash0a8ada91b14b5d0d09ed6a8a22ab7248 1fcce8269b6ad499e7d8b57c3332cca41aee00d0 7728f44b27e8582e0429cdbc07da4cb787704a9ac9f63a4a1a3377cbfe340e0a
GET /gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:21:55 GMT
expires: Wed, 24 Apr 2024 08:21:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86903
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.truegcloud.com/xitox/images/bottle_mention.webp | 54.230.111.127 | 200 OK | 76 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/images/bottle_mention.webp IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash01a497cf3255f7721149cff77097b1f4 0ad9dc18e4e841527c2c6a2c094d0a9b84073d3f 1e939493061d3e2fe602b8aa184a1c74756a59808656a50b1ac3ebb05c0498ef
GET /xitox/images/bottle_mention.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 75832
last-modified: Thu, 13 Apr 2023 08:58:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 08:21:56 GMT
etag: "01a497cf3255f7721149cff77097b1f4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0WT9kSeYmVy1xEOdfsr-CFUpCWkZ3n49zeD7xT_Bth8T7jkFKFJBFQ==
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/g8tb70pekizi096w.js?vtmvj36vc8jrx7ym=w2txo5aa&b08jeqkn6vh0b4xk=756568796247001818 | 91.235.133.113 | 200 OK | 13 kB |
URL GET HTTP/1.1imgs.signifyd.com/g8tb70pekizi096w.js?vtmvj36vc8jrx7ym=w2txo5aa&b08jeqkn6vh0b4xk=756568796247001818 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeJavaScript source, ASCII text, with very long lines (15506) Hash4444f37c687da255327b2d5e3abf4e81 37814cab0097ac361900502b9722cec6b81fbdca a0e90da1a7cbf68deab3359eb92f06735b99d6451e5d4adb371caa07006b05d3
GET /g8tb70pekizi096w.js?vtmvj36vc8jrx7ym=w2txo5aa&b08jeqkn6vh0b4xk=756568796247001818 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Set-Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
|
|
| cdn.truegcloud.com/nutonen/icon-phone1.svg | 54.230.111.127 | 200 OK | 8.8 kB |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-phone1.svg IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash45b73d333480f9ade34bf264042789e4 ff75f76463f57b3186ab30a2d8c33ac57dcb5d4e 704cab05d35f42e033c529e9de436b601fde02c21c4769fb180ea7f1ce31c8ca
GET /nutonen/icon-phone1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 23 Apr 2024 09:35:03 GMT
last-modified: Tue, 07 May 2019 07:49:38 GMT
etag: W/"3aa1961a3af018163eb0f8e09fea1239"
x-amz-meta-sha256: 6776eab96b7b8ff2ddaf5c5d06c92b468c648d1d20f3712ff3aef3c0373df9a8
x-amz-meta-s3b-last-modified: 20190411T064318Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hnvSmNxXTEF6NCg9tMITmR76P6wwOWu1cVmtVoF9f18oS2ZfVbt9Fw==
age: 82013
X-Firefox-Spdy: h2
|
|
| go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 | 172.66.40.143 | 200 OK | 45 B |
URL GET HTTP/2go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 IP172.66.40.143:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerLet's Encrypt Subjectmaxweb.com Fingerprint0A:CD:DD:BD:95:0C:D2:00:0B:46:8A:C1:CA:53:50:87:83:FD:42:2A ValiditySun, 03 Mar 2024 04:01:42 GMT - Sat, 01 Jun 2024 04:01:41 GMT
Hash0ea4a13ca347f8649575a3fba5d1c924 faeb081721636a246e437f46ba3e7a2a75be7ba2 03a83435c45ff71ca2ed17fef4054424c2b21297facf6f7a90b32f2a4bbd583b
GET /conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:21:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 24 Apr 2024 09:24:11 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=9BnDNzYNBkP.1LVXwe51EYP0AcENAuiPURZbthlOJTA-1713946915-1.0.1.1-VGzywmezU5meklj4luu7ZgcWm1JcQRlgqk46JKh8QP3NGwYn3wCX_.tEosI4aSven7FNb73Z6BEgrSNYfvbpSdRaYzGOCYkQHarzO1UyQk19jk18sfSZ5FMDcCOJxfCEm1nSNMpK19bSQIYnbebfCg"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=9BnDNzYNBkP.1LVXwe51EYP0AcENAuiPURZbthlOJTA-1713946915-1.0.1.1-VGzywmezU5meklj4luu7ZgcWm1JcQRlgqk46JKh8QP3NGwYn3wCX_.tEosI4aSven7FNb73Z6BEgrSNYfvbpSdRaYzGOCYkQHarzO1UyQk19jk18sfSZ5FMDcCOJxfCEm1nSNMpK19bSQIYnbebfCg; report-to cf-csp-endpoint
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbTwBhWajFSVcBe; SameSite=Lax; path=/; expires=Thu, 25-Apr-24 07:21:55 GMT; HttpOnly
server: cloudflare
cf-ray: 8794aebfb9a2b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js | 151.101.129.91 | 200 OK | 253 kB |
URL GET HTTP/3fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size253 kB (252774 bytes) Hash21ea705829c05759544342ba2f4ac461 2fa8e86431a1468bf7bbceb53b8662101bc70da8 b1ccbf581da817ca36d109e168b2cec2a34e7884c8e20c6722c6bff41da53b60
GET /players/v.4.2.1.000-vid-prod/player.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 252774
x-guploader-uploadid: ABPtcPo5Lg48CpwLdCNW2rFusARl9mmOn5dmITcmLSHJfHJQ3WKJzSL4ADAT93v8t8VUudGNWUlrOwG3SA
cache-control: public, max-age=86400, s-maxage=2592000
expires: Sun, 03 Mar 2024 11:03:19 GMT
last-modified: Fri, 02 Feb 2024 10:27:41 GMT
etag: "4fe59d178779b42a5f9c26452a22bdc2"
x-goog-generation: 1706869661807310
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 252774
x-goog-meta-surrogate-key: player-versioned
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=X1iFKw==, md5=T+WdF4d5tCpfnCZFKiK9wg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 24 Apr 2024 08:21:56 GMT
age: 670830
x-served-by: cache-dfw-kdfw8210138-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 252846, 1
x-timer: S1713946916.275238,VS0,VE6
