| www.clkmg.com/healthylife1/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV | 44.231.167.250 | 302 Found | 230 B |
URL User Request GET HTTP/1.1www.clkmg.com/healthylife1/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV IP44.231.167.250:443
CertificateIssuerGlobalSign nv-sa Subject*.clkmg.com Fingerprint63:8A:A6:9B:36:83:0A:EC:38:E5:D8:2E:98:37:F2:E2:93:A9:E6:B6 ValidityWed, 28 Feb 2024 22:20:05 GMT - Mon, 31 Mar 2025 22:20:04 GMT
File typeHTML document, ASCII text Hash849487c61ea75f8ca34e2105b6809229 224556f945b6e5514edcea0d21caa6ad2648a429 1e2585796c0d0daae4bb4e350e861f20bba2e64acc9148fd2733c41eb3857d95
GET /healthylife1/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV HTTP/1.1
Host: www.clkmg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: undefined-origin
Access-Control-Max-Age: 300
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 08 May 2024 21:14:09 GMT
Location: https://mweboutstanding.com/8712/178/3/?subid=
P3P: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server: nginx
Set-Cookie: alc=1; domain=.clkmg.com; expires=Wed May 8 21:14:14 2024; path=/;
vid=1012019030; domain=.clkmg.com; expires=Thu May 8 21:14:09 2025; path=/; SameSite=None; Secure;
X-CM-FE: httpfe-0
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Length: 230
Connection: keep-alive
|
|
| www.protectedwebnexussl.com/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV | 104.21.83.246 | 302 Found | 933 B |
URL User Request GET HTTP/2www.protectedwebnexussl.com/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV IP104.21.83.246:443
CertificateIssuerGoogle Trust Services LLC Subjectprotectedwebnexussl.com Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT
Hashf60594f8dfbf5973dda0bf7633e6aab5 35dcbfefc39ced80054887976a2385744d5bc6df ea97ca55bece07972bf4b8aa6272d35c084507c9eae8e66edcc3a4371f2cb5eb
GET /wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 21:14:08 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.clkmg.com/healthylife1/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-1
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRnA%2FIqG7WabjDq5BUa%2BF6owxpVTLhCk6SaIo5xkdUlIOsbUgk4eQ4zjQcbqGJbLHT1uvBlxkgeb5m8Ha8tb%2BpOu%2FKR7Hn0u9D26pQugYOY8iaUi3IuCA%2FEGC77BdrL6ghoMHdj1ayjJ1H3qSrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c7525dde85684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mweboutstanding.com/8712/178/3/?subid= | 104.21.91.180 | 302 Found | 6.6 kB |
URL User Request GET HTTP/2mweboutstanding.com/8712/178/3/?subid= IP104.21.91.180:443
CertificateIssuerGoogle Trust Services LLC Subjectmweboutstanding.com FingerprintE2:6A:CB:7E:28:EA:21:2A:DA:A1:87:08:F7:4C:BC:7D:42:17:36:CD ValidityTue, 07 May 2024 09:31:15 GMT - Mon, 05 Aug 2024 09:31:14 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashd8a24ed33c071be829287baef5977cf9 c9c8957af4319863624dbf848bb064014fbb5c07 884b8d777357dc1003d7433dba0cbad76539f41b3cc9d02940540145ea0c7380
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8712/178/3/?subid= HTTP/1.1
Host: mweboutstanding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 21:14:09 GMT
content-type: text/html; charset=UTF-8
location: https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240508211629265&aff_sub=178
cache-control: max-age=3600, private
pragma: no-cache
expires: Wed, 08 May 2024 22:16:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbTuxAFjHuSB1LQ; SameSite=Lax; path=/; expires=Thu, 09-May-24 20:14:09 GMT; HttpOnly
server: cloudflare
cf-ray: 880c75301fd256a2-OSL
X-Firefox-Spdy: h2
|
|
| tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240508211629265&aff_sub=178 | 52.16.152.21 | 302 Found | 392 B |
URL User Request GET HTTP/1.1tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240508211629265&aff_sub=178 IP52.16.152.21:443
CertificateIssuerAmazon Subjecttracking.getxitox-at.com Fingerprint93:AF:69:32:64:D7:9D:1C:FB:83:DD:A7:3C:31:62:F9:8B:AD:7D:8D ValidityThu, 27 Jul 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash7a7c57353da68d15fa132edf2ba917c5 93305087eea4be35960befffa6c0f52b9a91f280 dddc5babe7d6cf9945746454bbc812eb2573569dd434beee91875c3189cfbc2e
GET /aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240508211629265&aff_sub=178 HTTP/1.1
Host: tracking.getxitox-at.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 21:14:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 392
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_111=1969; expires=Thu, 09 May 2024 21:14:10 GMT; path=/; SameSite=None; Secure
enc_aff_session_111=ENC038d746c9b83eb272276187869503f48532bf016d13e3ed8e95929ed894fb52094667c2f964940e0082dc975fec558db1302b8ce78f01105980548a96504dae3543792f0aa1cd9c6f9f9f5723bfcc9ee4808e6924d7d49fee6c31be1913fb0e36ddcbeb8f49d0dfc4df6575d9e67263a8474c822a32ebfe9c335cf28423e502258fec95370fbca044246e32ebca2fdc85d4ecd02883600f1da7445d83150cbb06d266a9d64; expires=Sat, 08 Jun 2024 21:14:10 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sat, 03 Apr 2027 07:54:10 GMT; path=/; SameSite=None; Secure
Tracking_id: 10202b5323eb42a3a3e64e881072d9
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: ce632333a59622007e7987947a24dd17
Access-Control-Allow-Headers: Tune-SDK-Version
|
|
| www.protectedwebnexussl.com/ | 104.21.83.246 | | 167 B |
URL www.protectedwebnexussl.com/ IP104.21.83.246:0
CertificateIssuerGoogle Trust Services LLC Subjectprotectedwebnexussl.com Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 21:14:10 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 May 2024 22:14:10 GMT
Location: https://www.protectedwebnexussl.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1SMo3u04Z9B6cnzseRMmkWwSnVvXYnnhAOjv0qMcG7DFvb%2F25EqNgFQjghR29BB3c%2FO9dP2IzRK0XNm3Eh%2BlIdvfCN3sdACt0O%2F0L1VOnRWmSjcSUdCnNfsPYRTwqD9RcgH%2F6DP0261GDDqx%2Bo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880c75384b0fb4f9-OSL
alt-svc: h2=":443"; ma=60
|
|
| getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 | 54.81.48.211 | 200 OK | 134 B |
URL User Request GET HTTP/2getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP54.81.48.211:443
CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 08 May 2024 21:14:10 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://getxitox.com:443/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
|
|
| getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 | 23.22.56.3 | 200 OK | 17 kB |
URL User Request GET HTTP/2getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP23.22.56.3:443
CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (456) Hash2da9c0168888eacb1300173257c9d319 a0c21074325da112692cd9d87e2ef16a3b5e24d4 fdeed526dafe5b6e48cf8a22ba8631e57c29eaa9346006034bc196475364b248
GET /go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/html; charset=UTF-8
content-length: 17114
server: nginx/1.22.1
x-powered-by: PHP/5.6.40
set-cookie: signifyd_token=3217298699480405103; expires=Thu, 09-May-2024 21:14:11 GMT; Max-Age=86400; path=/
hasoffers_affiliate_id=2629; expires=Thu, 09-May-2024 21:14:11 GMT; Max-Age=86400; path=/
hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; expires=Sat, 06-May-2034 21:14:11 GMT; Max-Age=315360000; path=/; domain=.getxitox.com
aff_sub1=178; path=/; domain=.getxitox.com
aff_sub5=8712_sessid20240508211629265; path=/; domain=.getxitox.com
visitedindexnoaffprog-maxwebphp=1; expires=Tue, 06-Aug-2024 21:14:11 GMT; Max-Age=7776000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/main.css | 23.22.56.3 | 200 OK | 2.9 kB |
URL GET HTTP/2getxitox.com/css/main.css IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeassembler source, ASCII text Hashe4e674b25abd1be51b1534dbce77c66b 556a1f78b26f233333259ad453956f85dc56358f 3b480a14755e94f7e571c13d16ebdb9c335a415f8e4cfd90c9e81bc5ec3683bb
GET /css/main.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/css
content-length: 2920
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "2fb4-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/all.min.css | 23.22.56.3 | 200 OK | 12 kB |
URL GET HTTP/2getxitox.com/css/all.min.css IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (54998), with no line terminators Hashedd84d47691f748dbd6414c9c0234d78 107a773061dee58f1ebec5738f49b8ba2c230bbb c5c6e9f9c3344800ce30b5186cecaa2502c43338e3083072a9fe25893dc11cef
GET /css/all.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/css
content-length: 11944
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "d6d6-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashd29858124b9e92fbb50df32d4ed81108 e05f25e7ad8cd2ab8dbf967fa6e5721d8193af97 c2a3ffc8b6994a69332d1e7d5e1a62d494a9ad37fe4a2af6257d369706782824
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 21:14:11 GMT
Last-Modified: Wed, 08 May 2024 20:43:37 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P4DwcBRQWExI5S71Z-jj6IvSX76_rsOz_B7kk5vo0k1jzdCNKAIMEw==
Age: 1834
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashd29858124b9e92fbb50df32d4ed81108 e05f25e7ad8cd2ab8dbf967fa6e5721d8193af97 c2a3ffc8b6994a69332d1e7d5e1a62d494a9ad37fe4a2af6257d369706782824
