Report - www.protectedwebnexussl.com/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&

Report Overview

Submitted URL
www.protectedwebnexussl.com/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV
IP
104.21.83.246
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 21:14:39
Access
public
Website Title
Simple Promise™
Final URL
getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	3.7 kB	214 kB	216.58.207.227
stats.vidalytics.com	153185	2007-05-15	2017-02-08	2024-05-06	2.4 kB	2.3 kB	107.178.211.97
tracking.getxitox-at.com	unknown	2022-03-24	2022-11-05	2024-02-27	571 B	2.1 kB	52.16.152.21
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-08	1.4 kB	3.8 kB	143.204.53.97
getxitox.com	unknown	2022-03-24	2022-08-10	2024-02-27	8.3 kB	190 kB	54.81.48.211
cdn.truegcloud.com	699174	2018-03-26	2018-06-13	2023-05-04	7.3 kB	844 kB	54.230.111.43
cdn-scripts.signifyd.com	13162	2010-11-25	2016-06-12	2024-05-02	845 B	57 kB	143.204.55.70
imgs.signifyd.com	12117	2010-11-25	2017-01-30	2024-05-07	11 kB	171 kB	91.235.133.113
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-08	2.8 kB	1.3 kB	216.239.34.36
go.maxweb.com	389866	1995-07-17	2018-04-27	2024-04-15	564 B	766 B	172.66.43.113
www.clkmg.com	112778	2014-02-06	2016-03-24	2024-04-09	676 B	1.1 kB	44.231.167.250
www.protectedwebnexussl.com	unknown	2023-05-02	2023-07-05	2023-12-31	2.4 kB	34 kB	104.21.83.246
www.google.no	25607	2001-02-26	2016-04-05	2024-05-08	581 B	578 B	142.250.74.163
analytics-ingress-global.bitmovin.com	47119	2013-01-21	2017-08-18	2024-05-07	491 B	487 B	35.190.27.197
mweboutstanding.com	unknown	2023-05-19	2023-07-17	2024-04-16	492 B	7.5 kB	104.21.91.180
fast.vidalytics.com	218005	2007-05-15	2017-02-08	2024-05-06	6.5 kB	3.6 MB	151.101.1.91
d10lpsik1i8c69.cloudfront.net	unknown	2008-04-25	2016-05-17	2024-03-11	405 B	3.4 kB	54.230.241.113
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	946 B	21 kB	142.250.74.106
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-08	1.3 kB	272 kB	142.250.74.72
main.tgoptimize.com	965881	2018-07-24	2018-11-12	2024-04-18	1.4 kB	1.9 kB	18.235.150.85

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	mweboutstanding.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (52)

	URL	Size	First Seen	Last Seen
	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	410 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:51:19 Last Seen2024-05-19 14:00:38 Times Seen161 Hash 130421da57605728884ece6c3b4f71f0 3aab6925d6cf0412337eb31ca7066e38e1b11042 25d1113f8f75a43286a488f753fa3610b4165e18abb218bc04a39dad966a0683 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	75 B	2023-12-01	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-01 18:37:48 Last Seen2024-05-19 14:00:38 Times Seen10 Hash 63ac6b1d24a8281e854ef5e78c3bc36b 413ce49f54f8dad73288221cd3798e4b417fc981 29411a24743a4f7fef310b58ec24ab56d0edb8f6bacb0db5aada388de2e43fdd Loading...

	getxitox.com/c1219bf0-7aac-4217-bddf-969204f9ca67	980 kB	2024-02-21	2024-05-19
Pretty URL getxitox.com/c1219bf0-7aac-4217-bddf-969204f9ca67 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-21 16:12:24 Last Seen2024-05-19 14:00:39 Times Seen36 Hash 21ea705829c05759544342ba2f4ac461 2fa8e86431a1468bf7bbceb53b8662101bc70da8 b1ccbf581da817ca36d109e168b2cec2a34e7884c8e20c6722c6bff41da53b60 Loading...

	main.tgoptimize.com/load.js?r=0.7712454490212516&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629	1.4 kB	2024-05-08	2024-05-08
Pretty URL main.tgoptimize.com/load.js?r=0.7712454490212516&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 IP 18.235.150.85 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:14:42 Last Seen2024-05-08 23:14:43 Times Seen2 Hash b188fb0f8480736653e820ce69b99702 71bd144ac40bc02ebfed6039546ff8201646ab66 98ff3c4e5b85ae5f067287d3c449c975af8b88e59b69f7b41f1b98049d9d5563 Loading...

	imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jb=3134266e71693533383a376a6233666533646436323734636c6b373a316630393635353039663a	0 B	2023-03-07	2024-05-20
Pretty URL imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jb=3134266e71693533383a376a6233666533646436323734636c6b373a316630393635353039663a IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 00:25:50 Times Seen37847244 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	341 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:51:19 Last Seen2024-05-19 14:00:38 Times Seen158 Hash 165385dc71e29d2b90e31427e0939a49 4831fe29872dd1b9d6aa45e0132b5f5b6aea43dc 9442e247ceb6dcab7e8863c9d16535cd0be07b1b9455fda40f65dad2671189a2 Loading...

	getxitox.com/js/jquery.min.js	88 kB	2023-03-07	2024-05-19
Pretty URL getxitox.com/js/jquery.min.js IP 23.22.56.3 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:01 Last Seen2024-05-19 14:00:39 Times Seen7941 Hash f832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Loading...

	imgs.signifyd.com/jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA	93 kB	2024-05-08	2024-05-08
Pretty URL imgs.signifyd.com/jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 23:14:42 Last Seen2024-05-08 23:14:42 Times Seen1 Hash da648502a9ab1e445175d5a5b4804fe5 ca8db53558b3d73f5ca5d4716a357eb1028a2245 1052e96555b28b49d8ccb925e77bbc63acb110920838a1dc6471d24b7c85c9f9 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	190 B	2023-10-28	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 14:50:45 Last Seen2024-05-19 14:00:38 Times Seen11 Hash ead74ed6deefb2dc7c3a08b10145a502 cd6bce82f513b3b06da562e4b41ec243df023cf2 e19311ef12ec553804e5b8d77bd036373fffdf19b15c0119e35b713310178c58 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	3 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-19 15:09:40 Times Seen1204 Hash f67be96ce768fb5b40aecf0438f97886 d27fecd03a022cc6f670ca42ef1b99d5f5bcc74c 3441b5696d6abf2bd959d18bcb31dde8239a6ad8185bfa659af60bc764c238a8 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	425 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-05-19 14:00:38 Times Seen78 Hash 6fdcf0000641b875339c33524f7afc32 ee90be9be3c56015fa8a68df4e22eb55132151a2 5b4af4f461a4ad99c500e18ce7a3ca0f473a73616aabcbf6500582003850a757 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	328 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-05-19 14:00:38 Times Seen89 Hash bf4f957d5a1c6e602e47b3f8d56eef78 e6740423ded6611ebbdb31d62baf9209aafe06e7 b753faad57dce8fcfe6820c15b88adc6f9a6a701a1c84aaa79a2b6d0d3c2a052 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	245 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-05-19 14:00:38 Times Seen89 Hash c6518826f8fc6231c7baa290459d8874 37b7afac2f44cf33777bcbd9e24d8fc79ef0aa0c 1fe99e8ad7762d1caf305c0469228f420fafc2a38e9922ea3678b93c564ad25f Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	772 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-05-19 14:00:38 Times Seen42 Hash 72051fdcbe101e303b08490098275472 9a3543f52f2da42fb97189d94618d54be90324d3 91fca4c7531ca12f88e631dcf9f798cf049f9d2cfad3fa18929539f62b8797fb Loading...

	getxitox.com/js/slidereveal.js	5.5 kB	2023-03-07	2024-05-19
Pretty URL getxitox.com/js/slidereveal.js IP 23.22.56.3 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:19:26 Last Seen2024-05-19 14:00:39 Times Seen199 Hash 31f5a3f634189d0d865a11c9e11d0d79 c00f665e9d15a33455d947b2fa75b731cbd54753 79cddd678b3f3282adb888ed5685ea33f61c3d7dfd562025aa1231fe40ba1140 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 00:19:20 Times Seen350346 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	322 B	2023-06-13	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-13 16:19:24 Last Seen2024-05-19 14:00:38 Times Seen11 Hash 1bff1abf146d4ee7e7c4a47c83f77a5a af9685edfbdeab288ee91edb0a002a305fc1aabb 1e7bf479219149da3b972855c85302edb5750e2b3873b0a36629f32661531fad Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	292 B	2023-10-28	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 14:50:45 Last Seen2024-05-19 14:00:38 Times Seen11 Hash af4f98c9507772e724e3c289b9230d4e 0e31826d7f0a1f0bcb62c40ce4ae6c45cb4acffb 4fa94fc8aa96057b1a5ace37cda86e58e970176474b360c019fe3a88538c5eb8 Loading...

	cdn-scripts.signifyd.com/api/company_toolkit.js	3.7 kB	2023-07-25	2024-05-19
Pretty URL cdn-scripts.signifyd.com/api/company_toolkit.js IP 143.204.55.70 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-25 01:06:12 Last Seen2024-05-19 16:40:07 Times Seen222 Hash 2c3950f122b3977df61b0e077aaa92c8 7bbc3b129bb0f1320c6ecb67688ddc8f78ef6574 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d Loading...

	www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c	247 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:14:42 Last Seen2024-05-08 23:14:44 Times Seen2 Hash 0aa77ca5dabf47a7b5bf214ecbf01979 ef6803ebaddda0bb30219c080b5490f86fb39477 bcafd95636462ffc532e2a22ce5c0a4089ff6c7ca0dc5198dbeb2a49968a8c36 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	946 B	2023-12-01	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-01 18:37:48 Last Seen2024-05-19 14:00:38 Times Seen10 Hash 84b160a3ad55ea54f7ffeaaec80a526d 583e1d6abfeba54de8d55a2494bed82f824c0520 0e9ff9bce1c41550d75acbe35644f76b4cecce7d8f2f48471f0c374d5934dc0b Loading...

	imgs.signifyd.com/JF6e8DC_8o5b_2cO?d69beb3613cd06cf=3fxqhy_hn8uq9IG8I977h2RCpt07dSIx-U8qAj3xHKmM12uLmcGv3NyFF-8bLIRFdm72Nwvy9uMtPD-VrjbE5JCuaSrLlLiAjf1aAygNp2K6X9KFcMTsuR_QNpvViem8YUkkwRjzrQlM0ctEfBkcMRt9zv1RgNaT979Bf5Apuowh_DuER8M3dINYOA&jb=313a2624687b6777354469667578266a736f3f4e6b6e777a2e62716a3546617265666f782530323b36	282 kB	2024-05-08	2024-05-08
Pretty URL imgs.signifyd.com/JF6e8DC_8o5b_2cO?d69beb3613cd06cf=3fxqhy_hn8uq9IG8I977h2RCpt07dSIx-U8qAj3xHKmM12uLmcGv3NyFF-8bLIRFdm72Nwvy9uMtPD-VrjbE5JCuaSrLlLiAjf1aAygNp2K6X9KFcMTsuR_QNpvViem8YUkkwRjzrQlM0ctEfBkcMRt9zv1RgNaT979Bf5Apuowh_DuER8M3dINYOA&jb=313a2624687b6777354469667578266a736f3f4e6b6e777a2e62716a3546617265666f782530323b36 IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:14:42 Last Seen2024-05-08 23:14:44 Times Seen2 Hash 6e11138e4be1a164ec9574a4b1011fcb bcbe5ed97c4bff3a9f939c843f6828281a6011c0 64af4235e691d3eac6345d4fdc332aecc855fdb57c006548e2098e048c097892 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	141 B	2023-06-19	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-19 07:48:24 Last Seen2024-05-19 14:00:38 Times Seen44 Hash eb31fc493c10f68b4759e661e04f2702 7d7ce7736f8cce72a4fb68a6cf4f2f99af6a6a91 73c8f6f45d765e9d0b7f63fe1c027181f956e69fe4e33512f7e8de0e85638ce8 Loading...

	www.googletagmanager.com/gtag/js?id=UA-169212633-21	208 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-169212633-21 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:14:42 Last Seen2024-05-08 23:14:43 Times Seen2 Hash 8101e30fb56685250f86e37cb6ca9c53 4cc7a460056e85e49c773498593ef04edac241b8 37c3b25858b34f705001a59eb910bd58b7ee05ed76fe062d781bd98b5d9aa372 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	4.0 kB	2023-07-02	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-02 04:33:07 Last Seen2024-05-19 14:00:38 Times Seen14 Hash 6f7057d95e8a9b1de1b3ab4ce24b58ef 90b08bcc2dfa0e29e71cb1e8e45a9381c4489cad 1d50f1c220b662c186944ad8fc351b16cca5f665b22f92117e401c3d0e8bab79 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	150 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-05-19 14:00:38 Times Seen133 Hash 23658fa612615b3981808f9fc45eb75e 2f07b38112f47ccfc79f4f9137dd72f59a13d0ad 2309a245cc804f005d5ac5bc520add8c364bcdaf51e36b4bf8892831ac4cdb2d Loading...