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| imgs.signifyd.com/zaUOkNeby9NCChyA?dba0fb6bab912f83=KmE_eZkfnGW9ksf97mvq5Ix6QnYAmBZnqWPSVNeWDYnsR5x7cPosZKUAmdRh8xVPRKWAXBWH_GwUU6zMJX8UeJPKIY2sAxvxa_9Zp1YI3JZa2c39nm2-Y4Fbhu8N3IN7F5LCXSpupvCe9Kk | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/zaUOkNeby9NCChyA?dba0fb6bab912f83=KmE_eZkfnGW9ksf97mvq5Ix6QnYAmBZnqWPSVNeWDYnsR5x7cPosZKUAmdRh8xVPRKWAXBWH_GwUU6zMJX8UeJPKIY2sAxvxa_9Zp1YI3JZa2c39nm2-Y4Fbhu8N3IN7F5LCXSpupvCe9Kk IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /zaUOkNeby9NCChyA?dba0fb6bab912f83=KmE_eZkfnGW9ksf97mvq5Ix6QnYAmBZnqWPSVNeWDYnsR5x7cPosZKUAmdRh8xVPRKWAXBWH_GwUU6zMJX8UeJPKIY2sAxvxa_9Zp1YI3JZa2c39nm2-Y4Fbhu8N3IN7F5LCXSpupvCe9Kk HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| imgs.signifyd.com/zpFFiggE_kXdbpR8?622ecd4a01dc52d6=TrFiTFD327T5l5BqXSny6YU563Rvm59o9_gXbTgWgP8391Bbosvr9ejrsBJ-EGWBIag0V79Najk2NQOxWmu59itrjmCMW3E9e4KhQGcu6-VWp4HqiD0drQ_oUjGhOIBIPOuDXfldQ2wh_ntBcjWW6oVS6HB4L05HR8OhX2i4lr7HHPwLzoGKdwIn&jb=31382426687b6d7d3f4e696c7578266273673f4c6b6e7770246271603d446972656e6f702732323934 | 91.235.133.113 | 200 OK | 46 kB |
URL GET HTTP/1.1imgs.signifyd.com/zpFFiggE_kXdbpR8?622ecd4a01dc52d6=TrFiTFD327T5l5BqXSny6YU563Rvm59o9_gXbTgWgP8391Bbosvr9ejrsBJ-EGWBIag0V79Najk2NQOxWmu59itrjmCMW3E9e4KhQGcu6-VWp4HqiD0drQ_oUjGhOIBIPOuDXfldQ2wh_ntBcjWW6oVS6HB4L05HR8OhX2i4lr7HHPwLzoGKdwIn&jb=31382426687b6d7d3f4e696c7578266273673f4c6b6e7770246271603d446972656e6f702732323934 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeJavaScript source, ASCII text, with very long lines (15506) Hashd16cd26ca708ca8c961c693325163fff d1c9d7e28fb5bb503b59cad474ce9f0fc8163fdb 6dc78c931f177ce487ce2522f455aeba9b7f744f92890827e15d29f61b8e5251
GET /zpFFiggE_kXdbpR8?622ecd4a01dc52d6=TrFiTFD327T5l5BqXSny6YU563Rvm59o9_gXbTgWgP8391Bbosvr9ejrsBJ-EGWBIag0V79Najk2NQOxWmu59itrjmCMW3E9e4KhQGcu6-VWp4HqiD0drQ_oUjGhOIBIPOuDXfldQ2wh_ntBcjWW6oVS6HB4L05HR8OhX2i4lr7HHPwLzoGKdwIn&jb=31382426687b6d7d3f4e696c7578266273673f4c6b6e7770246271603d446972656e6f702732323934 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 6d6295993bd14769
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
|
|
| imgs.signifyd.com/oUaFPOxUofixY_M7?9a43c6a09b10af58=WzfqZHIE6XkPsD6YX2LKhWa1TO9i6wn-yDi4I1q-4NAkpCXjcIwSOGs64o2fk1_KOwyrYE01JqnMsy3AudEz0jvOaamrUQ99HANhWKRAnGV7NMFyyo-d2ZFG14e8FGqKxcBgOK1wlQOPsOI | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/oUaFPOxUofixY_M7?9a43c6a09b10af58=WzfqZHIE6XkPsD6YX2LKhWa1TO9i6wn-yDi4I1q-4NAkpCXjcIwSOGs64o2fk1_KOwyrYE01JqnMsy3AudEz0jvOaamrUQ99HANhWKRAnGV7NMFyyo-d2ZFG14e8FGqKxcBgOK1wlQOPsOI IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /oUaFPOxUofixY_M7?9a43c6a09b10af58=WzfqZHIE6XkPsD6YX2LKhWa1TO9i6wn-yDi4I1q-4NAkpCXjcIwSOGs64o2fk1_KOwyrYE01JqnMsy3AudEz0jvOaamrUQ99HANhWKRAnGV7NMFyyo-d2ZFG14e8FGqKxcBgOK1wlQOPsOI HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825za200&_p=1713946915627&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713946916&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4350 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825za200&_p=1713946915627&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713946916&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4350 IP216.239.34.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825za200&_p=1713946915627&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713946916&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4350 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 24 Apr 2024 08:21:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&jb=3136246c71693f3b356339316334366e663b663464343630353a3a6661346162326a373b666564 | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&jb=3136246c71693f3b356339316334366e663b663464343630353a3a6661346162326a373b666564 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&jb=3136246c71693f3b356339316334366e663b663464343630353a3a6661346162326a373b666564 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| imgs.signifyd.com/CBB-FT37cGnseXPb?196097b68788532f=Dgo594GfJh1vXC4JR6iddgKDqQ7cMvaoPIoXgkDCi6DfRD5AWyqUShGK_49HBskZFgVPV2bXzpn87pZXZELX5qLFbd_ktySTlW_uDNZHeKO7wgcUroZ838fN_TIts7s2ZvdPTH6v9VZwc1kH-lh1MHyaM2_KhuoeuteG1Cj4_aje5h_UMO3tBTcIc5I | 91.235.133.113 | 200 OK | 13 kB |
URL GET HTTP/1.1imgs.signifyd.com/CBB-FT37cGnseXPb?196097b68788532f=Dgo594GfJh1vXC4JR6iddgKDqQ7cMvaoPIoXgkDCi6DfRD5AWyqUShGK_49HBskZFgVPV2bXzpn87pZXZELX5qLFbd_ktySTlW_uDNZHeKO7wgcUroZ838fN_TIts7s2ZvdPTH6v9VZwc1kH-lh1MHyaM2_KhuoeuteG1Cj4_aje5h_UMO3tBTcIc5I IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeHTML document, ASCII text, with very long lines (15506) Hash7e333f4043abe095ca64a9e58de4ca3b 2e3ff48bf450f77562b24787bd721b82c1e04063 51dd91ec1ab1198caa2bff5a59bd1c7f5ee8de0954b5d2f859025b812b7a5bbf
GET /CBB-FT37cGnseXPb?196097b68788532f=Dgo594GfJh1vXC4JR6iddgKDqQ7cMvaoPIoXgkDCi6DfRD5AWyqUShGK_49HBskZFgVPV2bXzpn87pZXZELX5qLFbd_ktySTlW_uDNZHeKO7wgcUroZ838fN_TIts7s2ZvdPTH6v9VZwc1kH-lh1MHyaM2_KhuoeuteG1Cj4_aje5h_UMO3tBTcIc5I HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
|
|
| imgs.signifyd.com/Upy_0Rr8jKo0_w4o?5a61ae5c8e7883af=FDZ6ngZRVk9g3DFZhewwL5A-TQQbjvdh4zwQWHRusMIW5LFYEJ8qwOBVU8usSzHrai_M8FiCasHgEABhmQtL0yB1ZIblEni4nzlvdAm6V0CNHytUhANtnb1U5FkHVKEnfu3aY30lTEze0DruUJnz9M80KB5FHVRsSkrQ7tBdZNmgASnzOsoIvDJaGN13 | 91.235.133.113 | 200 OK | 13 kB |
URL GET HTTP/1.1imgs.signifyd.com/Upy_0Rr8jKo0_w4o?5a61ae5c8e7883af=FDZ6ngZRVk9g3DFZhewwL5A-TQQbjvdh4zwQWHRusMIW5LFYEJ8qwOBVU8usSzHrai_M8FiCasHgEABhmQtL0yB1ZIblEni4nzlvdAm6V0CNHytUhANtnb1U5FkHVKEnfu3aY30lTEze0DruUJnz9M80KB5FHVRsSkrQ7tBdZNmgASnzOsoIvDJaGN13 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeHTML document, ASCII text, with very long lines (15506) Hash0c2df1932feadc8cd0996b333972ce77 8deafad6c3139873a895ca4800fd715adf12a959 3fb58f519b8bc52795e27683f450e531e686604621ec99e25e40eac03b2fa7fa