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 21:14:11 GMT
Last-Modified: Wed, 08 May 2024 20:43:37 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kz7tIOvFb_b8q_fqR-GwqDG1x7hoFhEndhgksmUsotK4KjaXYdUFHQ==
Age: 1834
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashd29858124b9e92fbb50df32d4ed81108 e05f25e7ad8cd2ab8dbf967fa6e5721d8193af97 c2a3ffc8b6994a69332d1e7d5e1a62d494a9ad37fe4a2af6257d369706782824
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 21:14:11 GMT
Last-Modified: Wed, 08 May 2024 20:43:38 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TGapgLxQM9-CeiBTMP7DfxvBvvRvDxrhP5tZx1HWOy6u-kLGkZ9dpA==
Age: 1833
|
|
| getxitox.com/css/skeleton.min.css | 23.22.56.3 | 200 OK | 23 kB |
URL GET HTTP/2getxitox.com/css/skeleton.min.css IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65324) Hasha15c2ac3234aa8f6064ef9c1f7383c37 6e10354828454898fda80f55f3decb347fd9ed21 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
GET /css/skeleton.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/css
content-length: 23238
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "2606e-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/redscarcitybar2.css | 23.22.56.3 | 200 OK | 901 B |
URL GET HTTP/2getxitox.com/css/redscarcitybar2.css IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeassembler source, ASCII text Hash61bf4c685b40b856be942d3bb821e648 c2677116b2a29935e903bb916f1f43b091ccb24e 6c54cb4464bf269625714bf7c58f4799e6ba8528d7d7de58be62a3881a1e866f
GET /css/redscarcitybar2.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/css
content-length: 901
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "e1a-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/slidereveal.js | 23.22.56.3 | 200 OK | 1.6 kB |
URL GET HTTP/2getxitox.com/js/slidereveal.js IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash31f5a3f634189d0d865a11c9e11d0d79 c00f665e9d15a33455d947b2fa75b731cbd54753 79cddd678b3f3282adb888ed5685ea33f61c3d7dfd562025aa1231fe40ba1140
GET /js/slidereveal.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: application/javascript
content-length: 1550
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "159f-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/skeleton.bundle.min.js | 23.22.56.3 | 200 OK | 22 kB |
URL GET HTTP/2getxitox.com/js/skeleton.bundle.min.js IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65297) Hasha454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
GET /js/skeleton.bundle.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: application/javascript
content-length: 22295
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "1332b-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/jquery.min.js | 23.22.56.3 | 200 OK | 31 kB |
URL GET HTTP/2getxitox.com/js/jquery.min.js IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashf832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
GET /js/jquery.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: application/javascript
content-length: 30675
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "15850-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-169212633-21 | 142.250.74.72 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-169212633-21 IP142.250.74.72:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash8101e30fb56685250f86e37cb6ca9c53 4cc7a460056e85e49c773498593ef04edac241b8 37c3b25858b34f705001a59eb910bd58b7ee05ed76fe062d781bd98b5d9aa372
GET /gtag/js?id=UA-169212633-21 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 21:14:11 GMT
expires: Wed, 08 May 2024 21:14:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashd29858124b9e92fbb50df32d4ed81108 e05f25e7ad8cd2ab8dbf967fa6e5721d8193af97 c2a3ffc8b6994a69332d1e7d5e1a62d494a9ad37fe4a2af6257d369706782824
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 21:14:11 GMT
Last-Modified: Wed, 08 May 2024 20:36:38 GMT
Server: ECAcc (amb/6B0A)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NxfF37FqPSbHDuSmqVKaInyEsc3n8F4M4CMu2sSrXhhG9ZKsI9Gp6A==
Age: 2253
|
|
| cdn.truegcloud.com/nutonen/footer-logo.png | 54.230.111.43 | 200 OK | 18 kB |
URL GET HTTP/2cdn.truegcloud.com/nutonen/footer-logo.png IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 422 x 248, 8-bit/color RGBA, non-interlaced Hash86596e58694fe751bc0e74ef3a60986a 9c313a53061f7ed13900b1dc8d1c5bdf60236834 ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef
GET /nutonen/footer-logo.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 18384
last-modified: Tue, 07 May 2019 07:37:36 GMT
x-amz-meta-sha256: ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef
x-amz-meta-s3b-last-modified: 20190411T081706Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 06:52:40 GMT
etag: "86596e58694fe751bc0e74ef3a60986a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3S8CWDfLesGJcki9LBeaZdCPN6RazM_MJbfkz3cXMunyErVDr0TnbQ==
age: 51693
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png | 54.230.111.43 | 200 OK | 19 kB |
URL GET HTTP/2cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 216 x 133, 8-bit/color RGBA, non-interlaced Hashaf6ffdf43cacfbdebbbed0a4a27c804e 0424ceeb566c683b7f4616f5f96484962e2ee3af 4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f
GET /simplepromise/SP-Logo-Hanging.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 18574
last-modified: Mon, 13 Apr 2020 03:02:47 GMT
x-amz-meta-sha256: 4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f
x-amz-meta-s3b-last-modified: 20200413T030146Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 03:39:23 GMT
etag: "af6ffdf43cacfbdebbbed0a4a27c804e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nmuJ0ia-X80l9eTAoQdmtB92IFgmDlEVIkPitbF-KbUy8hOgcc89Iw==
age: 63290
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/icon-location1.svg | 54.230.111.43 | 200 OK | 913 B |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-location1.svg IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd3439fa1b0a4ae681311fec979521f2b 11ddfe16802c9d418318933e47478bc4766a297f f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503
GET /nutonen/icon-location1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 913
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503
x-amz-meta-s3b-last-modified: 20190411T064308Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 05:08:28 GMT
etag: "d3439fa1b0a4ae681311fec979521f2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rVdITAyRFwBVakU46BqWldxmvlKO7QkNI4_hjOF3O_yvbNL1amlveQ==
age: 57945
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/icon-mail1.svg | 54.230.111.43 | 200 OK | 878 B |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-mail1.svg IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashf89f1e4f86398ef896edd781d500d16f 0894b8e3cfb486cfc9269842e3a5e77f033d618d 4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3
GET /nutonen/icon-mail1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 878
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: 4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3
x-amz-meta-s3b-last-modified: 20190411T064330Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 03:46:21 GMT
etag: "f89f1e4f86398ef896edd781d500d16f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ark2UT22yxzT0L6UfX7Hz77QuX7nALNWgBIY-uKGZrRavze9ujzBRg==
age: 62871
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/citroburn/images/MBG-Desktop.png | 54.230.111.43 | 200 OK | 57 kB |
URL GET HTTP/2cdn.truegcloud.com/citroburn/images/MBG-Desktop.png IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 750 x 150, 8-bit/color RGB, non-interlaced Hashc05b836a7658a41daf2dc51be5737be0 a6af6ccb982624a38f1f86c60934c7e4428dabf4 fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5
GET /citroburn/images/MBG-Desktop.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 57158
date: Wed, 08 May 2024 05:10:11 GMT
last-modified: Thu, 20 Aug 2020 10:52:29 GMT
etag: "c05b836a7658a41daf2dc51be5737be0"
x-amz-meta-sha256: fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5
x-amz-meta-s3b-last-modified: 20200820T105220Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B-v_8fNZfHlnL12uBRiJNj6PNyIrXqChGKoDIlhIZYDAQDyMrhWrTA==
age: 57842
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp | 54.230.111.43 | 200 OK | 22 kB |
URL GET HTTP/2cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash0b9b41de247a630e02f2e70b9ad4e6be 033d5726086977b3eab3423bf8f0879f9ef65c27 3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee
GET /epishieldplus/optimized-images/newseal.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22242
last-modified: Mon, 29 Jun 2020 07:01:49 GMT
x-amz-meta-sha256: 3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee
x-amz-meta-s3b-last-modified: 20200629T070116Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 06:29:16 GMT
etag: "0b9b41de247a630e02f2e70b9ad4e6be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3qgRx8Wt7gnmSopLtK7Fdli4gTqk59Gyom302P53oC8P3RfUqjwpsg==