	d10lpsik1i8c69.cloudfront.net/w.js	5.3 kB	2024-01-25	2024-05-19
Pretty URL d10lpsik1i8c69.cloudfront.net/w.js IP 54.230.241.113 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-25 23:36:04 Last Seen2024-05-19 23:59:09 Times Seen172 Hash e31293f40e8a324de552ff593ee76a9b 8dc5eda61e77f52f2a4f914e2a69976f9a0825e3 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	2.1 kB	2023-10-28	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 14:50:45 Last Seen2024-05-19 14:00:38 Times Seen11 Hash 3ebe38144df70fe2daa1d262774c3d89 89673d6a0521288265d3a0e96aa60c0aff635494 c9a961d8cb30bdade64fa68108b79f949041f9e941907ff88210861e9040718c Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC	392 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:14:43 Last Seen2024-05-08 23:14:43 Times Seen2 Hash 7f5823b97393a56f0b27f28183e524b5 d02c67d99acee0072f1f3fda04d3030f3c39a06c 5a024f837d1b625e2409cac25af13196f422bec4bce8f6c50339b63970a6e440 Loading...

	getxitox.com/go/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL getxitox.com/go/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 00:19:20 Times Seen350861 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	1.0 kB	2023-05-22	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 16:17:26 Last Seen2024-05-19 14:00:38 Times Seen14 Hash 971e75379280a42fb523f20edaedcf80 a516b5785774b8e23fc57f843441de939950ad70 8544c0f7b8575bc590e560296ca65f35cf71eda90f4e4a5005782d9a0944d415 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	495 B	2023-05-22	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 06:05:03 Last Seen2024-05-19 14:00:38 Times Seen15 Hash 7ff7a48547d8d008f6d0722a1d230be7 ef5dacba2e5ebe54b6242af33ac7af5f0f25d3c3 a9a598c46a461f4189f2681861ff4a13a0262f9dd0150410a6f1e94a647ef6d6 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	2.5 kB	2023-05-22	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 16:17:26 Last Seen2024-05-19 14:00:38 Times Seen14 Hash fb620b7a8a0c46eb7b84a13ddb15362e 3cf30601cb0bcb75305b2dd7e1e52e3c1be93e9b 78f5f4cf3367fbf6c545c2d222f23ff056abc308a0e4f72ad9e8326a77e4edbd Loading...

	fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js	22 kB	2024-04-16	2024-05-19
Pretty URL fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js IP 151.101.1.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:03:45 Last Seen2024-05-19 14:00:39 Times Seen10 Hash 58dd1a4eca6cd3e55b7ccf65804454f7 47b1426cb825ea719cf5dc383aa7bcdb0ec300cc a820bbfcbf9bb777fbafa11bb1fe416edb8c66a036785ae39dff48f0bc59daef Loading...

	imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu	93 kB	2024-05-08	2024-05-08
Pretty URL imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 23:14:43 Last Seen2024-05-08 23:14:43 Times Seen1 Hash 05be04e3f4de05d226c6e3b1b1e132d0 a4b3a5c16240507b3c5f4cbc88b80fd7d8af544d ac65b2e245b2d99c23990e81eab2abc5d9a8dfc3f69b7c32597f94141f8b91a2 Loading...

	unknown	132 B	2024-04-16	2024-05-19
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-04-16 22:03:45 Last Seen2024-05-19 14:00:38 Times Seen5 Hash 15adf35e908db39add75852a8aed0801 59970755b12d69a6268feb546c6a49018eb82794 86cb8d3e834bc57047ca515e6b66df7fb7f520422ea77f8d06ed073fbd128fd0 Loading...

	cdn.truegcloud.com/scripts/jquery.1.9.1.min.js	93 kB	2023-03-07	2024-05-19
Pretty URL cdn.truegcloud.com/scripts/jquery.1.9.1.min.js IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-19 22:44:38 Times Seen24434 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	530 B	2023-05-22	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 16:17:26 Last Seen2024-05-19 14:00:38 Times Seen14 Hash b86369d4970747f4b24a2fb1d8da9bc3 e6e2649745565d621ceb643fe6ff798af78025f4 4dd54453f8bd36a5c8ee8f864f238750a052199f570383b1de728e626bb8ccda Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	329 B	2023-03-10	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 21:33:58 Last Seen2024-05-19 14:00:39 Times Seen66 Hash 8ef1dbed1ff67ba4655ff058b7cf2d0d 4fc69c4a880a587e992451a27c82551682fb1f5b ba7a73a4c9b3498d0ad747cd439d50490038c480229d60a4d7dab28703205a57 Loading...

	getxitox.com/js/skeleton.bundle.min.js	79 kB	2023-03-07	2024-05-19
Pretty URL getxitox.com/js/skeleton.bundle.min.js IP 23.22.56.3 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2024-05-19 15:39:58 Times Seen15787 Hash a454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	197 B	2023-03-07	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-05-19 14:00:39 Times Seen88 Hash 166434b88ab96545f891f9c205181c0e 6470a77ba3cfdb07e6f05a76fc6faa5696f7edae 882f522283273ad5ea0ee669556a7af2d26f2ff5cf8797a40868bf40b767a37a Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	196 B	2023-12-01	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-01 18:37:48 Last Seen2024-05-19 14:00:39 Times Seen10 Hash 44d702f46cd882634fabf53eaa537554 f7ac6387bc61f99ee1e50dca1134be468208e5ca 5cf459c7210d386713fb7fb90891688072bab8b1cb159559d0d7c8c9e2509c25 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	347 B	2023-05-22	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 16:17:26 Last Seen2024-05-19 14:00:39 Times Seen38 Hash 7ad688bc5272b943137108b82ab493f2 23f6761f652430c78b47de9caddcd958a361fc85 20a806d82f13390594be5c1a3ce5099169a381a907c2c6fb30f41e893eb2358a Loading...

	cdn-scripts.signifyd.com/api/script-tag.js	11 kB	2024-04-24	2024-05-19
Pretty URL cdn-scripts.signifyd.com/api/script-tag.js IP 143.204.55.70 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:22:32 Last Seen2024-05-19 16:40:10 Times Seen40 Hash 73ca6f23f3e08738233832c7a7a0c30c ea99796907e4c2255f233a81242ee8a62e3b09b2 d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca Loading...

	imgs.signifyd.com/wsody8j9rt00pmvs.js?43ne8gvs1si8j1ni=w2txo5aa&r81muykienvk6574=3217298699480405103	98 kB	2024-05-08	2024-05-08
Pretty URL imgs.signifyd.com/wsody8j9rt00pmvs.js?43ne8gvs1si8j1ni=w2txo5aa&r81muykienvk6574=3217298699480405103 IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:14:43 Last Seen2024-05-08 23:14:44 Times Seen2 Hash 9f435d901511206559c0b375b6ff9b13 d97eccf0601b32a386c2d2413654c8d5f57933da 515d8ede4188ef5099d33c2e8564e872be965d2ec31cff624f1e5ea5ae205df4 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	1.2 kB	2023-12-01	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-01 18:37:48 Last Seen2024-05-19 14:00:39 Times Seen10 Hash 08bcc37b01aa0013142fd29d64157e61 2f9b0116fec4563e107aa7541c7817b058b184cb 121426c6fe0d9a5eafcc9d36729235cf9d611b9410a6cd480391c86e7a9dd4cd Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629	5.0 kB	2024-04-16	2024-05-19
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 IP 54.81.48.211 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 22:03:46 Last Seen2024-05-19 14:00:39 Times Seen5 Hash b8775e978b024864dc81239fc16e0907 3f1dbf6f30eb6cb2cd20c9561466827572357bac 39c90103634c7bdfdfc5c5fde9a6ed21aa8e6a034c3da79131df2873a7dae3e1 Loading...

	unknown	32 B	2023-03-07	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2024-05-19 16:40:08 Times Seen1685 Hash 16eff409565ed1d22c17d73ce417bd15 ae526f9ce16489f0ca53977b7722f56806555342 d7d8adcd29f47bcccb73dcfc9c2135200465d57df689f842a49311a5b000d7a3 Loading...

	unknown	15 B	2024-05-08	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:14:43 Last Seen2024-05-08 23:14:43 Times Seen1 Hash b2e27a5ce034e496dfe44962e2c2a389 245c193bf7db1a04b32c962320045dcb46418b90 87e63cd2df346780879b8c698562b0ec300aaf363dbb9b1dd5b6658a8040faff Loading...

		Size	First Seen	Last Seen
	#1 Write - 024ff1c431c131ea9deb1fb1117d179e	315 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 23:14:43 Last Seen2024-05-08 23:14:43 Times Seen1 Hash 024ff1c431c131ea9deb1fb1117d179e cdba1fc35bc8aab28ce9f949a95d67fe5820f8b6 978d3c3ed7277f44702b0dd9ea13f29f96e2a73bb39b1fd8355139e4533c6d15 Loading...

	#2 Write - aac4a1d681009117cd3281d7f24664c7	383 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 23:14:43 Last Seen2024-05-08 23:14:43 Times Seen1 Hash aac4a1d681009117cd3281d7f24664c7 42e1b6639b297db04a21631435669b9429a6f843 c4c7d8972a760fe751bfe4717d8e38adf2977b2d811e167581df5be67a9450e2 Loading...

	#3 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-05-19 22:50:49 Times Seen14882 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (94)

URL IP Response Size

www.clkmg.com/healthylife1/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV

44.231.167.250

302 Found

230 B

URL User Request GET HTTP/1.1
www.clkmg.com/healthylife1/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV
IP
44.231.167.250:443
ASN
#16509 AMAZON-02

Certificate
IssuerGlobalSign nv-sa
Subject*.clkmg.com
Fingerprint63:8A:A6:9B:36:83:0A:EC:38:E5:D8:2E:98:37:F2:E2:93:A9:E6:B6
ValidityWed, 28 Feb 2024 22:20:05 GMT - Mon, 31 Mar 2025 22:20:04 GMT

File type
HTML document, ASCII text
Size
230 B (230 bytes)
Hash
849487c61ea75f8ca34e2105b6809229
224556f945b6e5514edcea0d21caa6ad2648a429
1e2585796c0d0daae4bb4e350e861f20bba2e64acc9148fd2733c41eb3857d95

HTTP Headers

GET /healthylife1/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV HTTP/1.1
Host: www.clkmg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: undefined-origin
Access-Control-Max-Age: 300
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 08 May 2024 21:14:09 GMT
Location: https://mweboutstanding.com/8712/178/3/?subid=
P3P: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server: nginx
Set-Cookie: alc=1; domain=.clkmg.com; expires=Wed May  8 21:14:14 2024; path=/;
vid=1012019030; domain=.clkmg.com; expires=Thu May  8 21:14:09 2025; path=/; SameSite=None; Secure;
X-CM-FE: httpfe-0
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Length: 230
Connection: keep-alive

www.protectedwebnexussl.com/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV

104.21.83.246

302 Found

933 B

URL User Request GET HTTP/2
www.protectedwebnexussl.com/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV
IP
104.21.83.246:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectprotectedwebnexussl.com
Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E
ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT

File type
data
Size
933 B (933 bytes)
Hash
f60594f8dfbf5973dda0bf7633e6aab5
35dcbfefc39ced80054887976a2385744d5bc6df
ea97ca55bece07972bf4b8aa6272d35c084507c9eae8e66edcc3a4371f2cb5eb

HTTP Headers

GET /wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 08 May 2024 21:14:08 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.clkmg.com/healthylife1/wwxiinfo/klangei@icsgf.com/thehealthcareleague.com/B/WWXI2_2/WWXI/?utm_source=remarkety&utm_medium=email&utm_campaign=WWXI2%208.05%20White%20Green&utm_content=&_rmId=z6eM6KQ9xbFod736pxMPI62ZMjkyV
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-1
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRnA%2FIqG7WabjDq5BUa%2BF6owxpVTLhCk6SaIo5xkdUlIOsbUgk4eQ4zjQcbqGJbLHT1uvBlxkgeb5m8Ha8tb%2BpOu%2FKR7Hn0u9D26pQugYOY8iaUi3IuCA%2FEGC77BdrL6ghoMHdj1ayjJ1H3qSrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c7525dde85684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mweboutstanding.com/8712/178/3/?subid=