GET /Upy_0Rr8jKo0_w4o?5a61ae5c8e7883af=FDZ6ngZRVk9g3DFZhewwL5A-TQQbjvdh4zwQWHRusMIW5LFYEJ8qwOBVU8usSzHrai_M8FiCasHgEABhmQtL0yB1ZIblEni4nzlvdAm6V0CNHytUhANtnb1U5FkHVKEnfu3aY30lTEze0DruUJnz9M80KB5FHVRsSkrQ7tBdZNmgASnzOsoIvDJaGN13 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
|
|
| imgs.signifyd.com/I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&ja=3a343626246b3f3824783d3226663d39323032783330303c2469643f313038307839303a362671787b35327032246472723d3124313a3a302e31323a3624333038322c31303a342433323a302e39323a362e313038302c39303a362c322c322e6f7c3f3037643531643b313c3b653462643a3231603436606433383f623863663163362e6f663f30267163643d3a342e6e683f68767c727b273141273246253a466f67747a6976677a26616d6d2732466767253a44696c6467706c6763646672726f67256d697a7767622c786a782731467672616e7b253b463132323b3c6130323137606133623d376a646464663a393b6c353738606225323e616e645f71756039273b4633373a25323669666e5d737762302d314c2730366366665f7b756a31253144273a346964645f717562342d334c27323461646e5d7b776035273344383f313a5d7367737161663a3230343234323438383a36333033333b273a34636664696c6969746d5d696625314c303e303b26726c3d352e70603f653a30306c6469373735333933663c656a67383b39316d603c633b39303930642e68603f353362636c67693632613b3264306d356d643837393431326d633761673837612e6a7b6d3d4e696c7d7a2e6871623f4669726d66677a2530303b3e2462716d753f4c696e7d782e6c68613d363024666f76703f302674726435575441266f697660703f373366353430653c603334303a6a646c6460383b6339393e666e66346437326e333a636733663636616c663c30393135346a3b6e316063343737623a666d306624703f786e7d656b6e5d666c617b682d374564616e7b6729726e7565696e5f7f6966666f75735d65676c6b635f726c61796d722d374564616e7b6729726e7565696e5f69646760655d61617a6d6a6376253745666164736d23706e7565616c57737769616b746965652d374564616e7b6729726e7565696e5f7b6867616b7561746d273d4764616e736521786c7d65696c5f706d6364726e617b6572253d456e636c716523786e7d656b6e5d766c6357706463796772273d476e636e736721706c7d67616c5f666574696e7e7027354766616c7b6529726c77676b665d7b74655f746965776d722d374564616e7b6729726e7565696e5f62617e6325374564696e7b67246361643d353939303339&jb=3b35246c73354f67786b6c6e6125324e3526322530302a5033392731422732304c616e7d7a2530307a3034573436253142253238727e27334339342632212730304565636b67253a4432323132383338332732324669726d66677a2530463b3e2c38 | 91.235.133.113 | 204 204 | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&ja=3a343626246b3f3824783d3226663d39323032783330303c2469643f313038307839303a362671787b35327032246472723d3124313a3a302e31323a3624333038322c31303a342433323a302e39323a362e313038302c39303a362c322c322e6f7c3f3037643531643b313c3b653462643a3231603436606433383f623863663163362e6f663f30267163643d3a342e6e683f68767c727b273141273246253a466f67747a6976677a26616d6d2732466767253a44696c6467706c6763646672726f67256d697a7767622c786a782731467672616e7b253b463132323b3c6130323137606133623d376a646464663a393b6c353738606225323e616e645f71756039273b4633373a25323669666e5d737762302d314c2730366366665f7b756a31253144273a346964645f717562342d334c27323461646e5d7b776035273344383f313a5d7367737161663a3230343234323438383a36333033333b273a34636664696c6969746d5d696625314c303e303b26726c3d352e70603f653a30306c6469373735333933663c656a67383b39316d603c633b39303930642e68603f353362636c67693632613b3264306d356d643837393431326d633761673837612e6a7b6d3d4e696c7d7a2e6871623f4669726d66677a2530303b3e2462716d753f4c696e7d782e6c68613d363024666f76703f302674726435575441266f697660703f373366353430653c603334303a6a646c6460383b6339393e666e66346437326e333a636733663636616c663c30393135346a3b6e316063343737623a666d306624703f786e7d656b6e5d666c617b682d374564616e7b6729726e7565696e5f7f6966666f75735d65676c6b635f726c61796d722d374564616e7b6729726e7565696e5f69646760655d61617a6d6a6376253745666164736d23706e7565616c57737769616b746965652d374564616e7b6729726e7565696e5f7b6867616b7561746d273d4764616e736521786c7d65696c5f706d6364726e617b6572253d456e636c716523786e7d656b6e5d766c6357706463796772273d476e636e736721706c7d67616c5f666574696e7e7027354766616c7b6529726c77676b665d7b74655f746965776d722d374564616e7b6729726e7565696e5f62617e6325374564696e7b67246361643d353939303339&jb=3b35246c73354f67786b6c6e6125324e3526322530302a5033392731422732304c616e7d7a2530307a3034573436253142253238727e27334339342632212730304565636b67253a4432323132383338332732324669726d66677a2530463b3e2c38 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&ja=3a343626246b3f3824783d3226663d39323032783330303c2469643f313038307839303a362671787b35327032246472723d3124313a3a302e31323a3624333038322c31303a342433323a302e39323a362e313038302c39303a362c322c322e6f7c3f3037643531643b313c3b653462643a3231603436606433383f623863663163362e6f663f30267163643d3a342e6e683f68767c727b273141273246253a466f67747a6976677a26616d6d2732466767253a44696c6467706c6763646672726f67256d697a7767622c786a782731467672616e7b253b463132323b3c6130323137606133623d376a646464663a393b6c353738606225323e616e645f71756039273b4633373a25323669666e5d737762302d314c2730366366665f7b756a31253144273a346964645f717562342d334c27323461646e5d7b776035273344383f313a5d7367737161663a3230343234323438383a36333033333b273a34636664696c6969746d5d696625314c303e303b26726c3d352e70603f653a30306c6469373735333933663c656a67383b39316d603c633b39303930642e68603f353362636c67693632613b3264306d356d643837393431326d633761673837612e6a7b6d3d4e696c7d7a2e6871623f4669726d66677a2530303b3e2462716d753f4c696e7d782e6c68613d363024666f76703f302674726435575441266f697660703f373366353430653c603334303a6a646c6460383b6339393e666e66346437326e333a636733663636616c663c30393135346a3b6e316063343737623a666d306624703f786e7d656b6e5d666c617b682d374564616e7b6729726e7565696e5f7f6966666f75735d65676c6b635f726c61796d722d374564616e7b6729726e7565696e5f69646760655d61617a6d6a6376253745666164736d23706e7565616c57737769616b746965652d374564616e7b6729726e7565696e5f7b6867616b7561746d273d4764616e736521786c7d65696c5f706d6364726e617b6572253d456e636c716523786e7d656b6e5d766c6357706463796772273d476e636e736721706c7d67616c5f666574696e7e7027354766616c7b6529726c77676b665d7b74655f746965776d722d374564616e7b6729726e7565696e5f62617e6325374564696e7b67246361643d353939303339&jb=3b35246c73354f67786b6c6e6125324e3526322530302a5033392731422732304c616e7d7a2530307a3034573436253142253238727e27334339342632212730304565636b67253a4432323132383338332732324669726d66677a2530463b3e2c38 