age: 53097
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp | 54.230.111.43 | 200 OK | 63 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash29c062cc5de9d03762bf531f09c243ad 34f557539b1226e9ee6d8635d9b0c3b7ffd7da02 35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 63072
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 20:03:49 GMT
etag: "29c062cc5de9d03762bf531f09c243ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qEATA-loXQslrd3afjeh48JvyWxmw8M-R_cNI3Ez-jLBcF_4u7-bbw==
age: 4224
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp | 54.230.111.43 | 200 OK | 69 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash09455703253cc258426078c211587e22 7c0b8afb0b3906a00c241a042794900eb65f22dd 8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 68632
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f
x-amz-meta-s3b-last-modified: 20230406T073709Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 20:03:46 GMT
etag: "09455703253cc258426078c211587e22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T5_MlDRLgkLq1czZ1ovuK6ydoAdy7coQmotngsvOfMSdkPGDlDriSw==
age: 4227
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp | 54.230.111.43 | 200 OK | 14 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha95ee5c046085a1dc469198e6531a013 3ec4c8806bd2c987f9b9199394f2e2e8185af8a7 c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9
GET /xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 13484
last-modified: Fri, 11 Aug 2023 09:35:58 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9
x-amz-meta-s3b-last-modified: 20230811T093449Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 20:03:49 GMT
etag: "a95ee5c046085a1dc469198e6531a013"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -XBqfFRgiuJsFg-cFKsqMisoz-F-Lp4LputTnFUg1LG0ag162TP99w==
age: 4224
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/images/bottle_mention.webp | 54.230.111.43 | 200 OK | 76 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/images/bottle_mention.webp IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash01a497cf3255f7721149cff77097b1f4 0ad9dc18e4e841527c2c6a2c094d0a9b84073d3f 1e939493061d3e2fe602b8aa184a1c74756a59808656a50b1ac3ebb05c0498ef
GET /xitox/images/bottle_mention.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 75832
last-modified: Thu, 13 Apr 2023 08:58:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 11:57:00 GMT
etag: "01a497cf3255f7721149cff77097b1f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wGzK8-Vh9uUgvgfPGponJ6rOEhFuu_uNSXm6i-VS2_lwrMaBG66xeg==
age: 33433
X-Firefox-Spdy: h2
|
|
| main.tgoptimize.com/load.js?r=0.7712454490212516&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 | 18.235.150.85 | 200 OK | 1.4 kB |
URL GET HTTP/2main.tgoptimize.com/load.js?r=0.7712454490212516&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 IP18.235.150.85:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectmain.tgoptimize.com Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14 ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashb188fb0f8480736653e820ce69b99702 71bd144ac40bc02ebfed6039546ff8201646ab66 98ff3c4e5b85ae5f067287d3c449c975af8b88e59b69f7b41f1b98049d9d5563
GET /load.js?r=0.7712454490212516&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:12 GMT
content-type: text/html; charset=UTF-8
content-length: 1430
server: Apache
set-cookie: tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1; expires=Thu, 05-May-2039 21:14:12 GMT; Max-Age=473040000; path=/
X-Firefox-Spdy: h2
|
|
| main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1&r=0.5877148816024094&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 | 18.235.150.85 | 200 OK | 35 B |
URL GET HTTP/2main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1&r=0.5877148816024094&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 IP18.235.150.85:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectmain.tgoptimize.com Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14 ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT
File typeGIF image data, version 87a, 1 x 1 Hash729c3007a8ed0597531b0c76d54a94bb 90fe9b8a8142548fdfab29f59cb0a164a0eaef81 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /my.gif?verifier=&tgopt_12129=1&tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1&r=0.5877148816024094&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:12 GMT
content-type: image/gif
content-length: 35
server: Apache
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC | 142.250.74.72 | 200 OK | 107 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC IP142.250.74.72:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (53481) Size107 kB (107222 bytes) Hash7f5823b97393a56f0b27f28183e524b5 d02c67d99acee0072f1f3fda04d3030f3c39a06c 5a024f837d1b625e2409cac25af13196f422bec4bce8f6c50339b63970a6e440
GET /gtm.js?id=GTM-KMZ74FC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 21:14:12 GMT
expires: Wed, 08 May 2024 21:14:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 107222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 585370
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/icon-phone1.svg | 54.230.111.43 | 200 OK | 1.5 kB |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-phone1.svg IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hashe376eecb3f810bf4f5176f1a98fe501c 2cb7f7f3f7c8eac8220a9711561d771000898f61 ebf1358b4aa51e2fa9d652780e885f5733b7b0351787cbfb56b7b9781606f36a
GET /nutonen/icon-phone1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 08 May 2024 05:10:11 GMT
last-modified: Tue, 07 May 2019 07:49:38 GMT
etag: W/"3aa1961a3af018163eb0f8e09fea1239"
x-amz-meta-sha256: 6776eab96b7b8ff2ddaf5c5d06c92b468c648d1d20f3712ff3aef3c0373df9a8
x-amz-meta-s3b-last-modified: 20190411T064318Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J-8GDzubCB_xYWnz3MieXXI8fZ8tRtIubssVZpZQtoF6pXaMCxWOeA==
age: 57842
X-Firefox-Spdy: h2
|
|
| getxitox.com/webfonts/fa-solid-900.woff2 | 23.22.56.3 | 200 OK | 74 kB |
URL GET HTTP/2getxitox.com/webfonts/fa-solid-900.woff2 IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 73852, version 1.0 Hashfb493903265cad425ccdf8e04fc2de61 fef2f08d60e907750df0bc41ce64a7139642ddf0 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
GET /webfonts/fa-solid-900.woff2 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/css/all.min.css
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265; tgopt_12129=1; tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:12 GMT
content-length: 73852
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "1207c-61783c1922900"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn-scripts.signifyd.com/api/script-tag.js | 143.204.55.70 | 200 OK | 27 kB |
URL GET HTTP/2cdn-scripts.signifyd.com/api/script-tag.js IP143.204.55.70:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn-scripts.signifyd.com Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hashc58febf8b98f3d24f9dea403fcda1f03 6391bb167c436b2a3a9498a270e1aa0d7cf7e57d e4e71a22eee9d6d23afd960e16cc2ef99c3ea9ac65e17fad2ebcd5eda4a763c6
GET /api/script-tag.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:51:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 08 May 2024 20:51:43 GMT
cache-control: max-age=1800
etag: W/"73ca6f23f3e08738233832c7a7a0c30c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LAkzeO-0o_7WaItsBU7F8L44wqmj-6bq092vkB6fV3nXzDvC9Q8inw==
age: 1349
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/scripts/jquery.1.9.1.min.js | 54.230.111.43 | 200 OK | 221 kB |
URL GET HTTP/2cdn.truegcloud.com/scripts/jquery.1.9.1.min.js IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typegzip compressed data, from Unix Size221 kB (220635 bytes) Hash02522fd5627f41bc1132e91c7d0f41ce 51a54014c51d0ba204de9941edbbd1b73673e4ed eb56e1c1fa49b65962f9deb2bd3efb1eb29a19d3da798c858da5e131fbf9e67f
GET /scripts/jquery.1.9.1.min.js HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 08 May 2024 05:13:56 GMT
last-modified: Sun, 26 Jan 2020 18:15:34 GMT
etag: W/"397754ba49e9e0cf4e7c190da78dda05"
cache-control: max-age=86400
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 14bZ84CnMOftkYV9uCPaC8TUFW7LUbAR7fygQ6zQQBtO0ndXbd9fYg==
age: 57617
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/epishieldplus/newseal.png | 54.230.111.43 | 200 OK | 29 kB |
URL GET HTTP/2cdn.truegcloud.com/epishieldplus/newseal.png IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 318 x 311, 8-bit colormap, non-interlaced Hashe279243ea699343e8c39ed7b821e8430 6e91efc8e714a73b63a0f91022987ae06d620f44 f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b
GET /epishieldplus/newseal.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 28820
last-modified: Mon, 29 Jun 2020 07:24:56 GMT
x-amz-meta-sha256: f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b
x-amz-meta-s3b-last-modified: 20200629T072358Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 08:24:37 GMT