104.21.91.180

302 Found

6.6 kB

URL User Request GET HTTP/2
mweboutstanding.com/8712/178/3/?subid=
IP
104.21.91.180:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmweboutstanding.com
FingerprintE2:6A:CB:7E:28:EA:21:2A:DA:A1:87:08:F7:4C:BC:7D:42:17:36:CD
ValidityTue, 07 May 2024 09:31:15 GMT - Mon, 05 Aug 2024 09:31:14 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
6.6 kB (6623 bytes)
Hash
d8a24ed33c071be829287baef5977cf9
c9c8957af4319863624dbf848bb064014fbb5c07
884b8d777357dc1003d7433dba0cbad76539f41b3cc9d02940540145ea0c7380

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8712/178/3/?subid= HTTP/1.1
Host: mweboutstanding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 08 May 2024 21:14:09 GMT
content-type: text/html; charset=UTF-8
location: https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240508211629265&aff_sub=178
cache-control: max-age=3600, private
pragma: no-cache
expires: Wed, 08 May 2024 22:16:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbTuxAFjHuSB1LQ; SameSite=Lax; path=/; expires=Thu, 09-May-24 20:14:09 GMT; HttpOnly
server: cloudflare
cf-ray: 880c75301fd256a2-OSL
X-Firefox-Spdy: h2

tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240508211629265&aff_sub=178

52.16.152.21

302 Found

392 B

URL User Request GET HTTP/1.1
tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240508211629265&aff_sub=178
IP
52.16.152.21:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjecttracking.getxitox-at.com
Fingerprint93:AF:69:32:64:D7:9D:1C:FB:83:DD:A7:3C:31:62:F9:8B:AD:7D:8D
ValidityThu, 27 Jul 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
392 B (392 bytes)
Hash
7a7c57353da68d15fa132edf2ba917c5
93305087eea4be35960befffa6c0f52b9a91f280
dddc5babe7d6cf9945746454bbc812eb2573569dd434beee91875c3189cfbc2e

HTTP Headers

GET /aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240508211629265&aff_sub=178 HTTP/1.1
Host: tracking.getxitox-at.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 21:14:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 392
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_111=1969; expires=Thu, 09 May 2024 21:14:10 GMT; path=/; SameSite=None; Secure
enc_aff_session_111=ENC038d746c9b83eb272276187869503f48532bf016d13e3ed8e95929ed894fb52094667c2f964940e0082dc975fec558db1302b8ce78f01105980548a96504dae3543792f0aa1cd9c6f9f9f5723bfcc9ee4808e6924d7d49fee6c31be1913fb0e36ddcbeb8f49d0dfc4df6575d9e67263a8474c822a32ebfe9c335cf28423e502258fec95370fbca044246e32ebca2fdc85d4ecd02883600f1da7445d83150cbb06d266a9d64; expires=Sat, 08 Jun 2024 21:14:10 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sat, 03 Apr 2027 07:54:10 GMT; path=/; SameSite=None; Secure
Tracking_id: 10202b5323eb42a3a3e64e881072d9
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: ce632333a59622007e7987947a24dd17
Access-Control-Allow-Headers: Tune-SDK-Version

www.protectedwebnexussl.com/

104.21.83.246

167 B

URL
www.protectedwebnexussl.com/
IP
104.21.83.246:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectprotectedwebnexussl.com
Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E
ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 21:14:10 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 May 2024 22:14:10 GMT
Location: https://www.protectedwebnexussl.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1SMo3u04Z9B6cnzseRMmkWwSnVvXYnnhAOjv0qMcG7DFvb%2F25EqNgFQjghR29BB3c%2FO9dP2IzRK0XNm3Eh%2BlIdvfCN3sdACt0O%2F0L1VOnRWmSjcSUdCnNfsPYRTwqD9RcgH%2F6DP0261GDDqx%2Bo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880c75384b0fb4f9-OSL
alt-svc: h2=":443"; ma=60

getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629

54.81.48.211

200 OK

134 B

URL User Request GET HTTP/2
getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
IP
54.81.48.211:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 08 May 2024 21:14:10 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://getxitox.com:443/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629

getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629

23.22.56.3

200 OK

17 kB

URL User Request GET HTTP/2
getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (456)
Size
17 kB (17114 bytes)
Hash
2da9c0168888eacb1300173257c9d319
a0c21074325da112692cd9d87e2ef16a3b5e24d4
fdeed526dafe5b6e48cf8a22ba8631e57c29eaa9346006034bc196475364b248

HTTP Headers

GET /go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/html; charset=UTF-8
content-length: 17114
server: nginx/1.22.1
x-powered-by: PHP/5.6.40
set-cookie: signifyd_token=3217298699480405103; expires=Thu, 09-May-2024 21:14:11 GMT; Max-Age=86400; path=/
hasoffers_affiliate_id=2629; expires=Thu, 09-May-2024 21:14:11 GMT; Max-Age=86400; path=/
hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; expires=Sat, 06-May-2034 21:14:11 GMT; Max-Age=315360000; path=/; domain=.getxitox.com
aff_sub1=178; path=/; domain=.getxitox.com
aff_sub5=8712_sessid20240508211629265; path=/; domain=.getxitox.com
visitedindexnoaffprog-maxwebphp=1; expires=Tue, 06-Aug-2024 21:14:11 GMT; Max-Age=7776000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/css/main.css

23.22.56.3

200 OK

2.9 kB

URL GET HTTP/2
getxitox.com/css/main.css
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
assembler source, ASCII text
Size
2.9 kB (2920 bytes)
Hash
e4e674b25abd1be51b1534dbce77c66b
556a1f78b26f233333259ad453956f85dc56358f
3b480a14755e94f7e571c13d16ebdb9c335a415f8e4cfd90c9e81bc5ec3683bb

HTTP Headers

GET /css/main.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/css
content-length: 2920
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "2fb4-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/css/all.min.css

23.22.56.3

200 OK

12 kB

URL GET HTTP/2
getxitox.com/css/all.min.css
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54998), with no line terminators
Size
12 kB (11944 bytes)
Hash
edd84d47691f748dbd6414c9c0234d78
107a773061dee58f1ebec5738f49b8ba2c230bbb
c5c6e9f9c3344800ce30b5186cecaa2502c43338e3083072a9fe25893dc11cef

HTTP Headers

GET /css/all.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/css
content-length: 11944
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "d6d6-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d29858124b9e92fbb50df32d4ed81108
e05f25e7ad8cd2ab8dbf967fa6e5721d8193af97
c2a3ffc8b6994a69332d1e7d5e1a62d494a9ad37fe4a2af6257d369706782824

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 21:14:11 GMT
Last-Modified: Wed, 08 May 2024 20:43:37 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P4DwcBRQWExI5S71Z-jj6IvSX76_rsOz_B7kk5vo0k1jzdCNKAIMEw==
Age: 1834

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d29858124b9e92fbb50df32d4ed81108
e05f25e7ad8cd2ab8dbf967fa6e5721d8193af97
c2a3ffc8b6994a69332d1e7d5e1a62d494a9ad37fe4a2af6257d369706782824

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 21:14:11 GMT
Last-Modified: Wed, 08 May 2024 20:43:37 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kz7tIOvFb_b8q_fqR-GwqDG1x7hoFhEndhgksmUsotK4KjaXYdUFHQ==
Age: 1834

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d29858124b9e92fbb50df32d4ed81108
e05f25e7ad8cd2ab8dbf967fa6e5721d8193af97
c2a3ffc8b6994a69332d1e7d5e1a62d494a9ad37fe4a2af6257d369706782824

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 21:14:11 GMT
Last-Modified: Wed, 08 May 2024 20:43:38 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TGapgLxQM9-CeiBTMP7DfxvBvvRvDxrhP5tZx1HWOy6u-kLGkZ9dpA==
Age: 1833

getxitox.com/css/skeleton.min.css

23.22.56.3

200 OK

23 kB

URL GET HTTP/2
getxitox.com/css/skeleton.min.css
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65324)
Size
23 kB (23238 bytes)
Hash
a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

HTTP Headers

GET /css/skeleton.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/css
content-length: 23238
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "2606e-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/css/redscarcitybar2.css

23.22.56.3

200 OK

901 B

URL GET HTTP/2
getxitox.com/css/redscarcitybar2.css
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
assembler source, ASCII text
Size
901 B (901 bytes)
Hash
61bf4c685b40b856be942d3bb821e648
c2677116b2a29935e903bb916f1f43b091ccb24e
6c54cb4464bf269625714bf7c58f4799e6ba8528d7d7de58be62a3881a1e866f

HTTP Headers

GET /css/redscarcitybar2.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: text/css
content-length: 901
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "e1a-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/js/slidereveal.js

23.22.56.3

200 OK

1.6 kB

URL GET HTTP/2
getxitox.com/js/slidereveal.js
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
1.6 kB (1550 bytes)
Hash
31f5a3f634189d0d865a11c9e11d0d79
c00f665e9d15a33455d947b2fa75b731cbd54753
79cddd678b3f3282adb888ed5685ea33f61c3d7dfd562025aa1231fe40ba1140

HTTP Headers

GET /js/slidereveal.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: application/javascript
content-length: 1550
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "159f-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/js/skeleton.bundle.min.js

23.22.56.3

200 OK

22 kB

URL GET HTTP/2
getxitox.com/js/skeleton.bundle.min.js
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65297)
Size
22 kB (22295 bytes)
Hash
a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

HTTP Headers

GET /js/skeleton.bundle.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: application/javascript
content-length: 22295
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "1332b-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/js/jquery.min.js

23.22.56.3

200 OK

31 kB

URL GET HTTP/2
getxitox.com/js/jquery.min.js
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30675 bytes)
Hash
f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:11 GMT
content-type: application/javascript
content-length: 30675
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "15850-61783c1922900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-169212633-21

142.250.74.72

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-169212633-21
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
75 kB (74742 bytes)
Hash
8101e30fb56685250f86e37cb6ca9c53
4cc7a460056e85e49c773498593ef04edac241b8
37c3b25858b34f705001a59eb910bd58b7ee05ed76fe062d781bd98b5d9aa372

HTTP Headers

GET /gtag/js?id=UA-169212633-21 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 21:14:11 GMT
expires: Wed, 08 May 2024 21:14:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d29858124b9e92fbb50df32d4ed81108
e05f25e7ad8cd2ab8dbf967fa6e5721d8193af97
c2a3ffc8b6994a69332d1e7d5e1a62d494a9ad37fe4a2af6257d369706782824

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 21:14:11 GMT
Last-Modified: Wed, 08 May 2024 20:36:38 GMT
Server: ECAcc (amb/6B0A)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NxfF37FqPSbHDuSmqVKaInyEsc3n8F4M4CMu2sSrXhhG9ZKsI9Gp6A==
Age: 2253

cdn.truegcloud.com/nutonen/footer-logo.png

54.230.111.43

200 OK

18 kB

URL GET HTTP/2
cdn.truegcloud.com/nutonen/footer-logo.png
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 422 x 248, 8-bit/color RGBA, non-interlaced
Size
18 kB (18384 bytes)
Hash
86596e58694fe751bc0e74ef3a60986a
9c313a53061f7ed13900b1dc8d1c5bdf60236834
ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef

HTTP Headers

GET /nutonen/footer-logo.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 18384
last-modified: Tue, 07 May 2019 07:37:36 GMT
x-amz-meta-sha256: ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef
x-amz-meta-s3b-last-modified: 20190411T081706Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 06:52:40 GMT
etag: "86596e58694fe751bc0e74ef3a60986a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3S8CWDfLesGJcki9LBeaZdCPN6RazM_MJbfkz3cXMunyErVDr0TnbQ==
age: 51693
X-Firefox-Spdy: h2

cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png

54.230.111.43

200 OK

19 kB

URL GET HTTP/2
cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 216 x 133, 8-bit/color RGBA, non-interlaced
Size
19 kB (18574 bytes)
Hash
af6ffdf43cacfbdebbbed0a4a27c804e
0424ceeb566c683b7f4616f5f96484962e2ee3af
4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f

HTTP Headers

GET /simplepromise/SP-Logo-Hanging.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 18574
last-modified: Mon, 13 Apr 2020 03:02:47 GMT
x-amz-meta-sha256: 4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f
x-amz-meta-s3b-last-modified: 20200413T030146Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 03:39:23 GMT
etag: "af6ffdf43cacfbdebbbed0a4a27c804e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nmuJ0ia-X80l9eTAoQdmtB92IFgmDlEVIkPitbF-KbUy8hOgcc89Iw==
age: 63290
X-Firefox-Spdy: h2

cdn.truegcloud.com/nutonen/icon-location1.svg

54.230.111.43

200 OK

913 B

URL GET HTTP/2
cdn.truegcloud.com/nutonen/icon-location1.svg
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
913 B (913 bytes)
Hash
d3439fa1b0a4ae681311fec979521f2b
11ddfe16802c9d418318933e47478bc4766a297f
f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503