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 | 151.101.129.91 | 200 OK | 1.1 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash01a4b36b437c6ff93d233c8d0abbe2f8 1663d9258a4fa2236d3c8f794b91ccbf5260d3cd 8567054e9b455b4735a7f5e412debf56810844e204d1d4ab0f80743d839989a4
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1137
x-guploader-uploadid: ADPycduVrkjVXVCM_5Dr4IG6fXw-U_g98JYx8F9fYztxutiIAkFOxp1_R7j5wo-P3Vf85T5Ej2fY0Ycnaro-GNOMTvjQqzSGEm9f
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:09 GMT
last-modified: Mon, 25 Sep 2023 15:30:29 GMT
etag: "01a4b36b437c6ff93d233c8d0abbe2f8"
x-goog-generation: 1695655829791443
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1137
content-type: application/octet-stream
x-goog-hash: crc32c=5Yk1dA==, md5=AaSza0N8b/k9IzyNCrvi+A==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1457937
date: Wed, 24 Apr 2024 08:21:56 GMT
x-served-by: cache-dfw-kdfw8210133-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 1136, 0
x-timer: S1713946917.713659,VS0,VE125
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| imgs.signifyd.com/fp/clear.png | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/fp/clear.png IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, w2txo5aa/6d6295993bd14769756568796247001818
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 24 Apr 2024 08:21:56 GMT
Expires: Mon, 23 Apr 2029 08:21:56 GMT
Etag: 66708d7f26234551b2ed3aacdec02130
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://getxitox.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 | 151.101.129.91 | 200 OK | 46 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashdc6e5df96aa662744cfe6bbdb276d17d dc4994afb2fe9a920b5c6f328b0fc93b31342aae 6a384320df21e240d2b0c9d0adf9993fbc72c69ecafce6c6e8bd85099f2fa430
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 46406
x-guploader-uploadid: ADPycdvl9tUYJsOSc0CQuPe0acpD2ES6XmvIfTXgyWdDIcU9_y9N7rZIjW6jNRDYyZOuGHI624-8V_-Tj7s2zhkvPpy-JluPtmsw
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "dc6e5df96aa662744cfe6bbdb276d17d"
x-goog-generation: 1693324458399105
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 46406
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Rc2Iow==, md5=3G5d+WqmYnRM/mu9snbRfQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 24 Apr 2024 08:21:56 GMT
age: 1374446
x-served-by: cache-dfw-kdfw8210043-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 337, 6
x-timer: S1713946917.938269,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 | 151.101.129.91 | 200 OK | 60 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashbb832cf8865dc7037ea21352c755da04 46c3b18627b8a603947e0bda666c82c769c2c522 ef601bbf5efb4e47db18c4b7858513cd182d221b44098beab6e3d84d3b053ba0
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 59930
x-guploader-uploadid: ABPtcPqLEnakTffi6lBwaoRqvU3vv7zb92rK9OIsV_i4E14p4YAn1OL8ymoeBZf5anHVhXTnOneuQqTrfQ
cache-control: public, max-age=31104000
expires: Thu, 03 Apr 2025 13:01:22 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "bb832cf8865dc7037ea21352c755da04"
x-goog-generation: 1693324458401827
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 59930
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=5Rge5g==, md5=u4Ms+IZdxwN+ohNSx1XaBA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 24 Apr 2024 08:21:56 GMT
age: 1365635
x-served-by: cache-dfw-kdal2120023-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 500, 1
x-timer: S1713946917.937861,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| imgs.signifyd.com/MOAwZVUwdBj9Z4vq?134e49f8f38f6a2a=faleOFqe1IKPihzT4mo89ydPCfxE9tI_wMMpmBsiahZnTTYXmJB5uMn5fQjoRrwhjHQKWV4_QrQqBYG8uvWV3bZ5C6b7Za6OmvGVzHWw3D9j4E88teGvRR_6ncBPokWmuPk&jf=3136246c716a3f303b3633673937383f666e333464633730646d673230673938646d3038373361 | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/MOAwZVUwdBj9Z4vq?134e49f8f38f6a2a=faleOFqe1IKPihzT4mo89ydPCfxE9tI_wMMpmBsiahZnTTYXmJB5uMn5fQjoRrwhjHQKWV4_QrQqBYG8uvWV3bZ5C6b7Za6OmvGVzHWw3D9j4E88teGvRR_6ncBPokWmuPk&jf=3136246c716a3f303b3633673937383f666e333464633730646d673230673938646d3038373361 IP91.235.133.113:443
Requested byhttps://imgs.signifyd.com/CBB-FT37cGnseXPb?196097b68788532f=Dgo594GfJh1vXC4JR6iddgKDqQ7cMvaoPIoXgkDCi6DfRD5AWyqUShGK_49HBskZFgVPV2bXzpn87pZXZELX5qLFbd_ktySTlW_uDNZHeKO7wgcUroZ838fN_TIts7s2ZvdPTH6v9VZwc1kH-lh1MHyaM2_KhuoeuteG1Cj4_aje5h_UMO3tBTcIc5I CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MOAwZVUwdBj9Z4vq?134e49f8f38f6a2a=faleOFqe1IKPihzT4mo89ydPCfxE9tI_wMMpmBsiahZnTTYXmJB5uMn5fQjoRrwhjHQKWV4_QrQqBYG8uvWV3bZ5C6b7Za6OmvGVzHWw3D9j4E88teGvRR_6ncBPokWmuPk&jf=3136246c716a3f303b3633673937383f666e333464633730646d673230673938646d3038373361 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/CBB-FT37cGnseXPb?196097b68788532f=Dgo594GfJh1vXC4JR6iddgKDqQ7cMvaoPIoXgkDCi6DfRD5AWyqUShGK_49HBskZFgVPV2bXzpn87pZXZELX5qLFbd_ktySTlW_uDNZHeKO7wgcUroZ838fN_TIts7s2ZvdPTH6v9VZwc1kH-lh1MHyaM2_KhuoeuteG1Cj4_aje5h_UMO3tBTcIc5I