etag: "e279243ea699343e8c39ed7b821e8430"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fLokeuS8h-_z44XTeCCdft0zEZ7LfHc-LAoIq1GUD0EUySDFmWhLjg==
age: 46176
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0 Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:55:21 GMT
expires: Sat, 03 May 2025 01:55:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 501531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 585370
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 | 216.58.207.227 | 200 OK | 34 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 34288, version 1.0 Hash71221d6bf4204042b1bbc3902d08a81b 92a10d7982d33e1e216ee8e1aec79c3ae8bcb8b6 92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
GET /s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:10:20 GMT
expires: Fri, 02 May 2025 02:10:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
age: 587032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn-scripts.signifyd.com/api/company_toolkit.js | 143.204.55.70 | 200 OK | 29 kB |
URL GET HTTP/2cdn-scripts.signifyd.com/api/company_toolkit.js IP143.204.55.70:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn-scripts.signifyd.com Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hashd4023a5c407812574dee742d18be81a0 f52d93e8ecad780f5b4bb107158005b6f02a321e 430e88614f1db37fbf1bb69eaad7afd81953750ba0a71c0a3d77db42094dcc7d
GET /api/company_toolkit.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 30 May 2023 10:18:44 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 08 May 2024 20:59:39 GMT
cache-control: max-age=1800
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ixgJWFDyCCAdh5TUh4NkDDtdt1yUrZ_q_d74Pm7xBC8AtvUavWYI4w==
age: 876
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp | 54.230.111.43 | 200 OK | 54 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash022d788f32d49ab893e886a0b76cd2fc 4a8afaf743570c7cf07102b4d802ae5b35907e1d 4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 53456
date: Wed, 08 May 2024 21:14:13 GMT
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
etag: "022d788f32d49ab893e886a0b76cd2fc"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TkBaMXdzPlARttFVDFNSnpfEBmXwyGfHcBTG215g-57pHWJvRbwU_A==
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js | 151.101.1.91 | 200 OK | 7.8 kB |
URL GET HTTP/2fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21453), with no line terminators Hash58dd1a4eca6cd3e55b7ccf65804454f7 47b1426cb825ea719cf5dc383aa7bcdb0ec300cc a820bbfcbf9bb777fbafa11bb1fe416edb8c66a036785ae39dff48f0bc59daef
GET /embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 34
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=900, s-maxage=1800
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 May 2024 21:14:13 GMT
age: 506
x-served-by: cache-dfw-kdal2120070-DFW, cache-hel1410029-HEL
x-cache: HIT, MISS
x-cache-hits: 39, 0
x-timer: S1715202853.999937,VS0,VE133
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7790
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c IP142.250.74.72:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash0aa77ca5dabf47a7b5bf214ecbf01979 ef6803ebaddda0bb30219c080b5490f86fb39477 bcafd95636462ffc532e2a22ce5c0a4089ff6c7ca0dc5198dbeb2a49968a8c36
GET /gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 21:14:13 GMT
expires: Wed, 08 May 2024 21:14:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| imgs.signifyd.com/wsody8j9rt00pmvs.js?43ne8gvs1si8j1ni=w2txo5aa&r81muykienvk6574=3217298699480405103 | 91.235.133.113 | 200 OK | 13 kB |
URL GET HTTP/1.1imgs.signifyd.com/wsody8j9rt00pmvs.js?43ne8gvs1si8j1ni=w2txo5aa&r81muykienvk6574=3217298699480405103 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeJavaScript source, ASCII text, with very long lines (15389) Hash9f435d901511206559c0b375b6ff9b13 d97eccf0601b32a386c2d2413654c8d5f57933da 515d8ede4188ef5099d33c2e8564e872be965d2ec31cff624f1e5ea5ae205df4
GET /wsody8j9rt00pmvs.js?43ne8gvs1si8j1ni=w2txo5aa&r81muykienvk6574=3217298699480405103 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:13 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Set-Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
|
|
| fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js | 151.101.1.91 | 200 OK | 253 kB |
URL GET HTTP/2fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size253 kB (252774 bytes) Hash21ea705829c05759544342ba2f4ac461 2fa8e86431a1468bf7bbceb53b8662101bc70da8 b1ccbf581da817ca36d109e168b2cec2a34e7884c8e20c6722c6bff41da53b60
GET /players/v.4.2.1.000-vid-prod/player.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPo5Lg48CpwLdCNW2rFusARl9mmOn5dmITcmLSHJfHJQ3WKJzSL4ADAT93v8t8VUudGNWUlrOwG3SA
cache-control: public, max-age=86400, s-maxage=2592000
expires: Sun, 03 Mar 2024 11:03:19 GMT
last-modified: Fri, 02 Feb 2024 10:27:41 GMT
etag: "4fe59d178779b42a5f9c26452a22bdc2"
x-goog-generation: 1706869661807310
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 252774
x-goog-meta-surrogate-key: player-versioned
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=X1iFKw==, md5=T+WdF4d5tCpfnCZFKiK9wg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1926766
date: Wed, 08 May 2024 21:14:13 GMT
x-served-by: cache-dfw-kdfw8210138-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 377936, 0
x-timer: S1715202853.286634,VS0,VE1
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 252774
X-Firefox-Spdy: h2
|
|
| d10lpsik1i8c69.cloudfront.net/w.js | 54.230.241.113 | 200 OK | 2.8 kB |
URL GET HTTP/2d10lpsik1i8c69.cloudfront.net/w.js IP54.230.241.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hashcbe3202152142e161990b7919d380132 115f5442b6c41bb655e906d5daa7cb8a4bb11cb8 83553c81d3974130334035b21e11d3129e05f0392c0ecb5928e09a4b4fd05a0c
GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 08 May 2024 20:23:39 GMT
cache-control: max-age=3600
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3MRX-qtI_2lFE54NRJaIPvYQzml5_GyiRdQedSbkOmaILg13-hxx-A==
age: 3035
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=187997704.1715202853>m=45je4510v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=59471148 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=187997704.1715202853>m=45je4510v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=59471148 IP142.250.74.163:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=187997704.1715202853>m=45je4510v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=59471148 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 21:14:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| getxitox.com/favicon.ico | 23.22.56.3 | 404 Not Found | 1.4 kB |
IP23.22.56.3:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hashbec01589b1df75785f8cbc2670a02c86 4ccf383762cdf288ec429920e670b8a2af2c7935 5a8c911d28f97af7852744151db510b540f2dbdd09fed139d6740c4f716f720a
GET /favicon.ico HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265; tgopt_12129=1; tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1; enterDate=Wed May 08 2024 21:14:12 GMT+0000 (GMT); _ga_SNNMPY2Z6B=GS1.1.1715202853.1.1.1715202853.60.0.0; _ga=GA1.1.187997704.1715202853
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Wed, 08 May 2024 21:14:13 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.22.1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 | 151.101.1.91 | 200 OK | 60 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashbb832cf8865dc7037ea21352c755da04 46c3b18627b8a603947e0bda666c82c769c2c522 ef601bbf5efb4e47db18c4b7858513cd182d221b44098beab6e3d84d3b053ba0
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 59930
x-guploader-uploadid: ABPtcPqLEnakTffi6lBwaoRqvU3vv7zb92rK9OIsV_i4E14p4YAn1OL8ymoeBZf5anHVhXTnOneuQqTrfQ
cache-control: public, max-age=31104000
expires: Thu, 03 Apr 2025 13:01:22 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "bb832cf8865dc7037ea21352c755da04"
x-goog-generation: 1693324458401827
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 59930
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=5Rge5g==, md5=u4Ms+IZdxwN+ohNSx1XaBA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2621572
date: Wed, 08 May 2024 21:14:13 GMT
x-served-by: cache-dfw-kdal2120023-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 500, 0
x-timer: S1715202854.829901,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 | 151.101.1.91 | 200 OK | 46 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashdc6e5df96aa662744cfe6bbdb276d17d dc4994afb2fe9a920b5c6f328b0fc93b31342aae 6a384320df21e240d2b0c9d0adf9993fbc72c69ecafce6c6e8bd85099f2fa430
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 46406
x-guploader-uploadid: ADPycdvl9tUYJsOSc0CQuPe0acpD2ES6XmvIfTXgyWdDIcU9_y9N7rZIjW6jNRDYyZOuGHI624-8V_-Tj7s2zhkvPpy-JluPtmsw
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "dc6e5df96aa662744cfe6bbdb276d17d"
x-goog-generation: 1693324458399105
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 46406