HTTP Headers

GET /nutonen/icon-location1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 913
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503
x-amz-meta-s3b-last-modified: 20190411T064308Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 05:08:28 GMT
etag: "d3439fa1b0a4ae681311fec979521f2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rVdITAyRFwBVakU46BqWldxmvlKO7QkNI4_hjOF3O_yvbNL1amlveQ==
age: 57945
X-Firefox-Spdy: h2

cdn.truegcloud.com/nutonen/icon-mail1.svg

54.230.111.43

200 OK

878 B

URL GET HTTP/2
cdn.truegcloud.com/nutonen/icon-mail1.svg
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
878 B (878 bytes)
Hash
f89f1e4f86398ef896edd781d500d16f
0894b8e3cfb486cfc9269842e3a5e77f033d618d
4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3

HTTP Headers

GET /nutonen/icon-mail1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 878
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: 4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3
x-amz-meta-s3b-last-modified: 20190411T064330Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 03:46:21 GMT
etag: "f89f1e4f86398ef896edd781d500d16f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ark2UT22yxzT0L6UfX7Hz77QuX7nALNWgBIY-uKGZrRavze9ujzBRg==
age: 62871
X-Firefox-Spdy: h2

cdn.truegcloud.com/citroburn/images/MBG-Desktop.png

54.230.111.43

200 OK

57 kB

URL GET HTTP/2
cdn.truegcloud.com/citroburn/images/MBG-Desktop.png
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 750 x 150, 8-bit/color RGB, non-interlaced
Size
57 kB (57158 bytes)
Hash
c05b836a7658a41daf2dc51be5737be0
a6af6ccb982624a38f1f86c60934c7e4428dabf4
fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5

HTTP Headers

GET /citroburn/images/MBG-Desktop.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 57158
date: Wed, 08 May 2024 05:10:11 GMT
last-modified: Thu, 20 Aug 2020 10:52:29 GMT
etag: "c05b836a7658a41daf2dc51be5737be0"
x-amz-meta-sha256: fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5
x-amz-meta-s3b-last-modified: 20200820T105220Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B-v_8fNZfHlnL12uBRiJNj6PNyIrXqChGKoDIlhIZYDAQDyMrhWrTA==
age: 57842
X-Firefox-Spdy: h2

cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp

54.230.111.43

200 OK

22 kB

URL GET HTTP/2
cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (22242 bytes)
Hash
0b9b41de247a630e02f2e70b9ad4e6be
033d5726086977b3eab3423bf8f0879f9ef65c27
3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee

HTTP Headers

GET /epishieldplus/optimized-images/newseal.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22242
last-modified: Mon, 29 Jun 2020 07:01:49 GMT
x-amz-meta-sha256: 3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee
x-amz-meta-s3b-last-modified: 20200629T070116Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 06:29:16 GMT
etag: "0b9b41de247a630e02f2e70b9ad4e6be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3qgRx8Wt7gnmSopLtK7Fdli4gTqk59Gyom302P53oC8P3RfUqjwpsg==
age: 53097
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp

54.230.111.43

200 OK

63 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
63 kB (63072 bytes)
Hash
29c062cc5de9d03762bf531f09c243ad
34f557539b1226e9ee6d8635d9b0c3b7ffd7da02
35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3

HTTP Headers

GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 63072
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 20:03:49 GMT
etag: "29c062cc5de9d03762bf531f09c243ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qEATA-loXQslrd3afjeh48JvyWxmw8M-R_cNI3Ez-jLBcF_4u7-bbw==
age: 4224
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp

54.230.111.43

200 OK

69 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
69 kB (68632 bytes)
Hash
09455703253cc258426078c211587e22
7c0b8afb0b3906a00c241a042794900eb65f22dd
8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f

HTTP Headers

GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 68632
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f
x-amz-meta-s3b-last-modified: 20230406T073709Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 20:03:46 GMT
etag: "09455703253cc258426078c211587e22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T5_MlDRLgkLq1czZ1ovuK6ydoAdy7coQmotngsvOfMSdkPGDlDriSw==
age: 4227
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp

54.230.111.43

200 OK

14 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (13484 bytes)
Hash
a95ee5c046085a1dc469198e6531a013
3ec4c8806bd2c987f9b9199394f2e2e8185af8a7
c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9

HTTP Headers

GET /xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 13484
last-modified: Fri, 11 Aug 2023 09:35:58 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9
x-amz-meta-s3b-last-modified: 20230811T093449Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 20:03:49 GMT
etag: "a95ee5c046085a1dc469198e6531a013"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -XBqfFRgiuJsFg-cFKsqMisoz-F-Lp4LputTnFUg1LG0ag162TP99w==
age: 4224
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/images/bottle_mention.webp

54.230.111.43

200 OK

76 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/images/bottle_mention.webp
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
76 kB (75832 bytes)
Hash
01a497cf3255f7721149cff77097b1f4
0ad9dc18e4e841527c2c6a2c094d0a9b84073d3f
1e939493061d3e2fe602b8aa184a1c74756a59808656a50b1ac3ebb05c0498ef

HTTP Headers

GET /xitox/images/bottle_mention.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 75832
last-modified: Thu, 13 Apr 2023 08:58:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 11:57:00 GMT
etag: "01a497cf3255f7721149cff77097b1f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wGzK8-Vh9uUgvgfPGponJ6rOEhFuu_uNSXm6i-VS2_lwrMaBG66xeg==
age: 33433
X-Firefox-Spdy: h2

main.tgoptimize.com/load.js?r=0.7712454490212516&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629

18.235.150.85

200 OK

1.4 kB

URL GET HTTP/2
main.tgoptimize.com/load.js?r=0.7712454490212516&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629
IP
18.235.150.85:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectmain.tgoptimize.com
Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.4 kB (1430 bytes)
Hash
b188fb0f8480736653e820ce69b99702
71bd144ac40bc02ebfed6039546ff8201646ab66
98ff3c4e5b85ae5f067287d3c449c975af8b88e59b69f7b41f1b98049d9d5563

HTTP Headers

GET /load.js?r=0.7712454490212516&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:12 GMT
content-type: text/html; charset=UTF-8
content-length: 1430
server: Apache
set-cookie: tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1; expires=Thu, 05-May-2039 21:14:12 GMT; Max-Age=473040000; path=/
X-Firefox-Spdy: h2

main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1&r=0.5877148816024094&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629

18.235.150.85

200 OK

35 B

URL GET HTTP/2
main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1&r=0.5877148816024094&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629
IP
18.235.150.85:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectmain.tgoptimize.com
Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
GIF image data, version 87a, 1 x 1
Size
35 B (35 bytes)
Hash
729c3007a8ed0597531b0c76d54a94bb
90fe9b8a8142548fdfab29f59cb0a164a0eaef81
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

HTTP Headers

GET /my.gif?verifier=&tgopt_12129=1&tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1&r=0.5877148816024094&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:12 GMT
content-type: image/gif
content-length: 35
server: Apache
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC

142.250.74.72

200 OK

107 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (53481)
Size
107 kB (107222 bytes)
Hash
7f5823b97393a56f0b27f28183e524b5
d02c67d99acee0072f1f3fda04d3030f3c39a06c
5a024f837d1b625e2409cac25af13196f422bec4bce8f6c50339b63970a6e440

HTTP Headers

GET /gtm.js?id=GTM-KMZ74FC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 21:14:12 GMT
expires: Wed, 08 May 2024 21:14:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 107222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 585370
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.truegcloud.com/nutonen/icon-phone1.svg

54.230.111.43

200 OK

1.5 kB

URL GET HTTP/2
cdn.truegcloud.com/nutonen/icon-phone1.svg
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
1.5 kB (1484 bytes)
Hash
e376eecb3f810bf4f5176f1a98fe501c
2cb7f7f3f7c8eac8220a9711561d771000898f61
ebf1358b4aa51e2fa9d652780e885f5733b7b0351787cbfb56b7b9781606f36a

HTTP Headers

GET /nutonen/icon-phone1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 08 May 2024 05:10:11 GMT
last-modified: Tue, 07 May 2019 07:49:38 GMT
etag: W/"3aa1961a3af018163eb0f8e09fea1239"
x-amz-meta-sha256: 6776eab96b7b8ff2ddaf5c5d06c92b468c648d1d20f3712ff3aef3c0373df9a8
x-amz-meta-s3b-last-modified: 20190411T064318Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J-8GDzubCB_xYWnz3MieXXI8fZ8tRtIubssVZpZQtoF6pXaMCxWOeA==
age: 57842
X-Firefox-Spdy: h2

getxitox.com/webfonts/fa-solid-900.woff2

23.22.56.3

200 OK

74 kB

URL GET HTTP/2
getxitox.com/webfonts/fa-solid-900.woff2
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 73852, version 1.0
Size
74 kB (73852 bytes)
Hash
fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

HTTP Headers

GET /webfonts/fa-solid-900.woff2 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/css/all.min.css
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265; tgopt_12129=1; tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:12 GMT
content-length: 73852
server: nginx/1.22.1
last-modified: Fri, 03 May 2024 02:48:36 GMT
etag: "1207c-61783c1922900"
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-scripts.signifyd.com/api/script-tag.js

143.204.55.70

200 OK

27 kB

URL GET HTTP/2
cdn-scripts.signifyd.com/api/script-tag.js
IP
143.204.55.70:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn-scripts.signifyd.com
Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED
ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
27 kB (26791 bytes)
Hash
c58febf8b98f3d24f9dea403fcda1f03
6391bb167c436b2a3a9498a270e1aa0d7cf7e57d
e4e71a22eee9d6d23afd960e16cc2ef99c3ea9ac65e17fad2ebcd5eda4a763c6

HTTP Headers

GET /api/script-tag.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:51:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 08 May 2024 20:51:43 GMT
cache-control: max-age=1800
etag: W/"73ca6f23f3e08738233832c7a7a0c30c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LAkzeO-0o_7WaItsBU7F8L44wqmj-6bq092vkB6fV3nXzDvC9Q8inw==
age: 1349
X-Firefox-Spdy: h2

cdn.truegcloud.com/scripts/jquery.1.9.1.min.js

54.230.111.43

200 OK

221 kB

URL GET HTTP/2
cdn.truegcloud.com/scripts/jquery.1.9.1.min.js
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
221 kB (220635 bytes)
Hash
02522fd5627f41bc1132e91c7d0f41ce
51a54014c51d0ba204de9941edbbd1b73673e4ed
eb56e1c1fa49b65962f9deb2bd3efb1eb29a19d3da798c858da5e131fbf9e67f

HTTP Headers

GET /scripts/jquery.1.9.1.min.js HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 08 May 2024 05:13:56 GMT
last-modified: Sun, 26 Jan 2020 18:15:34 GMT
etag: W/"397754ba49e9e0cf4e7c190da78dda05"
cache-control: max-age=86400
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 14bZ84CnMOftkYV9uCPaC8TUFW7LUbAR7fygQ6zQQBtO0ndXbd9fYg==
age: 57617
X-Firefox-Spdy: h2

cdn.truegcloud.com/epishieldplus/newseal.png

54.230.111.43

200 OK

29 kB

URL GET HTTP/2
cdn.truegcloud.com/epishieldplus/newseal.png
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 318 x 311, 8-bit colormap, non-interlaced
Size
29 kB (28820 bytes)
Hash
e279243ea699343e8c39ed7b821e8430
6e91efc8e714a73b63a0f91022987ae06d620f44
f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b

HTTP Headers

GET /epishieldplus/newseal.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 28820
last-modified: Mon, 29 Jun 2020 07:24:56 GMT
x-amz-meta-sha256: f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b
x-amz-meta-s3b-last-modified: 20200629T072358Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 08:24:37 GMT
etag: "e279243ea699343e8c39ed7b821e8430"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fLokeuS8h-_z44XTeCCdft0zEZ7LfHc-LAoIq1GUD0EUySDFmWhLjg==
age: 46176
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:55:21 GMT
expires: Sat, 03 May 2025 01:55:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 501531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 585370
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

216.58.207.227

200 OK

34 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34288, version 1.0
Size
34 kB (34288 bytes)
Hash
71221d6bf4204042b1bbc3902d08a81b
92a10d7982d33e1e216ee8e1aec79c3ae8bcb8b6
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

HTTP Headers

GET /s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:10:20 GMT
expires: Fri, 02 May 2025 02:10:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
age: 587032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-scripts.signifyd.com/api/company_toolkit.js

143.204.55.70

200 OK

29 kB

URL GET HTTP/2
cdn-scripts.signifyd.com/api/company_toolkit.js
IP
143.204.55.70:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn-scripts.signifyd.com
Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED
ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
29 kB (29364 bytes)
Hash
d4023a5c407812574dee742d18be81a0
f52d93e8ecad780f5b4bb107158005b6f02a321e
430e88614f1db37fbf1bb69eaad7afd81953750ba0a71c0a3d77db42094dcc7d