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Wed, 24 Apr 2024 08:21:56 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| analytics-ingress-global.bitmovin.com/licensing | 35.190.27.197 | 200 OK | 77 B |
URL POST HTTP/2analytics-ingress-global.bitmovin.com/licensing IP35.190.27.197:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subject*.bitmovin.com FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT
Hash40f9443d5dc02e385b00b24c1f570269 c0e65fe8f73334d638173b9e33eff4f36d913104 ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 99
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: v1.62.1
date: Wed, 24 Apr 2024 08:21:56 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts | 151.101.129.91 | 200 OK | 35 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash5c5618a29d45a23b88d2203da2c52649 8ae3529c5b0a94f1fb7621f7e7034dc2c45d610b 43bfb43eb0a7f2b3faaae84c7d460e74277955f9fcdc496b134bb28621df5179
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 34968
x-guploader-uploadid: ABPtcPrVJV-F4L5jmSAtnNyhFr3qd44tEYX7SuZlgeRfyAqmYm1gPjjfwBskHiWo_kjjb30knzTDcEsqYDQT4YlVDguWaoDp10yo
cache-control: public, max-age=31104000
expires: Fri, 15 Nov 2024 12:05:27 GMT
last-modified: Tue, 29 Aug 2023 15:52:06 GMT
etag: "5c5618a29d45a23b88d2203da2c52649"
x-goog-generation: 1693324326196317
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 34968
content-type: video/mp2t
x-goog-hash: crc32c=6HX6Lw==, md5=XFYYop1FojuI0iA9osUmSQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1369228
date: Wed, 24 Apr 2024 08:21:57 GMT
x-served-by: cache-dfw-kdfw8210163-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 440, 0
x-timer: S1713946917.069226,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/awesome-log?cid=hLKq71Yz | 107.178.211.97 | 200 OK | 43 B |
URL GET HTTP/2stats.vidalytics.com/awesome-log?cid=hLKq71Yz IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=hLKq71Yz HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "hLKq71Yz/UMhVNug2SLPhMCVq"
date: Wed, 24 Apr 2024 08:21:57 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts | 151.101.129.91 | 200 OK | 160 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size160 kB (160176 bytes) Hash7fdcbc5ecf72c2dba9eccdac95c0cc60 c967d3220f65717f925b41f2fcc9f28ceac5337f 4104a53abb2627f21691f7dbbd6d787f5aee7c0326651e7103878343e679f185
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 160176
x-guploader-uploadid: ABPtcPpGUBBW_yJIVGa5Wmiz8vAhMkvji1ZzPIHkypzCKV1njR5w8iasUiU1O20_PvfVW9cn9jk
cache-control: public, max-age=31104000
expires: Thu, 16 Jan 2025 17:39:17 GMT
last-modified: Tue, 29 Aug 2023 15:50:41 GMT
etag: "7fdcbc5ecf72c2dba9eccdac95c0cc60"
x-goog-generation: 1693324241421854
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 160176
content-type: video/mp2t
x-goog-hash: crc32c=EYz/Ow==, md5=f9y8Xs9ywtup7M2slcDMYA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1453433
date: Wed, 24 Apr 2024 08:21:57 GMT
x-served-by: cache-dfw-kdfw8210085-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 752, 0
x-timer: S1713946917.027028,VS0,VE150
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 4173
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 24 Apr 2024 08:21:57 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&jac=1&je=33333b26247f67613f3b312c39302e3c32263335362672653f716771266375646835646e3734603536383a38373763663565623e3031616367646169373e3530366763353138366b343837363030616d3b66303b3739363e333936303033336c663a246778313d64663e386d6437603035303a696436623539666230666a67626765316e3769636163663339363c30 | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&jac=1&je=33333b26247f67613f3b312c39302e3c32263335362672653f716771266375646835646e3734603536383a38373763663565623e3031616367646169373e3530366763353138366b343837363030616d3b66303b3739363e333936303033336c663a246778313d64663e386d6437603035303a696436623539666230666a67626765316e3769636163663339363c30 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /I0e1asnbWk5oRWTy?7f947800d07294b0=IXc6rUBfDAd9t1S5vJ5k-GqUTPHG4ULDWl6A_tLZgPvGKF0h2w4oICkqUtQTq2cKvgE7N9_H6OOZBV_pke40NrBdvVlBAFoLxuDzgjVc3N4Kn8L1QPlPb5VCDc7Z0pSQAv0&jac=1&je=33333b26247f67613f3b312c39302e3c32263335362672653f716771266375646835646e3734603536383a38373763663565623e3031616367646169373e3530366763353138366b343837363030616d3b66303b3739363e333936303033336c663a246778313d64663e386d6437603035303a696436623539666230666a67626765316e3769636163663339363c30 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Wed, 24 Apr 2024 08:21:57 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 | 151.101.129.91 | 200 OK | 61 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash91ab9584d43ed322ce297c4beada2e1d ff66133b04457395acd80b0155761abb8811bbdd 317587a6fa28c2060c4c73cd5047b0101bd0caa39743f5b065d663f30f4a3f5e
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 61057
x-guploader-uploadid: ABPtcPrjMF5MHXWFw-6j0Ww5QojTVgKJ6OTeVhejt0ts3miaUO1qD9_dYyhgapQty-RR_JNmDg
cache-control: public, max-age=31104000
expires: Mon, 24 Feb 2025 08:00:11 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "91ab9584d43ed322ce297c4beada2e1d"
x-goog-generation: 1693324458420188
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 61057