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Rc2Iow==, md5=3G5d+WqmYnRM/mu9snbRfQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1238495
date: Wed, 08 May 2024 21:14:13 GMT
x-served-by: cache-dfw-kdfw8210043-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 1206, 0
x-timer: S1715202854.830487,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts | 151.101.1.91 | 200 OK | 35 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash5c5618a29d45a23b88d2203da2c52649 8ae3529c5b0a94f1fb7621f7e7034dc2c45d610b 43bfb43eb0a7f2b3faaae84c7d460e74277955f9fcdc496b134bb28621df5179
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 34968
x-guploader-uploadid: ABPtcPrVJV-F4L5jmSAtnNyhFr3qd44tEYX7SuZlgeRfyAqmYm1gPjjfwBskHiWo_kjjb30knzTDcEsqYDQT4YlVDguWaoDp10yo
cache-control: public, max-age=31104000
expires: Fri, 15 Nov 2024 12:05:27 GMT
last-modified: Tue, 29 Aug 2023 15:52:06 GMT
etag: "5c5618a29d45a23b88d2203da2c52649"
x-goog-generation: 1693324326196317
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 34968
content-type: video/mp2t
x-goog-hash: crc32c=6HX6Lw==, md5=XFYYop1FojuI0iA9osUmSQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 08 May 2024 21:14:13 GMT
age: 1322329
x-served-by: cache-dfw-kdfw8210163-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 1530, 1
x-timer: S1715202854.947222,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| analytics-ingress-global.bitmovin.com/licensing | 35.190.27.197 | 200 OK | 77 B |
URL POST HTTP/2analytics-ingress-global.bitmovin.com/licensing IP35.190.27.197:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subject*.bitmovin.com FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT
Hash40f9443d5dc02e385b00b24c1f570269 c0e65fe8f73334d638173b9e33eff4f36d913104 ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 99
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: v1.62.1
date: Wed, 08 May 2024 21:14:13 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825za200&_p=1715202852640&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715202853&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5725 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825za200&_p=1715202852640&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715202853&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5725 IP216.239.34.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825za200&_p=1715202852640&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715202853&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5725 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 08 May 2024 21:14:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts | 151.101.1.91 | 200 OK | 160 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size160 kB (160176 bytes) Hash7fdcbc5ecf72c2dba9eccdac95c0cc60 c967d3220f65717f925b41f2fcc9f28ceac5337f 4104a53abb2627f21691f7dbbd6d787f5aee7c0326651e7103878343e679f185
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 160176
x-guploader-uploadid: ABPtcPpGUBBW_yJIVGa5Wmiz8vAhMkvji1ZzPIHkypzCKV1njR5w8iasUiU1O20_PvfVW9cn9jk
cache-control: public, max-age=31104000
expires: Thu, 16 Jan 2025 17:39:17 GMT
last-modified: Tue, 29 Aug 2023 15:50:41 GMT
etag: "7fdcbc5ecf72c2dba9eccdac95c0cc60"
x-goog-generation: 1693324241421854
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 160176
content-type: video/mp2t
x-goog-hash: crc32c=EYz/Ow==, md5=f9y8Xs9ywtup7M2slcDMYA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 43307
date: Wed, 08 May 2024 21:14:14 GMT
x-served-by: cache-dfw-kdfw8210085-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 15, 0
x-timer: S1715202854.933112,VS0,VE143
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| imgs.signifyd.com/A3SWFFq7cnWaKkHY?beaf29a2589913c8=7Y62mlvOzUZbmgCNynK8utUmF5gwIT2RD2tQxLBAz0ZnkcYQwu-_wNi0mL46r7ppZcURhFTCquwbNkfuoYKuNNcDka1HZsOdrN3mYnUidkpLnfJErwunwHfZexwBD27gbscbckwQ7GupGQbM | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/A3SWFFq7cnWaKkHY?beaf29a2589913c8=7Y62mlvOzUZbmgCNynK8utUmF5gwIT2RD2tQxLBAz0ZnkcYQwu-_wNi0mL46r7ppZcURhFTCquwbNkfuoYKuNNcDka1HZsOdrN3mYnUidkpLnfJErwunwHfZexwBD27gbscbckwQ7GupGQbM IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /A3SWFFq7cnWaKkHY?beaf29a2589913c8=7Y62mlvOzUZbmgCNynK8utUmF5gwIT2RD2tQxLBAz0ZnkcYQwu-_wNi0mL46r7ppZcURhFTCquwbNkfuoYKuNNcDka1HZsOdrN3mYnUidkpLnfJErwunwHfZexwBD27gbscbckwQ7GupGQbM HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 | 151.101.1.91 | 200 OK | 61 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash91ab9584d43ed322ce297c4beada2e1d ff66133b04457395acd80b0155761abb8811bbdd 317587a6fa28c2060c4c73cd5047b0101bd0caa39743f5b065d663f30f4a3f5e
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 61057
x-guploader-uploadid: ABPtcPrjMF5MHXWFw-6j0Ww5QojTVgKJ6OTeVhejt0ts3miaUO1qD9_dYyhgapQty-RR_JNmDg
cache-control: public, max-age=31104000
expires: Mon, 24 Feb 2025 08:00:11 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "91ab9584d43ed322ce297c4beada2e1d"
x-goog-generation: 1693324458420188
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 61057
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Yhv9Qg==, md5=kauVhNQ+0yLOKXxL6touHQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2713875
date: Wed, 08 May 2024 21:14:14 GMT
x-served-by: cache-dfw-kdfw8210161-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 2285, 0
x-timer: S1715202854.224116,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| imgs.signifyd.com/JF6e8DC_8o5b_2cO?d69beb3613cd06cf=3fxqhy_hn8uq9IG8I977h2RCpt07dSIx-U8qAj3xHKmM12uLmcGv3NyFF-8bLIRFdm72Nwvy9uMtPD-VrjbE5JCuaSrLlLiAjf1aAygNp2K6X9KFcMTsuR_QNpvViem8YUkkwRjzrQlM0ctEfBkcMRt9zv1RgNaT979Bf5Apuowh_DuER8M3dINYOA&jb=313a2624687b6777354469667578266a736f3f4e6b6e777a2e62716a3546617265666f782530323b36 | 91.235.133.113 | 200 OK | 46 kB |
URL GET HTTP/1.1imgs.signifyd.com/JF6e8DC_8o5b_2cO?d69beb3613cd06cf=3fxqhy_hn8uq9IG8I977h2RCpt07dSIx-U8qAj3xHKmM12uLmcGv3NyFF-8bLIRFdm72Nwvy9uMtPD-VrjbE5JCuaSrLlLiAjf1aAygNp2K6X9KFcMTsuR_QNpvViem8YUkkwRjzrQlM0ctEfBkcMRt9zv1RgNaT979Bf5Apuowh_DuER8M3dINYOA&jb=313a2624687b6777354469667578266a736f3f4e6b6e777a2e62716a3546617265666f782530323b36 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeJavaScript source, ASCII text, with very long lines (15506) Hash6e11138e4be1a164ec9574a4b1011fcb bcbe5ed97c4bff3a9f939c843f6828281a6011c0 64af4235e691d3eac6345d4fdc332aecc855fdb57c006548e2098e048c097892
GET /JF6e8DC_8o5b_2cO?d69beb3613cd06cf=3fxqhy_hn8uq9IG8I977h2RCpt07dSIx-U8qAj3xHKmM12uLmcGv3NyFF-8bLIRFdm72Nwvy9uMtPD-VrjbE5JCuaSrLlLiAjf1aAygNp2K6X9KFcMTsuR_QNpvViem8YUkkwRjzrQlM0ctEfBkcMRt9zv1RgNaT979Bf5Apuowh_DuER8M3dINYOA&jb=313a2624687b6777354469667578266a736f3f4e6b6e777a2e62716a3546617265666f782530323b36 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 5aa4812d252346af
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
|
|
| stats.vidalytics.com/awesome-log?cid=hLKq71Yz | 107.178.211.97 | 200 OK | 43 B |
URL GET HTTP/2stats.vidalytics.com/awesome-log?cid=hLKq71Yz IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=hLKq71Yz HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "hLKq71Yz/wgiDDcmsCgGJTH0l"
date: Wed, 08 May 2024 21:14:14 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/qtjqGBWEnY9Qexnz?3407b3b17a04fa17=vABwXctrn0D89F7kK3ap_WqEBMDezux3elcrKg94ZmR6JDw8vuOAhQGaQdDxgsDYh65ig3cGViAVkEJJ7np0ec7EKT9igwFixV6RedfRTTlRLLd4nY6kcgJ1GT4sM-Tm5xhdPNKONSpDh6NZ | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/qtjqGBWEnY9Qexnz?3407b3b17a04fa17=vABwXctrn0D89F7kK3ap_WqEBMDezux3elcrKg94ZmR6JDw8vuOAhQGaQdDxgsDYh65ig3cGViAVkEJJ7np0ec7EKT9igwFixV6RedfRTTlRLLd4nY6kcgJ1GT4sM-Tm5xhdPNKONSpDh6NZ IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /qtjqGBWEnY9Qexnz?3407b3b17a04fa17=vABwXctrn0D89F7kK3ap_WqEBMDezux3elcrKg94ZmR6JDw8vuOAhQGaQdDxgsDYh65ig3cGViAVkEJJ7np0ec7EKT9igwFixV6RedfRTTlRLLd4nY6kcgJ1GT4sM-Tm5xhdPNKONSpDh6NZ HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts | 151.101.1.91 | 200 OK | 1.7 MB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size1.7 MB (1703844 bytes) Hashbbc8b235acb49c32a227d2806b9a77bb 9d6edbe67629cbf19cf1c8646b83a803042dd016 c08fab17a1b7ccd9f2d3d6c259cd1ae680d51d38e45019f66b055e6369f29d62
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1703844
x-guploader-uploadid: ABPtcPqHuuF86veLmGM5qKVRAz-5VinWtJKlM4sncw7HWcVkURSQpWTCl8S9uRrF-lhCF5R3lGI
cache-control: public, max-age=31104000
expires: Tue, 08 Apr 2025 05:19:31 GMT
last-modified: Tue, 29 Aug 2023 15:51:36 GMT
etag: "bbc8b235acb49c32a227d2806b9a77bb"
x-goog-generation: 1693324296670685
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1703844
content-type: video/mp2t
x-goog-hash: crc32c=87ippA==, md5=u8iyNay0nDKiJ9KAa5p3uw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 08 May 2024 21:14:14 GMT
age: 707721
x-served-by: cache-dfw-kdfw8210164-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 370, 1
x-timer: S1715202854.272084,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts | 151.101.1.91 | 200 OK | 56 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash611179996a3c9bd41d228fba2460da0d 18c519295bfebe1f89c1c8c96dbf32dc6ff76058 2dec35022f925d2935a394d57da2ca699bc8a9f107a8c56cb40f412516e6835c