HTTP Headers

GET /api/company_toolkit.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 30 May 2023 10:18:44 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 08 May 2024 20:59:39 GMT
cache-control: max-age=1800
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ixgJWFDyCCAdh5TUh4NkDDtdt1yUrZ_q_d74Pm7xBC8AtvUavWYI4w==
age: 876
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp

54.230.111.43

200 OK

54 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
54 kB (53456 bytes)
Hash
022d788f32d49ab893e886a0b76cd2fc
4a8afaf743570c7cf07102b4d802ae5b35907e1d
4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93

HTTP Headers

GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 53456
date: Wed, 08 May 2024 21:14:13 GMT
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
etag: "022d788f32d49ab893e886a0b76cd2fc"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TkBaMXdzPlARttFVDFNSnpfEBmXwyGfHcBTG215g-57pHWJvRbwU_A==
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js

151.101.1.91

200 OK

7.8 kB

URL GET HTTP/2
fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21453), with no line terminators
Size
7.8 kB (7790 bytes)
Hash
58dd1a4eca6cd3e55b7ccf65804454f7
47b1426cb825ea719cf5dc383aa7bcdb0ec300cc
a820bbfcbf9bb777fbafa11bb1fe416edb8c66a036785ae39dff48f0bc59daef

HTTP Headers

GET /embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 34
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=900, s-maxage=1800
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 May 2024 21:14:13 GMT
age: 506
x-served-by: cache-dfw-kdal2120070-DFW, cache-hel1410029-HEL
x-cache: HIT, MISS
x-cache-hits: 39, 0
x-timer: S1715202853.999937,VS0,VE133
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7790
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c

142.250.74.72

200 OK

88 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
88 kB (87899 bytes)
Hash
0aa77ca5dabf47a7b5bf214ecbf01979
ef6803ebaddda0bb30219c080b5490f86fb39477
bcafd95636462ffc532e2a22ce5c0a4089ff6c7ca0dc5198dbeb2a49968a8c36

HTTP Headers

GET /gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 21:14:13 GMT
expires: Wed, 08 May 2024 21:14:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

imgs.signifyd.com/wsody8j9rt00pmvs.js?43ne8gvs1si8j1ni=w2txo5aa&r81muykienvk6574=3217298699480405103

91.235.133.113

200 OK

13 kB

URL GET HTTP/1.1
imgs.signifyd.com/wsody8j9rt00pmvs.js?43ne8gvs1si8j1ni=w2txo5aa&r81muykienvk6574=3217298699480405103
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (15389)
Size
13 kB (12843 bytes)
Hash
9f435d901511206559c0b375b6ff9b13
d97eccf0601b32a386c2d2413654c8d5f57933da
515d8ede4188ef5099d33c2e8564e872be965d2ec31cff624f1e5ea5ae205df4

HTTP Headers

GET /wsody8j9rt00pmvs.js?43ne8gvs1si8j1ni=w2txo5aa&r81muykienvk6574=3217298699480405103 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:13 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Set-Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js

151.101.1.91

200 OK

253 kB

URL GET HTTP/2
fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
253 kB (252774 bytes)
Hash
21ea705829c05759544342ba2f4ac461
2fa8e86431a1468bf7bbceb53b8662101bc70da8
b1ccbf581da817ca36d109e168b2cec2a34e7884c8e20c6722c6bff41da53b60

HTTP Headers

GET /players/v.4.2.1.000-vid-prod/player.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPo5Lg48CpwLdCNW2rFusARl9mmOn5dmITcmLSHJfHJQ3WKJzSL4ADAT93v8t8VUudGNWUlrOwG3SA
cache-control: public, max-age=86400, s-maxage=2592000
expires: Sun, 03 Mar 2024 11:03:19 GMT
last-modified: Fri, 02 Feb 2024 10:27:41 GMT
etag: "4fe59d178779b42a5f9c26452a22bdc2"
x-goog-generation: 1706869661807310
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 252774
x-goog-meta-surrogate-key: player-versioned
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=X1iFKw==, md5=T+WdF4d5tCpfnCZFKiK9wg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1926766
date: Wed, 08 May 2024 21:14:13 GMT
x-served-by: cache-dfw-kdfw8210138-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 377936, 0
x-timer: S1715202853.286634,VS0,VE1
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 252774
X-Firefox-Spdy: h2

d10lpsik1i8c69.cloudfront.net/w.js

54.230.241.113

200 OK

2.8 kB

URL GET HTTP/2
d10lpsik1i8c69.cloudfront.net/w.js
IP
54.230.241.113:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
2.8 kB (2827 bytes)
Hash
cbe3202152142e161990b7919d380132
115f5442b6c41bb655e906d5daa7cb8a4bb11cb8
83553c81d3974130334035b21e11d3129e05f0392c0ecb5928e09a4b4fd05a0c

HTTP Headers

GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 08 May 2024 20:23:39 GMT
cache-control: max-age=3600
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3MRX-qtI_2lFE54NRJaIPvYQzml5_GyiRdQedSbkOmaILg13-hxx-A==
age: 3035
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=187997704.1715202853&gtm=45je4510v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=59471148

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=187997704.1715202853&gtm=45je4510v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=59471148
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=187997704.1715202853&gtm=45je4510v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=59471148 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 21:14:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

getxitox.com/favicon.ico

23.22.56.3

404 Not Found

1.4 kB

URL GET HTTP/2
getxitox.com/favicon.ico
IP
23.22.56.3:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
1.4 kB (1376 bytes)
Hash
bec01589b1df75785f8cbc2670a02c86
4ccf383762cdf288ec429920e670b8a2af2c7935
5a8c911d28f97af7852744151db510b540f2dbdd09fed139d6740c4f716f720a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Cookie: signifyd_token=3217298699480405103; hasoffers_affiliate_id=2629; hasoffers_transaction=10202b5323eb42a3a3e64e881072d9; aff_sub1=178; aff_sub5=8712_sessid20240508211629265; tgopt_12129=1; tgopt_id=Rxq7x45RKEzuDA3Ga8vfBsLsAuSHf3E1; enterDate=Wed May 08 2024 21:14:12 GMT+0000 (GMT); _ga_SNNMPY2Z6B=GS1.1.1715202853.1.1.1715202853.60.0.0; _ga=GA1.1.187997704.1715202853
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 08 May 2024 21:14:13 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.22.1
content-encoding: gzip
X-Firefox-Spdy: h2

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8

151.101.1.91

200 OK

60 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
60 kB (59930 bytes)
Hash
bb832cf8865dc7037ea21352c755da04
46c3b18627b8a603947e0bda666c82c769c2c522
ef601bbf5efb4e47db18c4b7858513cd182d221b44098beab6e3d84d3b053ba0

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 59930
x-guploader-uploadid: ABPtcPqLEnakTffi6lBwaoRqvU3vv7zb92rK9OIsV_i4E14p4YAn1OL8ymoeBZf5anHVhXTnOneuQqTrfQ
cache-control: public, max-age=31104000
expires: Thu, 03 Apr 2025 13:01:22 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "bb832cf8865dc7037ea21352c755da04"
x-goog-generation: 1693324458401827
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 59930
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=5Rge5g==, md5=u4Ms+IZdxwN+ohNSx1XaBA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2621572
date: Wed, 08 May 2024 21:14:13 GMT
x-served-by: cache-dfw-kdal2120023-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 500, 0
x-timer: S1715202854.829901,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8

151.101.1.91

200 OK

46 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
46 kB (46406 bytes)
Hash
dc6e5df96aa662744cfe6bbdb276d17d
dc4994afb2fe9a920b5c6f328b0fc93b31342aae
6a384320df21e240d2b0c9d0adf9993fbc72c69ecafce6c6e8bd85099f2fa430

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 46406
x-guploader-uploadid: ADPycdvl9tUYJsOSc0CQuPe0acpD2ES6XmvIfTXgyWdDIcU9_y9N7rZIjW6jNRDYyZOuGHI624-8V_-Tj7s2zhkvPpy-JluPtmsw
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "dc6e5df96aa662744cfe6bbdb276d17d"
x-goog-generation: 1693324458399105
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 46406
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Rc2Iow==, md5=3G5d+WqmYnRM/mu9snbRfQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1238495
date: Wed, 08 May 2024 21:14:13 GMT
x-served-by: cache-dfw-kdfw8210043-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 1206, 0
x-timer: S1715202854.830487,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts

151.101.1.91

200 OK

35 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
35 kB (34968 bytes)
Hash
5c5618a29d45a23b88d2203da2c52649
8ae3529c5b0a94f1fb7621f7e7034dc2c45d610b
43bfb43eb0a7f2b3faaae84c7d460e74277955f9fcdc496b134bb28621df5179

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 34968
x-guploader-uploadid: ABPtcPrVJV-F4L5jmSAtnNyhFr3qd44tEYX7SuZlgeRfyAqmYm1gPjjfwBskHiWo_kjjb30knzTDcEsqYDQT4YlVDguWaoDp10yo
cache-control: public, max-age=31104000
expires: Fri, 15 Nov 2024 12:05:27 GMT
last-modified: Tue, 29 Aug 2023 15:52:06 GMT
etag: "5c5618a29d45a23b88d2203da2c52649"
x-goog-generation: 1693324326196317
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 34968
content-type: video/mp2t
x-goog-hash: crc32c=6HX6Lw==, md5=XFYYop1FojuI0iA9osUmSQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 08 May 2024 21:14:13 GMT
age: 1322329
x-served-by: cache-dfw-kdfw8210163-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 1530, 1
x-timer: S1715202854.947222,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

77 B

URL POST HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bitmovin.com
FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C
ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT

File type
JSON text data
Size
77 B (77 bytes)
Hash
40f9443d5dc02e385b00b24c1f570269
c0e65fe8f73334d638173b9e33eff4f36d913104
ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 99
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: v1.62.1
date: Wed, 08 May 2024 21:14:13 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825za200&_p=1715202852640&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715202853&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5725

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825za200&_p=1715202852640&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715202853&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5725
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825za200&_p=1715202852640&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715202853&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5725 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 08 May 2024 21:14:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts

151.101.1.91

200 OK

160 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
160 kB (160176 bytes)
Hash
7fdcbc5ecf72c2dba9eccdac95c0cc60
c967d3220f65717f925b41f2fcc9f28ceac5337f
4104a53abb2627f21691f7dbbd6d787f5aee7c0326651e7103878343e679f185

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 160176
x-guploader-uploadid: ABPtcPpGUBBW_yJIVGa5Wmiz8vAhMkvji1ZzPIHkypzCKV1njR5w8iasUiU1O20_PvfVW9cn9jk
cache-control: public, max-age=31104000
expires: Thu, 16 Jan 2025 17:39:17 GMT
last-modified: Tue, 29 Aug 2023 15:50:41 GMT
etag: "7fdcbc5ecf72c2dba9eccdac95c0cc60"
x-goog-generation: 1693324241421854
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 160176
content-type: video/mp2t
x-goog-hash: crc32c=EYz/Ow==, md5=f9y8Xs9ywtup7M2slcDMYA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 43307
date: Wed, 08 May 2024 21:14:14 GMT
x-served-by: cache-dfw-kdfw8210085-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 15, 0
x-timer: S1715202854.933112,VS0,VE143
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

imgs.signifyd.com/A3SWFFq7cnWaKkHY?beaf29a2589913c8=7Y62mlvOzUZbmgCNynK8utUmF5gwIT2RD2tQxLBAz0ZnkcYQwu-_wNi0mL46r7ppZcURhFTCquwbNkfuoYKuNNcDka1HZsOdrN3mYnUidkpLnfJErwunwHfZexwBD27gbscbckwQ7GupGQbM

91.235.133.113

200 OK

81 B

URL GET HTTP/1.1
imgs.signifyd.com/A3SWFFq7cnWaKkHY?beaf29a2589913c8=7Y62mlvOzUZbmgCNynK8utUmF5gwIT2RD2tQxLBAz0ZnkcYQwu-_wNi0mL46r7ppZcURhFTCquwbNkfuoYKuNNcDka1HZsOdrN3mYnUidkpLnfJErwunwHfZexwBD27gbscbckwQ7GupGQbM
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced
Size
81 B (81 bytes)
Hash
1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

HTTP Headers

GET /A3SWFFq7cnWaKkHY?beaf29a2589913c8=7Y62mlvOzUZbmgCNynK8utUmF5gwIT2RD2tQxLBAz0ZnkcYQwu-_wNi0mL46r7ppZcURhFTCquwbNkfuoYKuNNcDka1HZsOdrN3mYnUidkpLnfJErwunwHfZexwBD27gbscbckwQ7GupGQbM HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8

151.101.1.91

200 OK

61 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
61 kB (61057 bytes)
Hash
91ab9584d43ed322ce297c4beada2e1d
ff66133b04457395acd80b0155761abb8811bbdd
317587a6fa28c2060c4c73cd5047b0101bd0caa39743f5b065d663f30f4a3f5e