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Yhv9Qg==, md5=kauVhNQ+0yLOKXxL6touHQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1457938
date: Wed, 24 Apr 2024 08:21:57 GMT
x-served-by: cache-dfw-kdfw8210161-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 1108, 0
x-timer: S1713946917.258150,VS0,VE126
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts | 151.101.129.91 | 200 OK | 56 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash611179996a3c9bd41d228fba2460da0d 18c519295bfebe1f89c1c8c96dbf32dc6ff76058 2dec35022f925d2935a394d57da2ca699bc8a9f107a8c56cb40f412516e6835c
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 55460
x-guploader-uploadid: ADPycdtNu_u_yccZNO8LDr9JPtGDbovWO_1j7D5nUi_sR3mnnGPUkLuR7phm0IrpVl6OcdQmrtWhyi0q1IVT97pAhorIihVvadJ5
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "611179996a3c9bd41d228fba2460da0d"
x-goog-generation: 1693324327555621
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55460
content-type: video/mp2t
x-goog-hash: crc32c=Asyviw==, md5=YRF5mWo8m9QdIo+6JGDaDQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1594159
date: Wed, 24 Apr 2024 08:21:57 GMT
x-served-by: cache-dfw-kdfw8210040-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 1744, 0
x-timer: S1713946917.258280,VS0,VE127
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 448
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 24 Apr 2024 08:21:57 GMT
content-length: 16
x-envoy-upstream-service-time: 3
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts | 151.101.129.91 | 200 OK | 54 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hashadf371f1a9684b35e655bddab7ae4d79 dcf2b775cd36762751a9b3ff5adefd821afb04f3 942e39e8342ee313fe81e1dd69fc2329bb90eff9c131d74dbb988455bb0772a2
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 54144
x-guploader-uploadid: ADPycdtBATaygqwRg_i2otfShV8AuUv9TzXo3v8-MP-0vXZygrO67j3P9MQYUxhhV7tWdBJqrej54xCzzvLFdnGStRn8uaBDBh8c
cache-control: public, max-age=31104000
expires: Fri, 27 Sep 2024 03:56:46 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "adf371f1a9684b35e655bddab7ae4d79"
x-goog-generation: 1693324327962747
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54144
content-type: video/mp2t
x-goog-hash: crc32c=wTW46Q==, md5=rfNx8aloSzXmVb3at65NeQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 24 Apr 2024 08:21:57 GMT
age: 1457936
x-served-by: cache-dfw-kdfw8210037-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 957, 2
x-timer: S1713946917.426794,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| d10lpsik1i8c69.cloudfront.net/w.js | 54.230.241.44 | 200 OK | 58 kB |
URL GET HTTP/2d10lpsik1i8c69.cloudfront.net/w.js IP54.230.241.44:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash8861ec555fbda6f15d9112c68cfcb11a 074e712a180ea4f4585a9d9e241caf8c4bd5c72c 3804fc0868dd994d2a383b54d9df94d571b8b192f49252280c10b9462b65f96b
GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 24 Apr 2024 07:23:36 GMT
cache-control: max-age=3600
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iyR2K6ZxTwX-Al535AG1SOT5s79J_TnpWgBg0RwtoHVjJIUvvlXSRA==
age: 3502
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825z8838620505za200&_p=1713946915627&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713946916&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5265 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825z8838620505za200&_p=1713946915627&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713946916&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5265 IP216.239.34.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825z8838620505za200&_p=1713946915627&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713946916&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5265 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 30
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 24 Apr 2024 08:21:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts | 151.101.129.91 | 200 OK | 1.7 MB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size1.7 MB (1703844 bytes) Hashbbc8b235acb49c32a227d2806b9a77bb 9d6edbe67629cbf19cf1c8646b83a803042dd016 c08fab17a1b7ccd9f2d3d6c259cd1ae680d51d38e45019f66b055e6369f29d62
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1703844
x-guploader-uploadid: ABPtcPqHuuF86veLmGM5qKVRAz-5VinWtJKlM4sncw7HWcVkURSQpWTCl8S9uRrF-lhCF5R3lGI
cache-control: public, max-age=31104000
expires: Tue, 08 Apr 2025 05:19:31 GMT
last-modified: Tue, 29 Aug 2023 15:51:36 GMT
etag: "bbc8b235acb49c32a227d2806b9a77bb"
x-goog-generation: 1693324296670685
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1703844
content-type: video/mp2t
x-goog-hash: crc32c=87ippA==, md5=u8iyNay0nDKiJ9KAa5p3uw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 961346
date: Wed, 24 Apr 2024 08:21:57 GMT
x-served-by: cache-dfw-kdfw8210164-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 679, 0
x-timer: S1713946917.422285,VS0,VE431
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:38:02 GMT
expires: Fri, 18 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 539036
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 699
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 24 Apr 2024 08:21:58 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg | 151.101.129.91 | 200 OK | 54 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc60.3.100", baseline, precision 8, 1920x1080, components 3 Hashbc55b1f437bddbe74f9d74d181f068da d48ba897a8f63eadbf55b8ddc854ccd4f7299d13 f3db1c97e2c94cecc0b57997f11951afc151451495407a9a1c5ac9306bf0f30d