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 55460
x-guploader-uploadid: ADPycdtNu_u_yccZNO8LDr9JPtGDbovWO_1j7D5nUi_sR3mnnGPUkLuR7phm0IrpVl6OcdQmrtWhyi0q1IVT97pAhorIihVvadJ5
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "611179996a3c9bd41d228fba2460da0d"
x-goog-generation: 1693324327555621
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55460
content-type: video/mp2t
x-goog-hash: crc32c=Asyviw==, md5=YRF5mWo8m9QdIo+6JGDaDQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 633973
date: Wed, 08 May 2024 21:14:14 GMT
x-served-by: cache-dfw-kdfw8210040-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 506, 0
x-timer: S1715202854.226059,VS0,VE143
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu | 91.235.133.113 | 200 OK | 13 kB |
URL GET HTTP/1.1imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeHTML document, ASCII text, with very long lines (15506) Hashe4d267a85c56fcea9b4763e76984a9c1 e4a39ee360a226d9cb127600af07b19103d7ee84 9217944078598e95e4f3cb1c63ebd6e1fdf4f423bdd1e41ac4f949f3ef3a932d
GET /mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
|
|
| www.protectedwebnexussl.com/ | 104.21.83.246 | | 235 B |
URL www.protectedwebnexussl.com/ IP104.21.83.246:0
CertificateIssuerGoogle Trust Services LLC Subjectprotectedwebnexussl.com Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT
File typeHTML document, ASCII text Hashef2dcee44d4d66d0fe49998b3d3cb9b6 abbe1091c12266827b3e485f3b02265e974258ff 77dc83efa0f9fb0a2ab5dd51b442d69139eeee9f3d33ada7594398efdf867b56
GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 08 May 2024 21:14:14 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.protectedwebnexussl.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-2
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh7XnA1Ln4%2BNg9jTz7F%2FHXaYK7W%2B6zblWPhIXEkBAY0FqkI2%2Fi57EK2j6RuHI%2FsSmCRXTjld1BRXm2OQoDiZm2vvmhLEwWRA2Ah5jkwNYc3Pv9QDe%2FW6CjjILlrPXXbv%2Bo1%2BhLHb81ZPplSPxs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c754db92b56c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.protectedwebnexussl.com/ | 104.21.83.246 | | 14 kB |
URL www.protectedwebnexussl.com/ IP104.21.83.246:0
CertificateIssuerGoogle Trust Services LLC Subjectprotectedwebnexussl.com Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT
Hashe4fa387db31b824d1ac8980009a481c4 e60e86296d73223503b4692847b630d93001ad8e 185093326345de2cbebc324abd01034a75a8eba87551e5a6dcb4b374c233721b
GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 08 May 2024 21:14:12 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.protectedwebnexussl.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaujpA9MTsQczAgsXgulod9ejE%2BKZIYfqT7K7lWNggxIuMzPuyHt%2B%2FFND%2FzrzgePLKf5rBXZWdP7x6Su8EBynYQH5DYpzF1Pv3y2j9FR%2BdXecBI%2FgmYLrA3pmRnXJdIq1JSe1wHjYqhjHekBnzc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c75402b7e56be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.protectedwebnexussl.com/ | 104.21.83.246 | | 1.1 kB |
URL www.protectedwebnexussl.com/ IP104.21.83.246:0
CertificateIssuerGoogle Trust Services LLC Subjectprotectedwebnexussl.com Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT
File typeHTML document, ASCII text Hash16c4d771324df5c93d89d74c361a176b 599add70556463894f62d392970ece28241c9218 75844cc5365308aec6fc1dd01d430efe455763891fe1f0b58fab702ed267e082
GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 08 May 2024 21:14:13 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.protectedwebnexussl.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLA1v2YGLlTyIUcH%2BQHeW0FLKj3FLWFq5Gijnve0HBTvwBmt5R47xx0OynzHbPRZIWxxCyPWnStJQ5AohnrnCGYVrR0R%2Be5E0%2F%2FETzJqjw2i80LkUtqcoWXQXt81ioMb%2F3yLdLm9758Q9XucLAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c7543698156c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&ja=3a363424246b35322e723d3826663d313238327a333030362e69643539323030783130323424717a793f327038246c787235312c313238302e333232362e393a3a3824313832342c313238322e3330303624393030382c393032342c302c32246f743f303f6e37396c333934396536626630323b6234346a6c31303f62386166336334266f6c3f3224716b6c3f3a3c2664683d687474707127314127304e2d304e6f657c7869746f782e616d6f2530446f67273a4e69666465786e6f61646472726d65256563707f656a2e7068702533447670616c712d3b4639383238326235333233676036326331693b673e3c65303831303732643b27303663646e57717d6a312d33443137382530346366645d7b7d603a2d334c2532366166665d71776231273b4c273a3e616e665f73756234273146253034696e64577b756a35253344383733305d7367717b61663a38323c3035303832313334303930343d2d303e69666e696c696174655d6b662531463a3e30312e70643d352670683d673a32326664693d373d39393b6634656265383b3b3165603669313b3a31306c2668683d63353267336363606938646e6b643136333064643364603338343538313b6b6b2662736f3d4c696e777a246a7160354e6b7a6d66677825323039362468716f773f44616c7d70266668633d3438266c6f76703f322e7c786c35555c43266d617468703f353164373c30673c6a333e303862666466603a3b633b3b3e6e646c3c663f3066313261653166343663666e3c30313b353e6239663362633435356230646d3a642e783d786c7567696e5f646e63736a273d4d646964736d21706c7567696c5d75696c66677f715765656c69615f706c617b67702537476e696e7b6d21786c7567696e5f63666d62675d696b70676a617c25354566616c716723706e776f616c57797561636b74696d6527374766636e7b6d237864756f696e5f73686f6169756174672d3d476e696c7b6521706c75676b6c5d72676364786e6971657a25354566616c716723706e776f616c577e6c6b5f706c617965702737456463647b6729786c7d67696e5f646574636e7670273d4d646964736d21706c7567696c5d7176655d7e61677f6d722d354566616c736723726c776561665d6269766925354566616c716724636166353a3538383130&jb=3b37266e7335456d72616c6461253246352e322730302a5a3939273b4a253a304c696e7578273032783a34573e362d3b422d323072762533433b342e322b2d3a324f6d63636f25324632303332323132332d3a324e61726d666f782532463b342c30 | 91.235.133.113 | 204 204 | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&ja=3a363424246b35322e723d3826663d313238327a333030362e69643539323030783130323424717a793f327038246c787235312c313238302e333232362e393a3a3824313832342c313238322e3330303624393030382c393032342c302c32246f743f303f6e37396c333934396536626630323b6234346a6c31303f62386166336334266f6c3f3224716b6c3f3a3c2664683d687474707127314127304e2d304e6f657c7869746f782e616d6f2530446f67273a4e69666465786e6f61646472726d65256563707f656a2e7068702533447670616c712d3b4639383238326235333233676036326331693b673e3c65303831303732643b27303663646e57717d6a312d33443137382530346366645d7b7d603a2d334c2532366166665d71776231273b4c273a3e616e665f73756234273146253034696e64577b756a35253344383733305d7367717b61663a38323c3035303832313334303930343d2d303e69666e696c696174655d6b662531463a3e30312e70643d352670683d673a32326664693d373d39393b6634656265383b3b3165603669313b3a31306c2668683d63353267336363606938646e6b643136333064643364603338343538313b6b6b2662736f3d4c696e777a246a7160354e6b7a6d66677825323039362468716f773f44616c7d70266668633d3438266c6f76703f322e7c786c35555c43266d617468703f353164373c30673c6a333e303862666466603a3b633b3b3e6e646c3c663f3066313261653166343663666e3c30313b353e6239663362633435356230646d3a642e783d786c7567696e5f646e63736a273d4d646964736d21706c7567696c5d75696c66677f715765656c69615f706c617b67702537476e696e7b6d21786c7567696e5f63666d62675d696b70676a617c25354566616c716723706e776f616c57797561636b74696d6527374766636e7b6d237864756f696e5f73686f6169756174672d3d476e696c7b6521706c75676b6c5d72676364786e6971657a25354566616c716723706e776f616c577e6c6b5f706c617965702737456463647b6729786c7d67696e5f646574636e7670273d4d646964736d21706c7567696c5d7176655d7e61677f6d722d354566616c736723726c776561665d6269766925354566616c716724636166353a3538383130&jb=3b37266e7335456d72616c6461253246352e322730302a5a3939273b4a253a304c696e7578273032783a34573e362d3b422d323072762533433b342e322b2d3a324f6d63636f25324632303332323132332d3a324e61726d666f782532463b342c30 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&ja=3a363424246b35322e723d3826663d313238327a333030362e69643539323030783130323424717a793f327038246c787235312c313238302e333232362e393a3a3824313832342c313238322e3330303624393030382c393032342c302c32246f743f303f6e37396c333934396536626630323b6234346a6c31303f62386166336334266f6c3f3224716b6c3f3a3c2664683d687474707127314127304e2d304e6f657c7869746f782e616d6f2530446f67273a4e69666465786e6f61646472726d65256563707f656a2e7068702533447670616c712d3b4639383238326235333233676036326331693b673e3c65303831303732643b27303663646e57717d6a312d33443137382530346366645d7b7d603a2d334c2532366166665d71776231273b4c273a3e616e665f73756234273146253034696e64577b756a35253344383733305d7367717b61663a38323c3035303832313334303930343d2d303e69666e696c696174655d6b662531463a3e30312e70643d352670683d673a32326664693d373d39393b6634656265383b3b3165603669313b3a31306c2668683d63353267336363606938646e6b643136333064643364603338343538313b6b6b2662736f3d4c696e777a246a7160354e6b7a6d66677825323039362468716f773f44616c7d70266668633d3438266c6f76703f322e7c786c35555c43266d617468703f353164373c30673c6a333e303862666466603a3b633b3b3e6e646c3c663f3066313261653166343663666e3c30313b353e6239663362633435356230646d3a642e783d786c7567696e5f646e63736a273d4d646964736d21706c7567696c5d75696c66677f715765656c69615f706c617b67702537476e696e7b6d21786c7567696e5f63666d62675d696b70676a617c25354566616c716723706e776f616c57797561636b74696d6527374766636e7b6d237864756f696e5f73686f6169756174672d3d476e696c7b6521706c75676b6c5d72676364786e6971657a25354566616c716723706e776f616c577e6c6b5f706c617965702737456463647b6729786c7d67696e5f646574636e7670273d4d646964736d21706c7567696c5d7176655d7e61677f6d722d354566616c736723726c776561665d6269766925354566616c716724636166353a3538383130&jb=3b37266e7335456d72616c6461253246352e322730302a5a3939273b4a253a304c696e7578273032783a34573e362d3b422d323072762533433b342e322b2d3a324f6d63636f25324632303332323132332d3a324e61726d666f782532463b342c30 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825z8838620505za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=6278 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825z8838620505za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=6278 IP216.239.34.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825z8838620505za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=6278 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 30