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 61057
x-guploader-uploadid: ABPtcPrjMF5MHXWFw-6j0Ww5QojTVgKJ6OTeVhejt0ts3miaUO1qD9_dYyhgapQty-RR_JNmDg
cache-control: public, max-age=31104000
expires: Mon, 24 Feb 2025 08:00:11 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "91ab9584d43ed322ce297c4beada2e1d"
x-goog-generation: 1693324458420188
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 61057
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Yhv9Qg==, md5=kauVhNQ+0yLOKXxL6touHQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2713875
date: Wed, 08 May 2024 21:14:14 GMT
x-served-by: cache-dfw-kdfw8210161-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 2285, 0
x-timer: S1715202854.224116,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

imgs.signifyd.com/JF6e8DC_8o5b_2cO?d69beb3613cd06cf=3fxqhy_hn8uq9IG8I977h2RCpt07dSIx-U8qAj3xHKmM12uLmcGv3NyFF-8bLIRFdm72Nwvy9uMtPD-VrjbE5JCuaSrLlLiAjf1aAygNp2K6X9KFcMTsuR_QNpvViem8YUkkwRjzrQlM0ctEfBkcMRt9zv1RgNaT979Bf5Apuowh_DuER8M3dINYOA&jb=313a2624687b6777354469667578266a736f3f4e6b6e777a2e62716a3546617265666f782530323b36

91.235.133.113

200 OK

46 kB

URL GET HTTP/1.1
imgs.signifyd.com/JF6e8DC_8o5b_2cO?d69beb3613cd06cf=3fxqhy_hn8uq9IG8I977h2RCpt07dSIx-U8qAj3xHKmM12uLmcGv3NyFF-8bLIRFdm72Nwvy9uMtPD-VrjbE5JCuaSrLlLiAjf1aAygNp2K6X9KFcMTsuR_QNpvViem8YUkkwRjzrQlM0ctEfBkcMRt9zv1RgNaT979Bf5Apuowh_DuER8M3dINYOA&jb=313a2624687b6777354469667578266a736f3f4e6b6e777a2e62716a3546617265666f782530323b36
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (15506)
Size
46 kB (46139 bytes)
Hash
6e11138e4be1a164ec9574a4b1011fcb
bcbe5ed97c4bff3a9f939c843f6828281a6011c0
64af4235e691d3eac6345d4fdc332aecc855fdb57c006548e2098e048c097892

HTTP Headers

GET /JF6e8DC_8o5b_2cO?d69beb3613cd06cf=3fxqhy_hn8uq9IG8I977h2RCpt07dSIx-U8qAj3xHKmM12uLmcGv3NyFF-8bLIRFdm72Nwvy9uMtPD-VrjbE5JCuaSrLlLiAjf1aAygNp2K6X9KFcMTsuR_QNpvViem8YUkkwRjzrQlM0ctEfBkcMRt9zv1RgNaT979Bf5Apuowh_DuER8M3dINYOA&jb=313a2624687b6777354469667578266a736f3f4e6b6e777a2e62716a3546617265666f782530323b36 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 5aa4812d252346af
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

stats.vidalytics.com/awesome-log?cid=hLKq71Yz

107.178.211.97

200 OK

43 B

URL GET HTTP/2
stats.vidalytics.com/awesome-log?cid=hLKq71Yz
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=hLKq71Yz HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "hLKq71Yz/wgiDDcmsCgGJTH0l"
date: Wed, 08 May 2024 21:14:14 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
X-Firefox-Spdy: h2

imgs.signifyd.com/qtjqGBWEnY9Qexnz?3407b3b17a04fa17=vABwXctrn0D89F7kK3ap_WqEBMDezux3elcrKg94ZmR6JDw8vuOAhQGaQdDxgsDYh65ig3cGViAVkEJJ7np0ec7EKT9igwFixV6RedfRTTlRLLd4nY6kcgJ1GT4sM-Tm5xhdPNKONSpDh6NZ

91.235.133.113

200 OK

81 B

URL GET HTTP/1.1
imgs.signifyd.com/qtjqGBWEnY9Qexnz?3407b3b17a04fa17=vABwXctrn0D89F7kK3ap_WqEBMDezux3elcrKg94ZmR6JDw8vuOAhQGaQdDxgsDYh65ig3cGViAVkEJJ7np0ec7EKT9igwFixV6RedfRTTlRLLd4nY6kcgJ1GT4sM-Tm5xhdPNKONSpDh6NZ
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced
Size
81 B (81 bytes)
Hash
1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

HTTP Headers

GET /qtjqGBWEnY9Qexnz?3407b3b17a04fa17=vABwXctrn0D89F7kK3ap_WqEBMDezux3elcrKg94ZmR6JDw8vuOAhQGaQdDxgsDYh65ig3cGViAVkEJJ7np0ec7EKT9igwFixV6RedfRTTlRLLd4nY6kcgJ1GT4sM-Tm5xhdPNKONSpDh6NZ HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts

151.101.1.91

200 OK

1.7 MB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
1.7 MB (1703844 bytes)
Hash
bbc8b235acb49c32a227d2806b9a77bb
9d6edbe67629cbf19cf1c8646b83a803042dd016
c08fab17a1b7ccd9f2d3d6c259cd1ae680d51d38e45019f66b055e6369f29d62

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1703844
x-guploader-uploadid: ABPtcPqHuuF86veLmGM5qKVRAz-5VinWtJKlM4sncw7HWcVkURSQpWTCl8S9uRrF-lhCF5R3lGI
cache-control: public, max-age=31104000
expires: Tue, 08 Apr 2025 05:19:31 GMT
last-modified: Tue, 29 Aug 2023 15:51:36 GMT
etag: "bbc8b235acb49c32a227d2806b9a77bb"
x-goog-generation: 1693324296670685
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1703844
content-type: video/mp2t
x-goog-hash: crc32c=87ippA==, md5=u8iyNay0nDKiJ9KAa5p3uw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 08 May 2024 21:14:14 GMT
age: 707721
x-served-by: cache-dfw-kdfw8210164-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 370, 1
x-timer: S1715202854.272084,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts

151.101.1.91

200 OK

56 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
56 kB (55460 bytes)
Hash
611179996a3c9bd41d228fba2460da0d
18c519295bfebe1f89c1c8c96dbf32dc6ff76058
2dec35022f925d2935a394d57da2ca699bc8a9f107a8c56cb40f412516e6835c

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 55460
x-guploader-uploadid: ADPycdtNu_u_yccZNO8LDr9JPtGDbovWO_1j7D5nUi_sR3mnnGPUkLuR7phm0IrpVl6OcdQmrtWhyi0q1IVT97pAhorIihVvadJ5
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "611179996a3c9bd41d228fba2460da0d"
x-goog-generation: 1693324327555621
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55460
content-type: video/mp2t
x-goog-hash: crc32c=Asyviw==, md5=YRF5mWo8m9QdIo+6JGDaDQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 633973
date: Wed, 08 May 2024 21:14:14 GMT
x-served-by: cache-dfw-kdfw8210040-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 506, 0
x-timer: S1715202854.226059,VS0,VE143
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu

91.235.133.113

200 OK

13 kB

URL GET HTTP/1.1
imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
HTML document, ASCII text, with very long lines (15506)
Size
13 kB (13433 bytes)
Hash
e4d267a85c56fcea9b4763e76984a9c1
e4a39ee360a226d9cb127600af07b19103d7ee84
9217944078598e95e4f3cb1c63ebd6e1fdf4f423bdd1e41ac4f949f3ef3a932d

HTTP Headers

GET /mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

www.protectedwebnexussl.com/

104.21.83.246

235 B

URL
www.protectedwebnexussl.com/
IP
104.21.83.246:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectprotectedwebnexussl.com
Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E
ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT

File type
HTML document, ASCII text
Size
235 B (235 bytes)
Hash
ef2dcee44d4d66d0fe49998b3d3cb9b6
abbe1091c12266827b3e485f3b02265e974258ff
77dc83efa0f9fb0a2ab5dd51b442d69139eeee9f3d33ada7594398efdf867b56

HTTP Headers

GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 21:14:14 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.protectedwebnexussl.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-2
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh7XnA1Ln4%2BNg9jTz7F%2FHXaYK7W%2B6zblWPhIXEkBAY0FqkI2%2Fi57EK2j6RuHI%2FsSmCRXTjld1BRXm2OQoDiZm2vvmhLEwWRA2Ah5jkwNYc3Pv9QDe%2FW6CjjILlrPXXbv%2Bo1%2BhLHb81ZPplSPxs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c754db92b56c9-OSL
alt-svc: h3=":443"; ma=86400

www.protectedwebnexussl.com/

104.21.83.246

14 kB

URL
www.protectedwebnexussl.com/
IP
104.21.83.246:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectprotectedwebnexussl.com
Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E
ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT

File type
data
Size
14 kB (13597 bytes)
Hash
e4fa387db31b824d1ac8980009a481c4
e60e86296d73223503b4692847b630d93001ad8e
185093326345de2cbebc324abd01034a75a8eba87551e5a6dcb4b374c233721b

HTTP Headers

GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Wed, 08 May 2024 21:14:12 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.protectedwebnexussl.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaujpA9MTsQczAgsXgulod9ejE%2BKZIYfqT7K7lWNggxIuMzPuyHt%2B%2FFND%2FzrzgePLKf5rBXZWdP7x6Su8EBynYQH5DYpzF1Pv3y2j9FR%2BdXecBI%2FgmYLrA3pmRnXJdIq1JSe1wHjYqhjHekBnzc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c75402b7e56be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.protectedwebnexussl.com/

104.21.83.246

1.1 kB

URL
www.protectedwebnexussl.com/
IP
104.21.83.246:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectprotectedwebnexussl.com
Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E
ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT

File type
HTML document, ASCII text
Size
1.1 kB (1095 bytes)
Hash
16c4d771324df5c93d89d74c361a176b
599add70556463894f62d392970ece28241c9218
75844cc5365308aec6fc1dd01d430efe455763891fe1f0b58fab702ed267e082

HTTP Headers

GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 21:14:13 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.protectedwebnexussl.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLA1v2YGLlTyIUcH%2BQHeW0FLKj3FLWFq5Gijnve0HBTvwBmt5R47xx0OynzHbPRZIWxxCyPWnStJQ5AohnrnCGYVrR0R%2Be5E0%2F%2FETzJqjw2i80LkUtqcoWXQXt81ioMb%2F3yLdLm9758Q9XucLAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c7543698156c9-OSL
alt-svc: h3=":443"; ma=86400

imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&ja=3a363424246b35322e723d3826663d313238327a333030362e69643539323030783130323424717a793f327038246c787235312c313238302e333232362e393a3a3824313832342c313238322e3330303624393030382c393032342c302c32246f743f303f6e37396c333934396536626630323b6234346a6c31303f62386166336334266f6c3f3224716b6c3f3a3c2664683d687474707127314127304e2d304e6f657c7869746f782e616d6f2530446f67273a4e69666465786e6f61646472726d65256563707f656a2e7068702533447670616c712d3b4639383238326235333233676036326331693b673e3c65303831303732643b27303663646e57717d6a312d33443137382530346366645d7b7d603a2d334c2532366166665d71776231273b4c273a3e616e665f73756234273146253034696e64577b756a35253344383733305d7367717b61663a38323c3035303832313334303930343d2d303e69666e696c696174655d6b662531463a3e30312e70643d352670683d673a32326664693d373d39393b6634656265383b3b3165603669313b3a31306c2668683d63353267336363606938646e6b643136333064643364603338343538313b6b6b2662736f3d4c696e777a246a7160354e6b7a6d66677825323039362468716f773f44616c7d70266668633d3438266c6f76703f322e7c786c35555c43266d617468703f353164373c30673c6a333e303862666466603a3b633b3b3e6e646c3c663f3066313261653166343663666e3c30313b353e6239663362633435356230646d3a642e783d786c7567696e5f646e63736a273d4d646964736d21706c7567696c5d75696c66677f715765656c69615f706c617b67702537476e696e7b6d21786c7567696e5f63666d62675d696b70676a617c25354566616c716723706e776f616c57797561636b74696d6527374766636e7b6d237864756f696e5f73686f6169756174672d3d476e696c7b6521706c75676b6c5d72676364786e6971657a25354566616c716723706e776f616c577e6c6b5f706c617965702737456463647b6729786c7d67696e5f646574636e7670273d4d646964736d21706c7567696c5d7176655d7e61677f6d722d354566616c736723726c776561665d6269766925354566616c716724636166353a3538383130&jb=3b37266e7335456d72616c6461253246352e322730302a5a3939273b4a253a304c696e7578273032783a34573e362d3b422d323072762533433b342e322b2d3a324f6d63636f25324632303332323132332d3a324e61726d666f782532463b342c30