GET /video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 53910
x-guploader-uploadid: ADPycdtZfwa3mZxHTiR8V00dI6D1_y0C9fYhQ7wVgZNebfqMIj0Evn-GHw0gyYctCAwiSAtv5fGD25Jci43NuQ90ot4-9g
cache-control: public, max-age=31104000
expires: Sun, 22 Sep 2024 18:59:28 GMT
last-modified: Fri, 14 Jul 2023 06:17:36 GMT
etag: "bc55b1f437bddbe74f9d74d181f068da"
x-goog-generation: 1689315456332968
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 53910
x-goog-meta-x-goog-reserved-source-generation: 1683106408845786
x-goog-custom-time: 2023-05-03T09:33:28.923Z
content-type: image/jpeg
x-goog-hash: crc32c=+PKXAg==, md5=vFWx9De92+dPnXTRgfBo2g==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 80394
date: Wed, 24 Apr 2024 08:21:58 GMT
x-served-by: cache-dfw-kdfw8210171-DFW, cache-hel1410026-HEL
x-cache: HIT, MISS
x-cache-hits: 45, 0
x-timer: S1713946918.137430,VS0,VE126
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 407
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 24 Apr 2024 08:21:58 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 449
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 24 Apr 2024 08:21:58 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825za200&_p=1713946915627&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713946916&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10267 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825za200&_p=1713946915627&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713946916&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10267 IP216.239.34.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44m0v9116850825za200&_p=1713946915627&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=869481757.1713946916&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713946916&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10294c8037ba3b57bfdff819d758bb%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240424082432313%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10267 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 471
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 24 Apr 2024 08:22:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| imgs.signifyd.com/XWfFFUMNlGNYc3LO?c97c3554cd407da1=VpAbZtUbKP8HTOrmhBCBwps3y3gVWy9-g8_76Iqu8Zc8Pmd8DsXXakzb_-dilwn4vPlGSQmR_8sziV9HTPSoV12dZXDBe04SYHQqB02z7jUtkrmmzaUJ88JsfSQl9ynay6YP_IohF0vyHSIqU4DLEigAQam4rWd1_1x-rUwT68VARrOLgdIx2qrOTvk&je=33333226247a677e3f30382c35302c3d382634372e353b26333c2e37392c31392c3d392633332e353b26333b2e37382c34352c3d392633342e353b26323e2e37392c31322c3d392633372e33302635312e37382c34342c3d392633322e353b2632312e37392c34302c3d38263b332e353a2636302e37392c30332c3d392632392e353b26333b | 91.235.133.113 | 204 204 | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/XWfFFUMNlGNYc3LO?c97c3554cd407da1=VpAbZtUbKP8HTOrmhBCBwps3y3gVWy9-g8_76Iqu8Zc8Pmd8DsXXakzb_-dilwn4vPlGSQmR_8sziV9HTPSoV12dZXDBe04SYHQqB02z7jUtkrmmzaUJ88JsfSQl9ynay6YP_IohF0vyHSIqU4DLEigAQam4rWd1_1x-rUwT68VARrOLgdIx2qrOTvk&je=33333226247a677e3f30382c35302c3d382634372e353b26333c2e37392c31392c3d392633332e353b26333b2e37382c34352c3d392633342e353b26323e2e37392c31322c3d392633372e33302635312e37382c34342c3d392633322e353b2632312e37392c34302c3d38263b332e353a2636302e37392c30332c3d392632392e353b26333b IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /XWfFFUMNlGNYc3LO?c97c3554cd407da1=VpAbZtUbKP8HTOrmhBCBwps3y3gVWy9-g8_76Iqu8Zc8Pmd8DsXXakzb_-dilwn4vPlGSQmR_8sziV9HTPSoV12dZXDBe04SYHQqB02z7jUtkrmmzaUJ88JsfSQl9ynay6YP_IohF0vyHSIqU4DLEigAQam4rWd1_1x-rUwT68VARrOLgdIx2qrOTvk&je=33333226247a677e3f30382c35302c3d382634372e353b26333c2e37392c31392c3d392633332e353b26333b2e37382c34352c3d392633342e353b26323e2e37392c31322c3d392633372e33302635312e37382c34342c3d392633322e353b2632312e37392c34302c3d38263b332e353a2636302e37392c30332c3d392632392e353b26333b HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Wed, 24 Apr 2024 08:22:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
|
|
| imgs.signifyd.com/-wEhcArVNUkFlZkJ?3a76259ea66d4a03=L254qEh6q_ny7YC6dIrIU5Ig8bGKxiQMaUkVzHhXF90U1hBNtFz0f3q5UtwWeJOuuGyVCiDdxwSh5W8EV6n3HyCDATFmexYxIvQNU7O1OJ6Kn30DdQ_-8KQcqESShyvncVE | 91.235.133.113 | | 0 B |
URL imgs.signifyd.com/-wEhcArVNUkFlZkJ?3a76259ea66d4a03=L254qEh6q_ny7YC6dIrIU5Ig8bGKxiQMaUkVzHhXF90U1hBNtFz0f3q5UtwWeJOuuGyVCiDdxwSh5W8EV6n3HyCDATFmexYxIvQNU7O1OJ6Kn30DdQ_-8KQcqESShyvncVE IP91.235.133.113:0
CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /-wEhcArVNUkFlZkJ?3a76259ea66d4a03=L254qEh6q_ny7YC6dIrIU5Ig8bGKxiQMaUkVzHhXF90U1hBNtFz0f3q5UtwWeJOuuGyVCiDdxwSh5W8EV6n3HyCDATFmexYxIvQNU7O1OJ6Kn30DdQ_-8KQcqESShyvncVE HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8
Origin: https://imgs.signifyd.com
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/Upy_0Rr8jKo0_w4o?5a61ae5c8e7883af=FDZ6ngZRVk9g3DFZhewwL5A-TQQbjvdh4zwQWHRusMIW5LFYEJ8qwOBVU8usSzHrai_M8FiCasHgEABhmQtL0yB1ZIblEni4nzlvdAm6V0CNHytUhANtnb1U5FkHVKEnfu3aY30lTEze0DruUJnz9M80KB5FHVRsSkrQ7tBdZNmgASnzOsoIvDJaGN13
Cookie: thx_guid=c23eee49ed3822a3173e8fa0bfea47ac
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Wed, 24 Apr 2024 08:22:19 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://imgs.signifyd.com
Content-Type: text/javascript
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 | 216.58.207.227 | 200 OK | 28 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27812, version 1.0 Hash89711a1150919edc93f67f067ef94f62 9f2ac701d67d1ab3a2efe7d4edc663d3d5270fef 6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 01:54:47 GMT
expires: Wed, 23 Apr 2025 01:54:47 GMT
cache-control: public, max-age=31536000
age: 109628
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0 Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 02:02:48 GMT
expires: Wed, 23 Apr 2025 02:02:48 GMT
cache-control: public, max-age=31536000
age: 109147
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap | 142.250.74.74 | 200 OK | 18 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap IP142.250.74.74:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash3b065b6898522abb5efd016c431e352e 5fe6ebc8faa406c9dca15accc7fa11ee8b5f7534 43917159ff2b0eb2c88150c707902308ac0cb96b9cdea717a66054e2fe3ba19f
GET /css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 08:21:55 GMT
date: Wed, 24 Apr 2024 08:21:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js | 151.101.129.91 | 200 OK | 22 kB |
URL GET HTTP/2fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js IP151.101.129.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21453), with no line terminators Hash58dd1a4eca6cd3e55b7ccf65804454f7 47b1426cb825ea719cf5dc383aa7bcdb0ec300cc a820bbfcbf9bb777fbafa11bb1fe416edb8c66a036785ae39dff48f0bc59daef
GET /embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 32
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=900, s-maxage=1800
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
age: 1086
date: Wed, 24 Apr 2024 08:21:56 GMT
x-served-by: cache-dfw-kdal2120070-DFW, cache-hel1410025-HEL
x-cache: HIT, MISS
x-cache-hits: 4, 0
x-timer: S1713946916.037210,VS0,VE130
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7790
X-Firefox-Spdy: h2
|
|
| getxitox.com/favicon.ico | 34.204.163.183 | 404 Not Found | 287 B |
IP34.204.163.183:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with no line terminators Hash2260986bad68f3bbb166830db30ca0e9 918b865e62703069fd60fd6d24c364ff7603d66d acc933b3feadaee1063d9af32403d644c80eecfa56549fdd0c9d264b6caec474
GET /favicon.ico HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629
Cookie: signifyd_token=756568796247001818; hasoffers_affiliate_id=2629; hasoffers_transaction=10294c8037ba3b57bfdff819d758bb; aff_sub1=178; aff_sub5=8712_sessid20240424082432313; tgopt_12129=1; tgopt_id=ig88yi3Ko4di4JMHp1Ji0UgCGtFi7g12; enterDate=Wed Apr 24 2024 08:21:55 GMT+0000 (GMT); _ga_SNNMPY2Z6B=GS1.1.1713946916.1.1.1713946916.60.0.0; _ga=GA1.1.869481757.1713946916
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 24 Apr 2024 08:21:56 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.22.1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg | 54.230.111.127 | 200 OK | 2.5 kB |
URL GET HTTP/2cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashaa99de29a7952e738d5b5e6ec8968e94 747482789054e483572f905cadc6841ba2f7bdfb cac5bfe56161ac8c9566a2470f15ebd0d3b702ff28c0868af988b6ebf49eecf3
GET /cyabags/5thglow-phone-inverted.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 23 Apr 2024 22:47:01 GMT
last-modified: Mon, 24 Jun 2019 02:14:42 GMT
etag: W/"4de1717957b315eb71c304f8ba029ae7"
x-amz-meta-sha256: fc4704f46cf73a52c423292dda6cd0fc8d521e60d20fc1561df114a0d86a55a1
x-amz-meta-s3b-last-modified: 20190613T093902Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xtEypaesDY0m4j275d8fdqEDhyBAwNiG8ETPXFCXyTyMy65j7YFF-A==
age: 34495
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/scripts/jquery.1.9.1.min.js | 54.230.111.127 | 200 OK | 93 kB |
URL GET HTTP/2cdn.truegcloud.com/scripts/jquery.1.9.1.min.js IP54.230.111.127:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32089) Hash397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
GET /scripts/jquery.1.9.1.min.js HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 26 Jan 2020 18:15:34 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Wed, 24 Apr 2024 05:04:36 GMT
cache-control: max-age=86400
etag: W/"397754ba49e9e0cf4e7c190da78dda05"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ADzgOM4MhVevKzbGHlXAWw2NwgB6MnaIKMhAcdDN84Yd87jh434CPg==
age: 11840
X-Firefox-Spdy: h2
|
|
| cdn-scripts.signifyd.com/api/script-tag.js | 143.204.55.126 | 200 OK | 11 kB |
URL GET HTTP/2cdn-scripts.signifyd.com/api/script-tag.js IP143.204.55.126:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn-scripts.signifyd.com Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (479) Hash73ca6f23f3e08738233832c7a7a0c30c ea99796907e4c2255f233a81242ee8a62e3b09b2 d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
GET /api/script-tag.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:51:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 24 Apr 2024 08:21:43 GMT
cache-control: max-age=1800
etag: W/"73ca6f23f3e08738233832c7a7a0c30c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JoPUK9rm_WS2MXXeO34ujQodaQlEyKlmnObAeoAPLAmNiRHC2jTChg==
age: 13
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=869481757.1713946916>m=45je44m0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1988320998 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=869481757.1713946916>m=45je44m0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1988320998 IP142.250.74.163:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10294c8037ba3b57bfdff819d758bb&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240424082432313&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=869481757.1713946916>m=45je44m0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1988320998 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 08:21:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|