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 08 May 2024 21:14:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| imgs.signifyd.com/fp/clear.png | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/fp/clear.png IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, w2txo5aa/5aa4812d252346af3217298699480405103
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 08 May 2024 21:14:14 GMT
Expires: Mon, 07 May 2029 21:14:14 GMT
Etag: 45d2fd79104a4d84a4c79d3f6f627153
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://getxitox.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| imgs.signifyd.com/griMXmp5v2JsHgpk?dbc157c72ace6bd0=bHwkziePq50MjbvuOjLLQy9n6AzoKqtn9-fpaGpNdV21nYrSU-gLrzLu7pXk-g4V-PEMsyZScizWd0yCoV3VFA0eQvlJ8WD4H4qjJ0bKcKpxEopcpHDv8yCvJRbyUwGe0HDd&jf=3134266e716a35346b6a343f3262336135623a36353636606a3a3b6a3d32386136326166376437 | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/griMXmp5v2JsHgpk?dbc157c72ace6bd0=bHwkziePq50MjbvuOjLLQy9n6AzoKqtn9-fpaGpNdV21nYrSU-gLrzLu7pXk-g4V-PEMsyZScizWd0yCoV3VFA0eQvlJ8WD4H4qjJ0bKcKpxEopcpHDv8yCvJRbyUwGe0HDd&jf=3134266e716a35346b6a343f3262336135623a36353636606a3a3b6a3d32386136326166376437 IP91.235.133.113:443
Requested byhttps://imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /griMXmp5v2JsHgpk?dbc157c72ace6bd0=bHwkziePq50MjbvuOjLLQy9n6AzoKqtn9-fpaGpNdV21nYrSU-gLrzLu7pXk-g4V-PEMsyZScizWd0yCoV3VFA0eQvlJ8WD4H4qjJ0bKcKpxEopcpHDv8yCvJRbyUwGe0HDd&jf=3134266e716a35346b6a343f3262336135623a36353636606a3a3b6a3d32386136326166376437 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 448
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 08 May 2024 21:14:14 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jac=1&je=33313924247f6d6b3531312639302e34322e33373626726f3571677b2e617d64683d64663536603734323a383d376b6c356d6236303963636766616137343f3a346d6b353930366336383534303a63673b6c383b3f31363e333134303233336666322467703b3f6c6e36306566376230373a3a636636603f31646a30666a6562656533663763636361663b31343c38 | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jac=1&je=33313924247f6d6b3531312639302e34322e33373626726f3571677b2e617d64683d64663536603734323a383d376b6c356d6236303963636766616137343f3a346d6b353930366336383534303a63673b6c383b3f31363e333134303233336666322467703b3f6c6e36306566376230373a3a636636603f31646a30666a6562656533663763636361663b31343c38 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jac=1&je=33313924247f6d6b3531312639302e34322e33373626726f3571677b2e617d64683d64663536603734323a383d376b6c356d6236303963636766616137343f3a346d6b353930366336383534303a63673b6c383b3f31363e333134303233336666322467703b3f6c6e36306566376230373a3a636636603f31646a30666a6562656533663763636361663b31343c38 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/3.ts | 151.101.1.91 | 200 OK | 1.1 MB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/3.ts IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size1.1 MB (1110516 bytes) Hash18c7ac9de1bd3a27981436b86e15ac7f b6e7d6eeb0d2385de575eba8e8a4d3716357a404 40ac273a4c15227e82469272aaaf5a7f2260233557bf94cad42ad37657baceed
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/3.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1110516
cache-control: public, max-age=31104000
expires: Thu, 01 May 2025 10:32:52 GMT
last-modified: Tue, 29 Aug 2023 15:51:40 GMT
etag: "18c7ac9de1bd3a27981436b86e15ac7f"
x-goog-generation: 1693324300542916
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1110516
content-type: video/mp2t
x-goog-hash: crc32c=CxWQvQ==, md5=GMesneG9OieYFDa4bhWsfw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPrTyxAMCdfD9LgeTjmxZCpKGphaMi0hr4FjCmSdyobcPmcSWAmPJGAsbnY_hVUwMVHERvg
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 08 May 2024 21:14:14 GMT
age: 211281
x-served-by: cache-dfw-kdfw8210119-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 33, 1
x-timer: S1715202855.701767,VS0,VE2
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts | 151.101.1.91 | 200 OK | 54 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hashadf371f1a9684b35e655bddab7ae4d79 dcf2b775cd36762751a9b3ff5adefd821afb04f3 942e39e8342ee313fe81e1dd69fc2329bb90eff9c131d74dbb988455bb0772a2
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 54144
x-guploader-uploadid: ADPycdtBATaygqwRg_i2otfShV8AuUv9TzXo3v8-MP-0vXZygrO67j3P9MQYUxhhV7tWdBJqrej54xCzzvLFdnGStRn8uaBDBh8c
cache-control: public, max-age=31104000
expires: Fri, 27 Sep 2024 03:56:46 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "adf371f1a9684b35e655bddab7ae4d79"
x-goog-generation: 1693324327962747
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54144
content-type: video/mp2t
x-goog-hash: crc32c=wTW46Q==, md5=rfNx8aloSzXmVb3at65NeQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2713875
date: Wed, 08 May 2024 21:14:14 GMT
x-served-by: cache-dfw-kdfw8210037-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 3049, 0
x-timer: S1715202855.709256,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 585373
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 699
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 08 May 2024 21:14:15 GMT
content-length: 16
x-envoy-upstream-service-time: 0
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg | 151.101.1.91 | 200 OK | 54 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc60.3.100", baseline, precision 8, 1920x1080, components 3 Hashbc55b1f437bddbe74f9d74d181f068da d48ba897a8f63eadbf55b8ddc854ccd4f7299d13 f3db1c97e2c94cecc0b57997f11951afc151451495407a9a1c5ac9306bf0f30d
GET /video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 53910
x-guploader-uploadid: ADPycdtZfwa3mZxHTiR8V00dI6D1_y0C9fYhQ7wVgZNebfqMIj0Evn-GHw0gyYctCAwiSAtv5fGD25Jci43NuQ90ot4-9g
cache-control: public, max-age=31104000
expires: Sun, 22 Sep 2024 18:59:28 GMT
last-modified: Fri, 14 Jul 2023 06:17:36 GMT
etag: "bc55b1f437bddbe74f9d74d181f068da"
x-goog-generation: 1689315456332968
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 53910
x-goog-meta-x-goog-reserved-source-generation: 1683106408845786
x-goog-custom-time: 2023-05-03T09:33:28.923Z
content-type: image/jpeg
x-goog-hash: crc32c=+PKXAg==, md5=vFWx9De92+dPnXTRgfBo2g==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1336332
date: Wed, 08 May 2024 21:14:15 GMT
x-served-by: cache-dfw-kdfw8210171-DFW, cache-hel1410020-HEL
x-cache: HIT, MISS
x-cache-hits: 795, 0
x-timer: S1715202855.351854,VS0,VE137
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 407
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 08 May 2024 21:14:15 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 449
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 08 May 2024 21:14:15 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=11280 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=11280 IP216.239.34.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je4510v9116850825za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=11280 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 471
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 08 May 2024 21:14:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.protectedwebnexussl.com/ | 104.21.83.246 | | 11 kB |
URL www.protectedwebnexussl.com/ IP104.21.83.246:0
CertificateIssuerGoogle Trust Services LLC Subjectprotectedwebnexussl.com Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT
Hashd9a03a7c4178c5ee68c6de52dc9de520 9d1d532b1c1c1a392e6667e3b9582d9cd426fb68 5d80d125d6c147ccdbc9351c964bf5dcf7f79ee50e6babb1a6fc92320554a4c8
GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 08 May 2024 21:14:15 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.protectedwebnexussl.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-2
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxGjA%2BEzUGdjLhtFjL8bVb1IaM7yjNStmrREeogs4cvu8Z6pb0a58lBgoFiR7srq0a8ifDx7uQuu5IKx9f7EQLyJ3XB1vVM8Ks8L967Sk6cmb9VEUiQkrmp7lt8WiWcRAbOv3vL5XIv47TySTSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c7555dd6956c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| imgs.signifyd.com/LCrSFPaCrCus38lZ?78cda9df1666f161=uKkXSbeUpyDmye0yTIXnXHjpY9QZRJTmD6jWvlPHW3yK_ZYEHZQLIEXw5Ot7vFNUNXDfgmaeoMU2i3zZJkOW7luUWuDx2O_WcuGi2I8r7oxPoENdVnGHnpJxkSNpEs2ATLEfpo6vCtOGF3e3OaTNQG8iIkIVMD2eTFypaxXXBoQmp7tLY3QJZxvnZpes&je=33313624247a6d74353b362636382c35392e33322e353a2c3d392e3d312e38332c35392e31302e37392c333e24373126313c2c33362e37352e373b2e3334243d3b263a302435382e35322c373b2c31352e3d312c393e2c3d382e36372c353b2c31312e373126333b2435312e31392c35382c36332c373b263935243d392631332c35392e33312e353b2c393a | 91.235.133.113 | 204 204 | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/LCrSFPaCrCus38lZ?78cda9df1666f161=uKkXSbeUpyDmye0yTIXnXHjpY9QZRJTmD6jWvlPHW3yK_ZYEHZQLIEXw5Ot7vFNUNXDfgmaeoMU2i3zZJkOW7luUWuDx2O_WcuGi2I8r7oxPoENdVnGHnpJxkSNpEs2ATLEfpo6vCtOGF3e3OaTNQG8iIkIVMD2eTFypaxXXBoQmp7tLY3QJZxvnZpes&je=33313624247a6d74353b362636382c35392e33322e353a2c3d392e3d312e38332c35392e31302e37392c333e24373126313c2c33362e37352e373b2e3334243d3b263a302435382e35322c373b2c31352e3d312c393e2c3d382e36372c353b2c31312e373126333b2435312e31392c35382c36332c373b263935243d392631332c35392e33312e353b2c393a IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /LCrSFPaCrCus38lZ?78cda9df1666f161=uKkXSbeUpyDmye0yTIXnXHjpY9QZRJTmD6jWvlPHW3yK_ZYEHZQLIEXw5Ot7vFNUNXDfgmaeoMU2i3zZJkOW7luUWuDx2O_WcuGi2I8r7oxPoENdVnGHnpJxkSNpEs2ATLEfpo6vCtOGF3e3OaTNQG8iIkIVMD2eTFypaxXXBoQmp7tLY3QJZxvnZpes&je=33313624247a6d74353b362636382c35392e33322e353a2c3d392e3d312e38332c35392e31302e37392c333e24373126313c2c33362e37352e373b2e3334243d3b263a302435382e35322c373b2c31352e3d312c393e2c3d382e36372c353b2c31312e373126333b2435312e31392c35382c36332c373b263935243d392631332c35392e33312e353b2c393a HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Wed, 08 May 2024 21:14:24 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
|
|
| imgs.signifyd.com/xKjPvG3EzJBziYaD?0b13f7e9e38322e7=kx5Z0OjgdpVWRb7qPRpSzNx2GuEYHcDjoFl_7q_grKOCyvvxb8kwhAAOmZ-lUfQB8numEF4QaV47mIrlvHqsNJBuiIfMgB9ORBJmbkio6czMSuETwVE8jQILmo5jx17O-yus | 91.235.133.113 | | 0 B |
URL imgs.signifyd.com/xKjPvG3EzJBziYaD?0b13f7e9e38322e7=kx5Z0OjgdpVWRb7qPRpSzNx2GuEYHcDjoFl_7q_grKOCyvvxb8kwhAAOmZ-lUfQB8numEF4QaV47mIrlvHqsNJBuiIfMgB9ORBJmbkio6czMSuETwVE8jQILmo5jx17O-yus IP91.235.133.113:0
CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /xKjPvG3EzJBziYaD?0b13f7e9e38322e7=kx5Z0OjgdpVWRb7qPRpSzNx2GuEYHcDjoFl_7q_grKOCyvvxb8kwhAAOmZ-lUfQB8numEF4QaV47mIrlvHqsNJBuiIfMgB9ORBJmbkio6czMSuETwVE8jQILmo5jx17O-yus HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8
Origin: https://imgs.signifyd.com
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 21:14:36 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://imgs.signifyd.com
Content-Type: text/javascript
|
|
| cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg | 54.230.111.43 | 200 OK | 2.5 kB |
URL GET HTTP/2cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashaa99de29a7952e738d5b5e6ec8968e94 747482789054e483572f905cadc6841ba2f7bdfb cac5bfe56161ac8c9566a2470f15ebd0d3b702ff28c0868af988b6ebf49eecf3
GET /cyabags/5thglow-phone-inverted.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 24 Jun 2019 02:14:42 GMT
x-amz-meta-sha256: fc4704f46cf73a52c423292dda6cd0fc8d521e60d20fc1561df114a0d86a55a1
x-amz-meta-s3b-last-modified: 20190613T093902Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Wed, 08 May 2024 03:46:21 GMT
etag: W/"4de1717957b315eb71c304f8ba029ae7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bgf1UdaZ5U4e7DdbwMUcBqnwhW_py7ROgVWlPfR8tTZ-MbE4Enm6XA==
age: 62871
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 | 216.58.207.227 | 200 OK | 28 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27812, version 1.0 Hash89711a1150919edc93f67f067ef94f62 9f2ac701d67d1ab3a2efe7d4edc663d3d5270fef 6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:01 GMT
expires: Fri, 02 May 2025 01:55:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
age: 587951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 | 151.101.1.91 | 200 OK | 1.1 kB |
URL GET HTTP/2fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 IP151.101.1.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash01a4b36b437c6ff93d233c8d0abbe2f8 1663d9258a4fa2236d3c8f794b91ccbf5260d3cd 8567054e9b455b4735a7f5e412debf56810844e204d1d4ab0f80743d839989a4
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ADPycduVrkjVXVCM_5Dr4IG6fXw-U_g98JYx8F9fYztxutiIAkFOxp1_R7j5wo-P3Vf85T5Ej2fY0Ycnaro-GNOMTvjQqzSGEm9f
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:09 GMT
last-modified: Mon, 25 Sep 2023 15:30:29 GMT
etag: "01a4b36b437c6ff93d233c8d0abbe2f8"
x-goog-generation: 1695655829791443
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1137
content-type: application/octet-stream
x-goog-hash: crc32c=5Yk1dA==, md5=AaSza0N8b/k9IzyNCrvi+A==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 197686
date: Wed, 08 May 2024 21:14:13 GMT
x-served-by: cache-dfw-kdfw8210133-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 52, 0
x-timer: S1715202854.765203,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1137
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 13:49:40 GMT
expires: Fri, 02 May 2025 13:49:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 545072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/images/bottle_mention.png | 54.230.111.43 | 200 OK | 188 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/images/bottle_mention.png IP54.230.111.43:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 1308 x 939, 8-bit colormap, non-interlaced Size188 kB (187749 bytes) Hash5cab986cff18198ae5e79fd393ff75cb f00667912fd25062171b351245f0f7d0cc289f9e 2d5f155a2e8e45ecdf9294cc6995f06baceb35fd27cb14751d726c6bb662308c
GET /xitox/images/bottle_mention.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 187749
last-modified: Thu, 13 Apr 2023 08:58:00 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 08:40:36 GMT
etag: "5cab986cff18198ae5e79fd393ff75cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4GI1CwoOkbE5pq1-BWO3HnGyCEDbUkkBWE1bjioxGBCyBTVRXN6OEA==
age: 45216
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA | 91.235.133.113 | 200 OK | 93 kB |
URL GET HTTP/1.1imgs.signifyd.com/jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeHTML document, ASCII text, with very long lines (15506) Hash15b267f4dc84be558c1f30510bd692c3 c07db77d9f73a30e07f9d39d6eec0ba88d9db8fc 75832f2232dc2113f60a736dd478518588aebd5004fa41b5e3a99782721c29a5
GET /jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
|
|
| go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 | 172.66.43.113 | 200 OK | 0 B |
URL GET HTTP/2go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 IP172.66.43.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerLet's Encrypt Subjectmaxweb.com FingerprintC4:78:D7:44:85:55:AA:1F:A9:42:AA:75:6A:68:97:9F:93:3B:2D:22 ValidityWed, 01 May 2024 07:23:11 GMT - Tue, 30 Jul 2024 07:23:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 08 May 2024 22:16:35 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbTxAcpKyrJyzoe; SameSite=Lax; path=/; expires=Thu, 09-May-24 20:14:13 GMT; HttpOnly
server: cloudflare
cf-ray: 880c75465bbc0afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jb=3134266e71693533383a376a6233666533646436323734636c6b373a316630393635353039663a | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jb=3134266e71693533383a376a6233666533646436323734636c6b373a316630393635353039663a IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jb=3134266e71693533383a376a6233666533646436323734636c6b373a316630393635353039663a HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| fonts.googleapis.com/css2?family=Merriweather&display=swap | 142.250.74.106 | 200 OK | 1.9 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Merriweather&display=swap IP142.250.74.106:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1909), with no line terminators Hash5f9cadc082c9d1811f19204aee0863e6 33cfb38663b09d3d6955691ad6bb8072575f003a 8ef722f3cdd606bc88a101794fb62c659ba723277aca99f5c12d0755846af153
GET /css2?family=Merriweather&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 21:14:11 GMT
date: Wed, 08 May 2024 21:14:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap | 142.250.74.106 | 200 OK | 18 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap IP142.250.74.106:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash3b065b6898522abb5efd016c431e352e 5fe6ebc8faa406c9dca15accc7fa11ee8b5f7534 43917159ff2b0eb2c88150c707902308ac0cb96b9cdea717a66054e2fe3ba19f
GET /css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 21:14:11 GMT
date: Wed, 08 May 2024 21:14:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|