91.235.133.113

204 204

0 B

URL GET HTTP/1.1
imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&ja=3a363424246b35322e723d3826663d313238327a333030362e69643539323030783130323424717a793f327038246c787235312c313238302e333232362e393a3a3824313832342c313238322e3330303624393030382c393032342c302c32246f743f303f6e37396c333934396536626630323b6234346a6c31303f62386166336334266f6c3f3224716b6c3f3a3c2664683d687474707127314127304e2d304e6f657c7869746f782e616d6f2530446f67273a4e69666465786e6f61646472726d65256563707f656a2e7068702533447670616c712d3b4639383238326235333233676036326331693b673e3c65303831303732643b27303663646e57717d6a312d33443137382530346366645d7b7d603a2d334c2532366166665d71776231273b4c273a3e616e665f73756234273146253034696e64577b756a35253344383733305d7367717b61663a38323c3035303832313334303930343d2d303e69666e696c696174655d6b662531463a3e30312e70643d352670683d673a32326664693d373d39393b6634656265383b3b3165603669313b3a31306c2668683d63353267336363606938646e6b643136333064643364603338343538313b6b6b2662736f3d4c696e777a246a7160354e6b7a6d66677825323039362468716f773f44616c7d70266668633d3438266c6f76703f322e7c786c35555c43266d617468703f353164373c30673c6a333e303862666466603a3b633b3b3e6e646c3c663f3066313261653166343663666e3c30313b353e6239663362633435356230646d3a642e783d786c7567696e5f646e63736a273d4d646964736d21706c7567696c5d75696c66677f715765656c69615f706c617b67702537476e696e7b6d21786c7567696e5f63666d62675d696b70676a617c25354566616c716723706e776f616c57797561636b74696d6527374766636e7b6d237864756f696e5f73686f6169756174672d3d476e696c7b6521706c75676b6c5d72676364786e6971657a25354566616c716723706e776f616c577e6c6b5f706c617965702737456463647b6729786c7d67696e5f646574636e7670273d4d646964736d21706c7567696c5d7176655d7e61677f6d722d354566616c736723726c776561665d6269766925354566616c716724636166353a3538383130&jb=3b37266e7335456d72616c6461253246352e322730302a5a3939273b4a253a304c696e7578273032783a34573e362d3b422d323072762533433b342e322b2d3a324f6d63636f25324632303332323132332d3a324e61726d666f782532463b342c30
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&ja=3a363424246b35322e723d3826663d313238327a333030362e69643539323030783130323424717a793f327038246c787235312c313238302e333232362e393a3a3824313832342c313238322e3330303624393030382c393032342c302c32246f743f303f6e37396c333934396536626630323b6234346a6c31303f62386166336334266f6c3f3224716b6c3f3a3c2664683d687474707127314127304e2d304e6f657c7869746f782e616d6f2530446f67273a4e69666465786e6f61646472726d65256563707f656a2e7068702533447670616c712d3b4639383238326235333233676036326331693b673e3c65303831303732643b27303663646e57717d6a312d33443137382530346366645d7b7d603a2d334c2532366166665d71776231273b4c273a3e616e665f73756234273146253034696e64577b756a35253344383733305d7367717b61663a38323c3035303832313334303930343d2d303e69666e696c696174655d6b662531463a3e30312e70643d352670683d673a32326664693d373d39393b6634656265383b3b3165603669313b3a31306c2668683d63353267336363606938646e6b643136333064643364603338343538313b6b6b2662736f3d4c696e777a246a7160354e6b7a6d66677825323039362468716f773f44616c7d70266668633d3438266c6f76703f322e7c786c35555c43266d617468703f353164373c30673c6a333e303862666466603a3b633b3b3e6e646c3c663f3066313261653166343663666e3c30313b353e6239663362633435356230646d3a642e783d786c7567696e5f646e63736a273d4d646964736d21706c7567696c5d75696c66677f715765656c69615f706c617b67702537476e696e7b6d21786c7567696e5f63666d62675d696b70676a617c25354566616c716723706e776f616c57797561636b74696d6527374766636e7b6d237864756f696e5f73686f6169756174672d3d476e696c7b6521706c75676b6c5d72676364786e6971657a25354566616c716723706e776f616c577e6c6b5f706c617965702737456463647b6729786c7d67696e5f646574636e7670273d4d646964736d21706c7567696c5d7176655d7e61677f6d722d354566616c736723726c776561665d6269766925354566616c716724636166353a3538383130&jb=3b37266e7335456d72616c6461253246352e322730302a5a3939273b4a253a304c696e7578273032783a34573e362d3b422d323072762533433b342e322b2d3a324f6d63636f25324632303332323132332d3a324e61726d666f782532463b342c30 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 204
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive

region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825z8838620505za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=6278

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825z8838620505za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=6278
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825z8838620505za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=6278 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 30
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 08 May 2024 21:14:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

imgs.signifyd.com/fp/clear.png

91.235.133.113

200 OK

81 B

URL GET HTTP/1.1
imgs.signifyd.com/fp/clear.png
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced
Size
81 B (81 bytes)
Hash
1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

HTTP Headers

GET /fp/clear.png HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, w2txo5aa/5aa4812d252346af3217298699480405103
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 08 May 2024 21:14:14 GMT
Expires: Mon, 07 May 2029 21:14:14 GMT
Etag: 45d2fd79104a4d84a4c79d3f6f627153
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://getxitox.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png

imgs.signifyd.com/griMXmp5v2JsHgpk?dbc157c72ace6bd0=bHwkziePq50MjbvuOjLLQy9n6AzoKqtn9-fpaGpNdV21nYrSU-gLrzLu7pXk-g4V-PEMsyZScizWd0yCoV3VFA0eQvlJ8WD4H4qjJ0bKcKpxEopcpHDv8yCvJRbyUwGe0HDd&jf=3134266e716a35346b6a343f3262336135623a36353636606a3a3b6a3d32386136326166376437

91.235.133.113

204 No Content

0 B

URL GET HTTP/1.1
imgs.signifyd.com/griMXmp5v2JsHgpk?dbc157c72ace6bd0=bHwkziePq50MjbvuOjLLQy9n6AzoKqtn9-fpaGpNdV21nYrSU-gLrzLu7pXk-g4V-PEMsyZScizWd0yCoV3VFA0eQvlJ8WD4H4qjJ0bKcKpxEopcpHDv8yCvJRbyUwGe0HDd&jf=3134266e716a35346b6a343f3262336135623a36353636606a3a3b6a3d32386136326166376437
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /griMXmp5v2JsHgpk?dbc157c72ace6bd0=bHwkziePq50MjbvuOjLLQy9n6AzoKqtn9-fpaGpNdV21nYrSU-gLrzLu7pXk-g4V-PEMsyZScizWd0yCoV3VFA0eQvlJ8WD4H4qjJ0bKcKpxEopcpHDv8yCvJRbyUwGe0HDd&jf=3134266e716a35346b6a343f3262336135623a36353636606a3a3b6a3d32386136326166376437 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/mMennlVEnuodAgzK?b29440982ac26034=w2lbQw2vmxiHZKC7D6Z9HC0RMwVc61UjFWYqPX3v9tDRlE-UDBtrAkUc1Q0IO8CjOzj4evv4ds7pplOYSu85xuklQBpRRWtAnhQdqdjUCvL5-BRN_YBMXfc84TmIDG06iiGpIeuhKqv6JhopK3_kxjvGF3RlCaJ4_6FBr6aH8a0Ds1r6EX2AG6Z48oHu
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 448
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 08 May 2024 21:14:14 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jac=1&je=33313924247f6d6b3531312639302e34322e33373626726f3571677b2e617d64683d64663536603734323a383d376b6c356d6236303963636766616137343f3a346d6b353930366336383534303a63673b6c383b3f31363e333134303233336666322467703b3f6c6e36306566376230373a3a636636603f31646a30666a6562656533663763636361663b31343c38

91.235.133.113

204 No Content

0 B

URL GET HTTP/1.1
imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jac=1&je=33313924247f6d6b3531312639302e34322e33373626726f3571677b2e617d64683d64663536603734323a383d376b6c356d6236303963636766616137343f3a346d6b353930366336383534303a63673b6c383b3f31363e333134303233336666322467703b3f6c6e36306566376230373a3a636636603f31646a30666a6562656533663763636361663b31343c38
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jac=1&je=33313924247f6d6b3531312639302e34322e33373626726f3571677b2e617d64683d64663536603734323a383d376b6c356d6236303963636766616137343f3a346d6b353930366336383534303a63673b6c383b3f31363e333134303233336666322467703b3f6c6e36306566376230373a3a636636603f31646a30666a6562656533663763636361663b31343c38 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: text/javascript

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/3.ts

151.101.1.91

200 OK

1.1 MB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/3.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
1.1 MB (1110516 bytes)
Hash
18c7ac9de1bd3a27981436b86e15ac7f
b6e7d6eeb0d2385de575eba8e8a4d3716357a404
40ac273a4c15227e82469272aaaf5a7f2260233557bf94cad42ad37657baceed

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/3.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1110516
cache-control: public, max-age=31104000
expires: Thu, 01 May 2025 10:32:52 GMT
last-modified: Tue, 29 Aug 2023 15:51:40 GMT
etag: "18c7ac9de1bd3a27981436b86e15ac7f"
x-goog-generation: 1693324300542916
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1110516
content-type: video/mp2t
x-goog-hash: crc32c=CxWQvQ==, md5=GMesneG9OieYFDa4bhWsfw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPrTyxAMCdfD9LgeTjmxZCpKGphaMi0hr4FjCmSdyobcPmcSWAmPJGAsbnY_hVUwMVHERvg
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Wed, 08 May 2024 21:14:14 GMT
age: 211281
x-served-by: cache-dfw-kdfw8210119-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 33, 1
x-timer: S1715202855.701767,VS0,VE2
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts

151.101.1.91

200 OK

54 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
54 kB (54144 bytes)
Hash
adf371f1a9684b35e655bddab7ae4d79
dcf2b775cd36762751a9b3ff5adefd821afb04f3
942e39e8342ee313fe81e1dd69fc2329bb90eff9c131d74dbb988455bb0772a2

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 54144
x-guploader-uploadid: ADPycdtBATaygqwRg_i2otfShV8AuUv9TzXo3v8-MP-0vXZygrO67j3P9MQYUxhhV7tWdBJqrej54xCzzvLFdnGStRn8uaBDBh8c
cache-control: public, max-age=31104000
expires: Fri, 27 Sep 2024 03:56:46 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "adf371f1a9684b35e655bddab7ae4d79"
x-goog-generation: 1693324327962747
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54144
content-type: video/mp2t
x-goog-hash: crc32c=wTW46Q==, md5=rfNx8aloSzXmVb3at65NeQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2713875
date: Wed, 08 May 2024 21:14:14 GMT
x-served-by: cache-dfw-kdfw8210037-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 3049, 0
x-timer: S1715202855.709256,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 585373
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 699
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 08 May 2024 21:14:15 GMT
content-length: 16
x-envoy-upstream-service-time: 0
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg

151.101.1.91

200 OK

54 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc60.3.100", baseline, precision 8, 1920x1080, components 3
Size
54 kB (53910 bytes)
Hash
bc55b1f437bddbe74f9d74d181f068da
d48ba897a8f63eadbf55b8ddc854ccd4f7299d13
f3db1c97e2c94cecc0b57997f11951afc151451495407a9a1c5ac9306bf0f30d

HTTP Headers

GET /video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 53910
x-guploader-uploadid: ADPycdtZfwa3mZxHTiR8V00dI6D1_y0C9fYhQ7wVgZNebfqMIj0Evn-GHw0gyYctCAwiSAtv5fGD25Jci43NuQ90ot4-9g
cache-control: public, max-age=31104000
expires: Sun, 22 Sep 2024 18:59:28 GMT
last-modified: Fri, 14 Jul 2023 06:17:36 GMT
etag: "bc55b1f437bddbe74f9d74d181f068da"
x-goog-generation: 1689315456332968
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 53910
x-goog-meta-x-goog-reserved-source-generation: 1683106408845786
x-goog-custom-time: 2023-05-03T09:33:28.923Z
content-type: image/jpeg
x-goog-hash: crc32c=+PKXAg==, md5=vFWx9De92+dPnXTRgfBo2g==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1336332
date: Wed, 08 May 2024 21:14:15 GMT
x-served-by: cache-dfw-kdfw8210171-DFW, cache-hel1410020-HEL
x-cache: HIT, MISS
x-cache-hits: 795, 0
x-timer: S1715202855.351854,VS0,VE137
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 407
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 08 May 2024 21:14:15 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 449
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Wed, 08 May 2024 21:14:15 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=11280

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=11280
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je4510v9116850825za200&_p=1715202852640&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=187997704.1715202853&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&sid=1715202853&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D10202b5323eb42a3a3e64e881072d9%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240508211629265%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=11280 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 471
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Wed, 08 May 2024 21:14:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.protectedwebnexussl.com/

104.21.83.246

11 kB

URL
www.protectedwebnexussl.com/
IP
104.21.83.246:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectprotectedwebnexussl.com
Fingerprint6B:51:99:69:A5:65:81:85:28:58:77:6B:61:07:48:68:E5:66:AE:9E
ValiditySat, 20 Apr 2024 11:42:02 GMT - Fri, 19 Jul 2024 11:42:01 GMT

File type
data
Size
11 kB (11050 bytes)
Hash
d9a03a7c4178c5ee68c6de52dc9de520
9d1d532b1c1c1a392e6667e3b9582d9cd426fb68
5d80d125d6c147ccdbc9351c964bf5dcf7f79ee50e6babb1a6fc92320554a4c8

HTTP Headers

GET / HTTP/1.1
Host: www.protectedwebnexussl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 21:14:15 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.protectedwebnexussl.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: undefined-origin
access-control-max-age: 300
p3p: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
x-cm-fe: httpfe-2
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxGjA%2BEzUGdjLhtFjL8bVb1IaM7yjNStmrREeogs4cvu8Z6pb0a58lBgoFiR7srq0a8ifDx7uQuu5IKx9f7EQLyJ3XB1vVM8Ks8L967Sk6cmb9VEUiQkrmp7lt8WiWcRAbOv3vL5XIv47TySTSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c7555dd6956c9-OSL
alt-svc: h3=":443"; ma=86400

imgs.signifyd.com/LCrSFPaCrCus38lZ?78cda9df1666f161=uKkXSbeUpyDmye0yTIXnXHjpY9QZRJTmD6jWvlPHW3yK_ZYEHZQLIEXw5Ot7vFNUNXDfgmaeoMU2i3zZJkOW7luUWuDx2O_WcuGi2I8r7oxPoENdVnGHnpJxkSNpEs2ATLEfpo6vCtOGF3e3OaTNQG8iIkIVMD2eTFypaxXXBoQmp7tLY3QJZxvnZpes&je=33313624247a6d74353b362636382c35392e33322e353a2c3d392e3d312e38332c35392e31302e37392c333e24373126313c2c33362e37352e373b2e3334243d3b263a302435382e35322c373b2c31352e3d312c393e2c3d382e36372c353b2c31312e373126333b2435312e31392c35382c36332c373b263935243d392631332c35392e33312e353b2c393a

91.235.133.113

204 204

0 B

URL GET HTTP/1.1
imgs.signifyd.com/LCrSFPaCrCus38lZ?78cda9df1666f161=uKkXSbeUpyDmye0yTIXnXHjpY9QZRJTmD6jWvlPHW3yK_ZYEHZQLIEXw5Ot7vFNUNXDfgmaeoMU2i3zZJkOW7luUWuDx2O_WcuGi2I8r7oxPoENdVnGHnpJxkSNpEs2ATLEfpo6vCtOGF3e3OaTNQG8iIkIVMD2eTFypaxXXBoQmp7tLY3QJZxvnZpes&je=33313624247a6d74353b362636382c35392e33322e353a2c3d392e3d312e38332c35392e31302e37392c333e24373126313c2c33362e37352e373b2e3334243d3b263a302435382e35322c373b2c31352e3d312c393e2c3d382e36372c353b2c31312e373126333b2435312e31392c35382c36332c373b263935243d392631332c35392e33312e353b2c393a
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /LCrSFPaCrCus38lZ?78cda9df1666f161=uKkXSbeUpyDmye0yTIXnXHjpY9QZRJTmD6jWvlPHW3yK_ZYEHZQLIEXw5Ot7vFNUNXDfgmaeoMU2i3zZJkOW7luUWuDx2O_WcuGi2I8r7oxPoENdVnGHnpJxkSNpEs2ATLEfpo6vCtOGF3e3OaTNQG8iIkIVMD2eTFypaxXXBoQmp7tLY3QJZxvnZpes&je=33313624247a6d74353b362636382c35392e33322e353a2c3d392e3d312e38332c35392e31302e37392c333e24373126313c2c33362e37352e373b2e3334243d3b263a302435382e35322c373b2c31352e3d312c393e2c3d382e36372c353b2c31312e373126333b2435312e31392c35382c36332c373b263935243d392631332c35392e33312e353b2c393a HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 204
Date: Wed, 08 May 2024 21:14:24 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive

imgs.signifyd.com/xKjPvG3EzJBziYaD?0b13f7e9e38322e7=kx5Z0OjgdpVWRb7qPRpSzNx2GuEYHcDjoFl_7q_grKOCyvvxb8kwhAAOmZ-lUfQB8numEF4QaV47mIrlvHqsNJBuiIfMgB9ORBJmbkio6czMSuETwVE8jQILmo5jx17O-yus

91.235.133.113

0 B

URL
imgs.signifyd.com/xKjPvG3EzJBziYaD?0b13f7e9e38322e7=kx5Z0OjgdpVWRb7qPRpSzNx2GuEYHcDjoFl_7q_grKOCyvvxb8kwhAAOmZ-lUfQB8numEF4QaV47mIrlvHqsNJBuiIfMgB9ORBJmbkio6czMSuETwVE8jQILmo5jx17O-yus
IP
91.235.133.113:0
ASN
#30286 THM

Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /xKjPvG3EzJBziYaD?0b13f7e9e38322e7=kx5Z0OjgdpVWRb7qPRpSzNx2GuEYHcDjoFl_7q_grKOCyvvxb8kwhAAOmZ-lUfQB8numEF4QaV47mIrlvHqsNJBuiIfMgB9ORBJmbkio6czMSuETwVE8jQILmo5jx17O-yus HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8
Origin: https://imgs.signifyd.com
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 21:14:36 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://imgs.signifyd.com
Content-Type: text/javascript

cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg

54.230.111.43

200 OK

2.5 kB

URL GET HTTP/2
cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.5 kB (2488 bytes)
Hash
aa99de29a7952e738d5b5e6ec8968e94
747482789054e483572f905cadc6841ba2f7bdfb
cac5bfe56161ac8c9566a2470f15ebd0d3b702ff28c0868af988b6ebf49eecf3

HTTP Headers

GET /cyabags/5thglow-phone-inverted.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 24 Jun 2019 02:14:42 GMT
x-amz-meta-sha256: fc4704f46cf73a52c423292dda6cd0fc8d521e60d20fc1561df114a0d86a55a1
x-amz-meta-s3b-last-modified: 20190613T093902Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Wed, 08 May 2024 03:46:21 GMT
etag: W/"4de1717957b315eb71c304f8ba029ae7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bgf1UdaZ5U4e7DdbwMUcBqnwhW_py7ROgVWlPfR8tTZ-MbE4Enm6XA==
age: 62871
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27812, version 1.0
Size
28 kB (27812 bytes)
Hash
89711a1150919edc93f67f067ef94f62
9f2ac701d67d1ab3a2efe7d4edc663d3d5270fef
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:01 GMT
expires: Fri, 02 May 2025 01:55:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
age: 587951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8

151.101.1.91

200 OK

1.1 kB

URL GET HTTP/2
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
1.1 kB (1137 bytes)
Hash
01a4b36b437c6ff93d233c8d0abbe2f8
1663d9258a4fa2236d3c8f794b91ccbf5260d3cd
8567054e9b455b4735a7f5e412debf56810844e204d1d4ab0f80743d839989a4

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ADPycduVrkjVXVCM_5Dr4IG6fXw-U_g98JYx8F9fYztxutiIAkFOxp1_R7j5wo-P3Vf85T5Ej2fY0Ycnaro-GNOMTvjQqzSGEm9f
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:09 GMT
last-modified: Mon, 25 Sep 2023 15:30:29 GMT
etag: "01a4b36b437c6ff93d233c8d0abbe2f8"
x-goog-generation: 1695655829791443
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1137
content-type: application/octet-stream
x-goog-hash: crc32c=5Yk1dA==, md5=AaSza0N8b/k9IzyNCrvi+A==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 197686
date: Wed, 08 May 2024 21:14:13 GMT
x-served-by: cache-dfw-kdfw8210133-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 52, 0
x-timer: S1715202854.765203,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1137
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 13:49:40 GMT
expires: Fri, 02 May 2025 13:49:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 545072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/images/bottle_mention.png

54.230.111.43

200 OK

188 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/images/bottle_mention.png
IP
54.230.111.43:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 1308 x 939, 8-bit colormap, non-interlaced
Size
188 kB (187749 bytes)
Hash
5cab986cff18198ae5e79fd393ff75cb
f00667912fd25062171b351245f0f7d0cc289f9e
2d5f155a2e8e45ecdf9294cc6995f06baceb35fd27cb14751d726c6bb662308c

HTTP Headers

GET /xitox/images/bottle_mention.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 187749
last-modified: Thu, 13 Apr 2023 08:58:00 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 08:40:36 GMT
etag: "5cab986cff18198ae5e79fd393ff75cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4GI1CwoOkbE5pq1-BWO3HnGyCEDbUkkBWE1bjioxGBCyBTVRXN6OEA==
age: 45216
X-Firefox-Spdy: h2

imgs.signifyd.com/jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA

91.235.133.113

200 OK

93 kB

URL GET HTTP/1.1
imgs.signifyd.com/jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
HTML document, ASCII text, with very long lines (15506)
Size
93 kB (92855 bytes)
Hash
15b267f4dc84be558c1f30510bd692c3
c07db77d9f73a30e07f9d39d6eec0ba88d9db8fc
75832f2232dc2113f60a736dd478518588aebd5004fa41b5e3a99782721c29a5

HTTP Headers

GET /jcSUB1Og3yoGKXvj?54fe64b3263e1c5d=7raQEOXsB1AyWFbSsggJUf38gCKg-8xJ0Gu-PWgJ0BlTmFgIPLIGqHf9_D_bXfXcEjQVd1THoDkE0lNLBwy5RG5z1I5ijANKeT8NFv6LCA__s3Bbyc_8zweg-tdorEk4aRnFCXozE5uhF4wZUSuTOfUOCCrIvCDC65Wp5JGwDcqnE9WLg-ySHVkn3evMdA HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3

172.66.43.113

200 OK

0 B

URL GET HTTP/2
go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3
IP
172.66.43.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerLet's Encrypt
Subjectmaxweb.com
FingerprintC4:78:D7:44:85:55:AA:1F:A9:42:AA:75:6A:68:97:9F:93:3B:2D:22
ValidityWed, 01 May 2024 07:23:11 GMT - Tue, 30 Jul 2024 07:23:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 21:14:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 08 May 2024 22:16:35 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbTxAcpKyrJyzoe; SameSite=Lax; path=/; expires=Thu, 09-May-24 20:14:13 GMT; HttpOnly
server: cloudflare
cf-ray: 880c75465bbc0afe-OSL
content-encoding: br
X-Firefox-Spdy: h2

91.235.133.113

204 No Content

0 B

URL GET HTTP/1.1
imgs.signifyd.com/xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jb=3134266e71693533383a376a6233666533646436323734636c6b373a316630393635353039663a
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xcGGXe44HVK8reWf?a5156f26c9293de1=YXkjaPgqvs1NqwXJ_C6r3i4Ycu76FyLFuc2G7-LV4Lg3xWJ1z637hbH5s4TFuGP8RvoLQwbdtX0n8cz9de6p6ST0H3qX7AZrF6BPqJ_qrtW9ijutN_fVKUNpUHiTe3akQzYB&jb=3134266e71693533383a376a6233666533646436323734636c6b373a316630393635353039663a HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=6a3ad6eff232bf0760fda45f60fae8e1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Wed, 08 May 2024 21:14:14 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript

fonts.googleapis.com/css2?family=Merriweather&display=swap

142.250.74.106

200 OK

1.9 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Merriweather&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1909), with no line terminators
Size
1.9 kB (1864 bytes)
Hash
5f9cadc082c9d1811f19204aee0863e6
33cfb38663b09d3d6955691ad6bb8072575f003a
8ef722f3cdd606bc88a101794fb62c659ba723277aca99f5c12d0755846af153

HTTP Headers

GET /css2?family=Merriweather&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 21:14:11 GMT
date: Wed, 08 May 2024 21:14:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap

142.250.74.106

200 OK

18 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=10202b5323eb42a3a3e64e881072d9&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240508211629265&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
18 kB (17766 bytes)
Hash
3b065b6898522abb5efd016c431e352e
5fe6ebc8faa406c9dca15accc7fa11ee8b5f7534
43917159ff2b0eb2c88150c707902308ac0cb96b9cdea717a66054e2fe3ba19f

HTTP Headers

GET /css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 21:14:11 GMT
date: Wed, 08 May 2024 21:14:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (52)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML