Report - www.clkmg.com/healthylife1/wwxiinfo/paulr@mulmerservices.ca/medmarketus.com/B/WWXI4

Report Overview

Submitted URL
www.clkmg.com/healthylife1/wwxiinfo/paulr@mulmerservices.ca/medmarketus.com/B/WWXI4_1/WWXI/
IP
52.27.1.134
ASN
#16509 AMAZON-02
Submitted
2024-04-16 20:03:42
Access
public
Website Title
Simple Promise™
Final URL
getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
main.tgoptimize.com	965881	2018-07-24	2018-11-12	2024-04-16	1.4 kB	1.9 kB	44.205.55.198
stats.vidalytics.com	153185	2007-05-15	2017-02-08	2024-04-15	2.9 kB	2.7 kB	107.178.211.97
www.clkmg.com	112778	2014-02-06	2016-03-24	2024-04-14	545 B	1.1 kB	52.27.1.134
cdn.truegcloud.com	699174	2018-03-26	2018-06-13	2024-04-15	7.3 kB	688 kB	54.230.111.71
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	3.2 kB	180 kB	216.58.207.227
imgs.signifyd.com	12117	2010-11-25	2017-01-30	2024-03-30	11 kB	91 kB	91.235.133.113
d10lpsik1i8c69.cloudfront.net	unknown	2008-04-25	2016-05-17	2024-03-11	405 B	256 kB	54.230.241.104
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-16	2.8 kB	1.3 kB	216.239.32.36
cdn-scripts.signifyd.com	13162	2010-11-25	2016-06-12	2024-04-06	835 B	16 kB	143.204.55.119
tracking.getxitox-at.com	unknown	2022-03-24	2022-11-05	2024-02-27	573 B	69 kB	54.78.40.72
mweboutstanding.com	unknown	2023-05-19	2023-07-17	2024-03-26	492 B	1.3 kB	172.67.177.109
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-04-16	1.0 kB	2.7 kB	3.164.222.26
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-16	1.3 kB	266 kB	142.250.74.168
fast.vidalytics.com	218005	2007-05-15	2017-02-08	2024-04-15	6.5 kB	3.3 MB	151.101.65.91
www.google.no	25607	2001-02-26	2016-04-05	2024-04-16	576 B	578 B	142.250.74.163
analytics-ingress-global.bitmovin.com	47119	2013-01-21	2017-08-18	2024-04-15	491 B	487 B	35.190.27.197
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	946 B	21 kB	142.250.74.106
go.maxweb.com	389866	1995-07-17	2018-04-27	2024-04-13	564 B	766 B	172.66.43.113
getxitox.com	unknown	2022-03-24	2022-08-10	2024-02-27	8.3 kB	189 kB	52.204.254.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	mweboutstanding.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (55)

	URL	Size	First Seen	Last Seen
	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	410 B	2023-03-07	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:51:19 Last Seen2024-04-24 10:22:31 Times Seen158 Hash 130421da57605728884ece6c3b4f71f0 3aab6925d6cf0412337eb31ca7066e38e1b11042 25d1113f8f75a43286a488f753fa3610b4165e18abb218bc04a39dad966a0683 Loading...

	getxitox.com/js/skeleton.bundle.min.js	79 kB	2023-03-07	2024-04-29
Pretty URL getxitox.com/js/skeleton.bundle.min.js IP 3.232.3.181 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2024-04-29 18:10:44 Times Seen15697 Hash a454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c Loading...

	imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO	93 kB	2024-04-16	2024-04-16
Pretty URL imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 22:03:45 Last Seen2024-04-16 22:03:45 Times Seen1 Hash 90ec28e0b6a20a40e02e07cc692b88ae 33026cf6d1f1ed58099ca523e4e7897bd084c8dd 6ee13f6ae062709c3e88875e23b1e2878395c6ada5c1a0035426ddd9ca8d0b99 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	75 B	2023-12-01	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-01 18:37:48 Last Seen2024-04-24 10:22:31 Times Seen7 Hash 63ac6b1d24a8281e854ef5e78c3bc36b 413ce49f54f8dad73288221cd3798e4b417fc981 29411a24743a4f7fef310b58ec24ab56d0edb8f6bacb0db5aada388de2e43fdd Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	341 B	2023-03-07	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:51:19 Last Seen2024-04-24 10:22:31 Times Seen155 Hash 165385dc71e29d2b90e31427e0939a49 4831fe29872dd1b9d6aa45e0132b5f5b6aea43dc 9442e247ceb6dcab7e8863c9d16535cd0be07b1b9455fda40f65dad2671189a2 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	190 B	2023-10-28	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 14:50:45 Last Seen2024-04-24 10:22:31 Times Seen8 Hash ead74ed6deefb2dc7c3a08b10145a502 cd6bce82f513b3b06da562e4b41ec243df023cf2 e19311ef12ec553804e5b8d77bd036373fffdf19b15c0119e35b713310178c58 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	3 B	2023-03-07	2024-04-26
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-26 10:19:19 Times Seen1143 Hash f67be96ce768fb5b40aecf0438f97886 d27fecd03a022cc6f670ca42ef1b99d5f5bcc74c 3441b5696d6abf2bd959d18bcb31dde8239a6ad8185bfa659af60bc764c238a8 Loading...

	unknown	32 B	2023-03-07	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2024-04-29 18:21:47 Times Seen1614 Hash 16eff409565ed1d22c17d73ce417bd15 ae526f9ce16489f0ca53977b7722f56806555342 d7d8adcd29f47bcccb73dcfc9c2135200465d57df689f842a49311a5b000d7a3 Loading...

	imgs.signifyd.com/nc-AoZM3wd8SC1-C?1e2b3239b880815e=TkSwZi_hAwpuQEKxq36t9qTatpDJV-kI9QanqzXryl11U9lLx3Ao8aWGcQfk_hNiRRQT1QAE14ud5lkY3QaQ2wyy-KyThT-Vu4rxBLBaUst3GeAKSYRxlaWOJgkQcva22jBODWdlWGtd31-KRTO4Cw0ue8j0ZRLy0r_zsbJWaUVUyiQA3Q-Hube4p0tg&je=33323624267265763d333a2639342e353a26343a2c373b2e31322c353b2c393f2e37382c30382e34302c31392c33362c3a3a24373b2e333f2c37392c33342c35392e3336243d3a2c343024353b2e33302c35392e31322e3d312c33332e3d392c30352e35392e31362e3730263b3a2c37312e32352e37382e34302c373b263832	0 B	2023-03-07	2024-04-29
Pretty URL imgs.signifyd.com/nc-AoZM3wd8SC1-C?1e2b3239b880815e=TkSwZi_hAwpuQEKxq36t9qTatpDJV-kI9QanqzXryl11U9lLx3Ao8aWGcQfk_hNiRRQT1QAE14ud5lkY3QaQ2wyy-KyThT-Vu4rxBLBaUst3GeAKSYRxlaWOJgkQcva22jBODWdlWGtd31-KRTO4Cw0ue8j0ZRLy0r_zsbJWaUVUyiQA3Q-Hube4p0tg&je=33323624267265763d333a2639342e353a26343a2c373b2e31322c353b2c393f2e37382c30382e34302c31392c33362c3a3a24373b2e333f2c37392c33342c35392e3336243d3a2c343024353b2e33302c35392e31322e3d312c33332e3d392c30352e35392e31362e3730263b3a2c37312e32352e37382e34302c373b263832 IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 20:11:30 Times Seen37188645 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	425 B	2023-03-07	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-04-24 10:22:31 Times Seen75 Hash 6fdcf0000641b875339c33524f7afc32 ee90be9be3c56015fa8a68df4e22eb55132151a2 5b4af4f461a4ad99c500e18ce7a3ca0f473a73616aabcbf6500582003850a757 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	328 B	2023-03-07	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-04-24 10:22:31 Times Seen86 Hash bf4f957d5a1c6e602e47b3f8d56eef78 e6740423ded6611ebbdb31d62baf9209aafe06e7 b753faad57dce8fcfe6820c15b88adc6f9a6a701a1c84aaa79a2b6d0d3c2a052 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	245 B	2023-03-07	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-04-24 10:22:31 Times Seen86 Hash c6518826f8fc6231c7baa290459d8874 37b7afac2f44cf33777bcbd9e24d8fc79ef0aa0c 1fe99e8ad7762d1caf305c0469228f420fafc2a38e9922ea3678b93c564ad25f Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-29
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-29 20:09:08 Times Seen342713 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	772 B	2023-03-07	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-04-24 10:22:31 Times Seen39 Hash 72051fdcbe101e303b08490098275472 9a3543f52f2da42fb97189d94618d54be90324d3 91fca4c7531ca12f88e631dcf9f798cf049f9d2cfad3fa18929539f62b8797fb Loading...

	fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js	22 kB	2024-04-16	2024-04-24
Pretty URL fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js IP 151.101.65.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:03:45 Last Seen2024-04-24 10:22:33 Times Seen4 Hash 58dd1a4eca6cd3e55b7ccf65804454f7 47b1426cb825ea719cf5dc383aa7bcdb0ec300cc a820bbfcbf9bb777fbafa11bb1fe416edb8c66a036785ae39dff48f0bc59daef Loading...

	d10lpsik1i8c69.cloudfront.net/w.js	5.3 kB	2024-01-25	2024-04-26
Pretty URL d10lpsik1i8c69.cloudfront.net/w.js IP 54.230.241.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-25 23:36:04 Last Seen2024-04-26 21:49:26 Times Seen123 Hash e31293f40e8a324de552ff593ee76a9b 8dc5eda61e77f52f2a4f914e2a69976f9a0825e3 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3 Loading...

	cdn-scripts.signifyd.com/api/company_toolkit.js	3.7 kB	2023-07-25	2024-04-29
Pretty URL cdn-scripts.signifyd.com/api/company_toolkit.js IP 143.204.55.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-25 01:06:12 Last Seen2024-04-29 18:21:47 Times Seen204 Hash 2c3950f122b3977df61b0e077aaa92c8 7bbc3b129bb0f1320c6ecb67688ddc8f78ef6574 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	322 B	2023-06-13	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-13 16:19:24 Last Seen2024-04-24 10:22:31 Times Seen8 Hash 1bff1abf146d4ee7e7c4a47c83f77a5a af9685edfbdeab288ee91edb0a002a305fc1aabb 1e7bf479219149da3b972855c85302edb5750e2b3873b0a36629f32661531fad Loading...

	cdn-scripts.signifyd.com/api/script-tag.js	11 kB	2024-01-11	2024-04-21
Pretty URL cdn-scripts.signifyd.com/api/script-tag.js IP 143.204.55.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-11 16:01:33 Last Seen2024-04-21 23:04:17 Times Seen82 Hash d34fe38d39e71cd6ace9ab1bfc0bb10a 6d41bc7164467c62317d5c7a15e3a076f8dd1e66 68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC	368 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:03:45 Last Seen2024-04-16 22:03:47 Times Seen2 Hash db28b3c405c945a774fad429e41b35e6 94afe7c1d327a98050998a28a6ef78c1a57ee875 ca4c83e5ec7cd0f8e6424be66ae6a275681c6b2103a61462f357a4592a363f6f Loading...

	getxitox.com/ed39d910-9782-4ac0-9528-0a6b16f4a0eb	980 kB	2024-02-21	2024-04-24
Pretty URL getxitox.com/ed39d910-9782-4ac0-9528-0a6b16f4a0eb IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-21 16:12:24 Last Seen2024-04-24 10:22:33 Times Seen22 Hash 21ea705829c05759544342ba2f4ac461 2fa8e86431a1468bf7bbceb53b8662101bc70da8 b1ccbf581da817ca36d109e168b2cec2a34e7884c8e20c6722c6bff41da53b60 Loading...

	imgs.signifyd.com/W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg	93 kB	2024-04-16	2024-04-16
Pretty URL imgs.signifyd.com/W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 22:03:45 Last Seen2024-04-16 22:03:45 Times Seen1 Hash 40ed1f6c5c46fedf5eab190783e945a7 e1ae88552751415ff6100a19edad86f2ba0be3f5 fc2bf1c9830f37acdf416dc422e0a5e0d66deebc7e86524c4d9457f314eef38a Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	292 B	2023-10-28	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 14:50:45 Last Seen2024-04-24 10:22:31 Times Seen8 Hash af4f98c9507772e724e3c289b9230d4e 0e31826d7f0a1f0bcb62c40ce4ae6c45cb4acffb 4fa94fc8aa96057b1a5ace37cda86e58e970176474b360c019fe3a88538c5eb8 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	946 B	2023-12-01	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-01 18:37:48 Last Seen2024-04-24 10:22:31 Times Seen7 Hash 84b160a3ad55ea54f7ffeaaec80a526d 583e1d6abfeba54de8d55a2494bed82f824c0520 0e9ff9bce1c41550d75acbe35644f76b4cecce7d8f2f48471f0c374d5934dc0b Loading...

	getxitox.com/go/sandbox%20eval%20code	147 B	2023-04-11	2024-04-29
Pretty URL getxitox.com/go/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-29 20:09:08 Times Seen343214 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	unknown	132 B	2024-04-16	2024-04-24
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-04-16 22:03:45 Last Seen2024-04-24 10:22:32 Times Seen2 Hash 15adf35e908db39add75852a8aed0801 59970755b12d69a6268feb546c6a49018eb82794 86cb8d3e834bc57047ca515e6b66df7fb7f520422ea77f8d06ed073fbd128fd0 Loading...

	main.tgoptimize.com/load.js?r=0.5477329350688612&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629	1.4 kB	2024-04-16	2024-04-16
Pretty URL main.tgoptimize.com/load.js?r=0.5477329350688612&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 IP 44.205.55.198 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:03:45 Last Seen2024-04-16 22:03:47 Times Seen2 Hash 20872486e142e4263e62b6d4d8e89780 354b051e78f5a3ff3ac0379de79cbf4060da5704 023315a38f3bf1c67544449988a781707a0be9a6e6a941a65f367d555b44fd8f Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	141 B	2023-06-19	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-19 07:48:24 Last Seen2024-04-24 10:22:31 Times Seen41 Hash eb31fc493c10f68b4759e661e04f2702 7d7ce7736f8cce72a4fb68a6cf4f2f99af6a6a91 73c8f6f45d765e9d0b7f63fe1c027181f956e69fe4e33512f7e8de0e85638ce8 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	4.0 kB	2023-07-02	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-02 04:33:07 Last Seen2024-04-24 10:22:32 Times Seen11 Hash 6f7057d95e8a9b1de1b3ab4ce24b58ef 90b08bcc2dfa0e29e71cb1e8e45a9381c4489cad 1d50f1c220b662c186944ad8fc351b16cca5f665b22f92117e401c3d0e8bab79 Loading...

	imgs.signifyd.com/uvc4zuwwxp4vqrsd.js?9zs99lsdp73zpttf=w2txo5aa&8dtt7x306fso767k=2572415457388334385	100 kB	2024-04-16	2024-04-16
Pretty URL imgs.signifyd.com/uvc4zuwwxp4vqrsd.js?9zs99lsdp73zpttf=w2txo5aa&8dtt7x306fso767k=2572415457388334385 IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:03:46 Last Seen2024-04-16 22:03:47 Times Seen2 Hash 50a63512c5b2b2a09dadd635fc0e9973 5ad702ddab4d7a44e192f9f9a661b408d900d839 e6d7f092d4e79289c7688fe1db631e42462c36dc1e2054f439d5c02c1b07bd34 Loading...

	cdn.truegcloud.com/scripts/jquery.1.9.1.min.js	93 kB	2023-03-07	2024-04-29
Pretty URL cdn.truegcloud.com/scripts/jquery.1.9.1.min.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-29 20:09:19 Times Seen23527 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	150 B	2023-03-07	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-04-24 10:22:32 Times Seen130 Hash 23658fa612615b3981808f9fc45eb75e 2f07b38112f47ccfc79f4f9137dd72f59a13d0ad 2309a245cc804f005d5ac5bc520add8c364bcdaf51e36b4bf8892831ac4cdb2d Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	2.1 kB	2023-10-28	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 14:50:45 Last Seen2024-04-24 10:22:32 Times Seen8 Hash 3ebe38144df70fe2daa1d262774c3d89 89673d6a0521288265d3a0e96aa60c0aff635494 c9a961d8cb30bdade64fa68108b79f949041f9e941907ff88210861e9040718c Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	1.0 kB	2023-05-22	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 16:17:26 Last Seen2024-04-24 10:22:32 Times Seen11 Hash 971e75379280a42fb523f20edaedcf80 a516b5785774b8e23fc57f843441de939950ad70 8544c0f7b8575bc590e560296ca65f35cf71eda90f4e4a5005782d9a0944d415 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	495 B	2023-05-22	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 06:05:03 Last Seen2024-04-24 10:22:32 Times Seen12 Hash 7ff7a48547d8d008f6d0722a1d230be7 ef5dacba2e5ebe54b6242af33ac7af5f0f25d3c3 a9a598c46a461f4189f2681861ff4a13a0262f9dd0150410a6f1e94a647ef6d6 Loading...

	unknown	15 B	2023-03-11	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:44:47 Last Seen2024-04-16 22:03:46 Times Seen5 Hash 1121dd48a4b618ecf3a956b35b294ecb 6830f57077ca828e618ca46f672fb04c86f534c1 664fd7d26c70547d7f57d9f5418dca5a29a0b4bf97d25fb1492d143b7cf1a7fd Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	2.5 kB	2023-05-22	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 16:17:26 Last Seen2024-04-24 10:22:32 Times Seen11 Hash fb620b7a8a0c46eb7b84a13ddb15362e 3cf30601cb0bcb75305b2dd7e1e52e3c1be93e9b 78f5f4cf3367fbf6c545c2d222f23ff056abc308a0e4f72ad9e8326a77e4edbd Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	530 B	2023-05-22	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 16:17:26 Last Seen2024-04-24 10:22:32 Times Seen11 Hash b86369d4970747f4b24a2fb1d8da9bc3 e6e2649745565d621ceb643fe6ff798af78025f4 4dd54453f8bd36a5c8ee8f864f238750a052199f570383b1de728e626bb8ccda Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	329 B	2023-03-10	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 21:33:58 Last Seen2024-04-24 10:22:32 Times Seen63 Hash 8ef1dbed1ff67ba4655ff058b7cf2d0d 4fc69c4a880a587e992451a27c82551682fb1f5b ba7a73a4c9b3498d0ad747cd439d50490038c480229d60a4d7dab28703205a57 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	197 B	2023-03-07	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:19:26 Last Seen2024-04-24 10:22:32 Times Seen85 Hash 166434b88ab96545f891f9c205181c0e 6470a77ba3cfdb07e6f05a76fc6faa5696f7edae 882f522283273ad5ea0ee669556a7af2d26f2ff5cf8797a40868bf40b767a37a Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	196 B	2023-12-01	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-01 18:37:48 Last Seen2024-04-24 10:22:32 Times Seen7 Hash 44d702f46cd882634fabf53eaa537554 f7ac6387bc61f99ee1e50dca1134be468208e5ca 5cf459c7210d386713fb7fb90891688072bab8b1cb159559d0d7c8c9e2509c25 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	347 B	2023-05-22	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 16:17:26 Last Seen2024-04-24 10:22:32 Times Seen35 Hash 7ad688bc5272b943137108b82ab493f2 23f6761f652430c78b47de9caddcd958a361fc85 20a806d82f13390594be5c1a3ce5099169a381a907c2c6fb30f41e893eb2358a Loading...

	www.googletagmanager.com/gtag/js?id=UA-169212633-21	202 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=UA-169212633-21 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:03:46 Last Seen2024-04-16 22:03:47 Times Seen2 Hash 44471de3f0a9c3fed5f2b0657ee24eee 9e036cd4cfd25817f532f78be99a056b2a9aa742 ad54cea756ec9e1378f331f0a9a9ffe8fd185e2254c62ba4ea02f79339986202 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	1.2 kB	2023-12-01	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-01 18:37:48 Last Seen2024-04-24 10:22:32 Times Seen7 Hash 08bcc37b01aa0013142fd29d64157e61 2f9b0116fec4563e107aa7541c7817b058b184cb 121426c6fe0d9a5eafcc9d36729235cf9d611b9410a6cd480391c86e7a9dd4cd Loading...

	imgs.signifyd.com/Y9ogHaBYdU16chzH?32b326bb556cf24c=S9x_Dmb73HRWf1t5qSRGUYU6I3_z2qPZdX0dEbAExTXkEvm6hTH42Y2k176hVGhnni3saetoj62HBCDPj2EkmX7qQOe5Sivko5rBCxCemrSg-BJjdY-EQTYi9gGkL2k80rKJdJDwQ7iTM_8xyL4ce5tQRxtlGg7b3k1d5fNqoFKwd8eyzBSnsy0ePw&jb=313824246a736f753d4e6b667d7a246a71673d4e696c7778266a73623f44617a67646f7a2d32323934	280 kB	2024-04-16	2024-04-16
Pretty URL imgs.signifyd.com/Y9ogHaBYdU16chzH?32b326bb556cf24c=S9x_Dmb73HRWf1t5qSRGUYU6I3_z2qPZdX0dEbAExTXkEvm6hTH42Y2k176hVGhnni3saetoj62HBCDPj2EkmX7qQOe5Sivko5rBCxCemrSg-BJjdY-EQTYi9gGkL2k80rKJdJDwQ7iTM_8xyL4ce5tQRxtlGg7b3k1d5fNqoFKwd8eyzBSnsy0ePw&jb=313824246a736f753d4e6b667d7a246a71673d4e696c7778266a73623f44617a67646f7a2d32323934 IP 91.235.133.113 ASN #30286 THM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:03:46 Last Seen2024-04-16 22:03:47 Times Seen2 Hash 53126c05f2932351f50bc182cb7ae438 135724f51e093c974a12d1c7f15af7b69ba643eb 356bcca3a3c86564fbdbdbd3245e9da7ffd20e960c28ecb79a73a311a37e6c74 Loading...

	getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629	5.0 kB	2024-04-16	2024-04-24
Pretty URL getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP 52.204.254.132 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 22:03:46 Last Seen2024-04-24 10:22:32 Times Seen2 Hash b8775e978b024864dc81239fc16e0907 3f1dbf6f30eb6cb2cd20c9561466827572357bac 39c90103634c7bdfdfc5c5fde9a6ed21aa8e6a034c3da79131df2873a7dae3e1 Loading...

	getxitox.com/js/slidereveal.js	5.5 kB	2023-03-07	2024-04-24
Pretty URL getxitox.com/js/slidereveal.js IP 3.232.3.181 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:19:26 Last Seen2024-04-24 10:22:33 Times Seen193 Hash 31f5a3f634189d0d865a11c9e11d0d79 c00f665e9d15a33455d947b2fa75b731cbd54753 79cddd678b3f3282adb888ed5685ea33f61c3d7dfd562025aa1231fe40ba1140 Loading...

	www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c	242 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:03:46 Last Seen2024-04-16 22:03:47 Times Seen2 Hash 158f8680d4ddafcf6013d33a5c22d1bb 305a69c51f1ac93c03dd4e5148e8e13b25c3cdb2 108b63a824fc5f0ba00b2f00e4988f9f94169b3ab998acf179f434230181bc78 Loading...

	getxitox.com/js/jquery.min.js	88 kB	2023-03-07	2024-04-28
Pretty URL getxitox.com/js/jquery.min.js IP 3.232.3.181 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:01 Last Seen2024-04-28 19:21:24 Times Seen7661 Hash f832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Loading...

		Size	First Seen	Last Seen
	#1 Eval - 90eb5565a909cfb23910404b9543ac4f	61 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:19:58 Last Seen2024-04-26 01:41:23 Times Seen1360 Hash 90eb5565a909cfb23910404b9543ac4f 43956ffd9c2b0dbec81e659e6692a0cfb279d743 4c7434541d1c4e35e47fa7017129597be4de29d8520f8d28324360e68ee147bb Loading...

	#2 Eval - 55daaa2a73fd1b971676f324be974497	50 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:19:58 Last Seen2024-04-26 01:41:23 Times Seen1363 Hash 55daaa2a73fd1b971676f324be974497 f2e39789d9b5daa42d0e044577957b799e620b32 107abd1d4c412c9df04a22eea7a81d0ace815adf4ca7b8c2e3d6ea6c459423b5 Loading...

	#3 Eval - ce3ddefdfa993eff10cce12bad0f161d	74 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:19:58 Last Seen2024-04-26 01:41:23 Times Seen1364 Hash ce3ddefdfa993eff10cce12bad0f161d f1455008ca9dcb80747f474d900994ec2cba7254 5825930e400f3c0b303a930b890dd589e3fefeb58b7a2819919a0bfbd43a958f Loading...

		Size	First Seen	Last Seen
	#1 Write - 99dfa430f38e8f668b499b0748629976	315 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 22:03:46 Last Seen2024-04-16 22:03:46 Times Seen1 Hash 99dfa430f38e8f668b499b0748629976 fb0c10b73dc7757e422651048f859cbfa03e281c 1d03680cb391f580335c600db22ef9f62ce8d00f7d3691e9597054bf84f1b147 Loading...

	#2 Write - cc8bd96e140e98dd95a1bb4bf1c6f461	383 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 22:03:46 Last Seen2024-04-16 22:03:46 Times Seen1 Hash cc8bd96e140e98dd95a1bb4bf1c6f461 cc88215b1948b2f2f62eeee13326e62641cc56e9 9c3950ce993903422e7f5114f6c46dbdbee3c3a1dea84a22af38b7aa3f5d883a Loading...

	#3 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-29
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-29 18:21:49 Times Seen14382 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (87)

URL IP Response Size

www.clkmg.com/healthylife1/wwxiinfo/paulr@mulmerservices.ca/medmarketus.com/B/WWXI4_1/WWXI/

52.27.1.134

302 Found

230 B

URL User Request GET HTTP/1.1
www.clkmg.com/healthylife1/wwxiinfo/paulr@mulmerservices.ca/medmarketus.com/B/WWXI4_1/WWXI/
IP
52.27.1.134:443
ASN
#16509 AMAZON-02

Certificate
IssuerGlobalSign nv-sa
Subject*.clkmg.com
Fingerprint63:8A:A6:9B:36:83:0A:EC:38:E5:D8:2E:98:37:F2:E2:93:A9:E6:B6
ValidityWed, 28 Feb 2024 22:20:05 GMT - Mon, 31 Mar 2025 22:20:04 GMT

File type
HTML document, ASCII text
Size
230 B (230 bytes)
Hash
849487c61ea75f8ca34e2105b6809229
224556f945b6e5514edcea0d21caa6ad2648a429
1e2585796c0d0daae4bb4e350e861f20bba2e64acc9148fd2733c41eb3857d95

HTTP Headers

GET /healthylife1/wwxiinfo/paulr@mulmerservices.ca/medmarketus.com/B/WWXI4_1/WWXI/ HTTP/1.1
Host: www.clkmg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: undefined-origin
Access-Control-Max-Age: 300
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 16 Apr 2024 20:03:11 GMT
Location: https://mweboutstanding.com/8712/178/3/?subid=
P3P: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server: nginx
Set-Cookie: alc=1; domain=.clkmg.com; expires=Tue Apr 16 20:03:16 2024; path=/;
vid=997473833; domain=.clkmg.com; expires=Wed Apr 16 20:03:11 2025; path=/; SameSite=None; Secure;
X-CM-FE: httpfe-1
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Length: 230
Connection: keep-alive

mweboutstanding.com/8712/178/3/?subid=

172.67.177.109

302 Found

392 B

URL User Request GET HTTP/2
mweboutstanding.com/8712/178/3/?subid=
IP
172.67.177.109:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmweboutstanding.com
Fingerprint64:75:FE:F0:0D:ED:C1:64:48:80:FA:A9:1F:DF:C4:F2:3F:B7:60:49
ValiditySat, 09 Mar 2024 10:12:33 GMT - Fri, 07 Jun 2024 10:12:32 GMT

File type
HTML document, ASCII text
Size
392 B (392 bytes)
Hash
dda556075c953cdeae5a88897a485468
8cc78365a1322ca53ca522bdf7ba7e5c86f03e9a
28acaf27d3bc03d0f73cf11eefbef534d51b9673c7ead16e74e933970973ceb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8712/178/3/?subid= HTTP/1.1
Host: mweboutstanding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 20:03:11 GMT
content-type: text/html; charset=UTF-8
location: https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240416200542394&aff_sub=178
cache-control: max-age=3600, private
pragma: no-cache
expires: Tue, 16 Apr 2024 21:05:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbV7F5ZHxs5yBxg; SameSite=Lax; path=/; expires=Wed, 17-Apr-24 19:03:11 GMT; HttpOnly
server: cloudflare
cf-ray: 8756c6fd1a5156a4-OSL
X-Firefox-Spdy: h2

getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629

52.204.254.132

200 OK

134 B

URL User Request GET HTTP/2
getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
IP
52.204.254.132:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 16 Apr 2024 20:03:12 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://getxitox.com:443/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629

getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629

3.232.3.181

200 OK

17 kB

URL User Request GET HTTP/2
getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (456)
Size
17 kB (17115 bytes)
Hash
81ef24d0917e037691c1a7ca65aaa7cd
7753bc3dd2d0fef62f8f72ca4fecd3f6a037b7bd
6f05a9b2cd532af2a9a0838648b90c7559ec155337e575a0f2e80919fb742b57

HTTP Headers

GET /go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/html; charset=UTF-8
content-length: 17115
server: nginx/1.22.1
x-powered-by: PHP/5.6.40
set-cookie: signifyd_token=2572415457388334385; expires=Wed, 17-Apr-2024 20:03:13 GMT; Max-Age=86400; path=/
hasoffers_affiliate_id=2629; expires=Wed, 17-Apr-2024 20:03:13 GMT; Max-Age=86400; path=/
hasoffers_transaction=1027618f3ba55106eaa997a008e255; expires=Fri, 14-Apr-2034 20:03:13 GMT; Max-Age=315360000; path=/; domain=.getxitox.com
aff_sub1=178; path=/; domain=.getxitox.com
aff_sub5=8712_sessid20240416200542394; path=/; domain=.getxitox.com
visitedindexnoaffprog-maxwebphp=1; expires=Mon, 15-Jul-2024 20:03:13 GMT; Max-Age=7776000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

3.164.222.26

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
78666a3bfa68fe4030cf7686466fb3fd
c3e382ff7688d080b842eec9f1f1d78256c8b43b
2b7ead6f4e4dedc475d13fca182142503db22d7ba564eb1db91c7646d2d8d7ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 20:03:13 GMT
Last-Modified: Tue, 16 Apr 2024 19:57:04 GMT
Server: ECAcc (ska/F6D2)
X-Cache: Miss from cloudfront
Via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: cYosTS7SxePID7odxIHFUzKtqmQcrlrs_mW1AyGL1BBlVTUvsEixAA==
Age: 369

ocsp.r2m03.amazontrust.com/

3.164.222.26

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
78666a3bfa68fe4030cf7686466fb3fd
c3e382ff7688d080b842eec9f1f1d78256c8b43b
2b7ead6f4e4dedc475d13fca182142503db22d7ba564eb1db91c7646d2d8d7ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 20:03:13 GMT
Last-Modified: Tue, 16 Apr 2024 19:57:04 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 1461474e0d89d7660f19f427648cae0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: GdfwrKQf85ZoogH27uwsPtPa-F3EdgkUHWXDR6FaDi1UALIBs4SMag==
Age: 369

getxitox.com/css/main.css

3.232.3.181

200 OK

2.9 kB

URL GET HTTP/2
getxitox.com/css/main.css
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
assembler source, ASCII text
Size
2.9 kB (2920 bytes)
Hash
e4e674b25abd1be51b1534dbce77c66b
556a1f78b26f233333259ad453956f85dc56358f
3b480a14755e94f7e571c13d16ebdb9c335a415f8e4cfd90c9e81bc5ec3683bb

HTTP Headers

GET /css/main.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/css
content-length: 2920
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "2fb4-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/css/all.min.css

3.232.3.181

200 OK

12 kB

URL GET HTTP/2
getxitox.com/css/all.min.css
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54998), with no line terminators
Size
12 kB (11944 bytes)
Hash
edd84d47691f748dbd6414c9c0234d78
107a773061dee58f1ebec5738f49b8ba2c230bbb
c5c6e9f9c3344800ce30b5186cecaa2502c43338e3083072a9fe25893dc11cef

HTTP Headers

GET /css/all.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/css
content-length: 11944
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "d6d6-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/css/redscarcitybar2.css

3.232.3.181

200 OK

901 B

URL GET HTTP/2
getxitox.com/css/redscarcitybar2.css
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
assembler source, ASCII text
Size
901 B (901 bytes)
Hash
61bf4c685b40b856be942d3bb821e648
c2677116b2a29935e903bb916f1f43b091ccb24e
6c54cb4464bf269625714bf7c58f4799e6ba8528d7d7de58be62a3881a1e866f

HTTP Headers

GET /css/redscarcitybar2.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/css
content-length: 901
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "e1a-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp

54.230.111.71

200 OK

22 kB

URL GET HTTP/2
cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (22242 bytes)
Hash
0b9b41de247a630e02f2e70b9ad4e6be
033d5726086977b3eab3423bf8f0879f9ef65c27
3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee

HTTP Headers

GET /epishieldplus/optimized-images/newseal.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22242
date: Tue, 16 Apr 2024 07:33:39 GMT
last-modified: Mon, 29 Jun 2020 07:01:49 GMT
etag: "0b9b41de247a630e02f2e70b9ad4e6be"
x-amz-meta-sha256: 3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee
x-amz-meta-s3b-last-modified: 20200629T070116Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kd81-pE40CXHp1AHjhWbwekckqWyI9xbiVf1QlCUBUcz6LYX5DM9kA==
age: 44975
X-Firefox-Spdy: h2

cdn.truegcloud.com/citroburn/images/MBG-Desktop.png

54.230.111.71

200 OK

57 kB

URL GET HTTP/2
cdn.truegcloud.com/citroburn/images/MBG-Desktop.png
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 750 x 150, 8-bit/color RGB, non-interlaced
Size
57 kB (57158 bytes)
Hash
c05b836a7658a41daf2dc51be5737be0
a6af6ccb982624a38f1f86c60934c7e4428dabf4
fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5

HTTP Headers

GET /citroburn/images/MBG-Desktop.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 57158
last-modified: Thu, 20 Aug 2020 10:52:29 GMT
x-amz-meta-sha256: fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5
x-amz-meta-s3b-last-modified: 20200820T105220Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 02:28:42 GMT
etag: "c05b836a7658a41daf2dc51be5737be0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XSod22lTxeCvPUCPh5IU24OgBMB2HzDR1hY6uSUosGIbje-v_N9Vrg==
age: 63272
X-Firefox-Spdy: h2

cdn.truegcloud.com/nutonen/icon-mail1.svg

54.230.111.71

200 OK

878 B

URL GET HTTP/2
cdn.truegcloud.com/nutonen/icon-mail1.svg
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
878 B (878 bytes)
Hash
f89f1e4f86398ef896edd781d500d16f
0894b8e3cfb486cfc9269842e3a5e77f033d618d
4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3

HTTP Headers

GET /nutonen/icon-mail1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 878
date: Tue, 16 Apr 2024 06:55:12 GMT
last-modified: Tue, 07 May 2019 07:49:38 GMT
etag: "f89f1e4f86398ef896edd781d500d16f"
x-amz-meta-sha256: 4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3
x-amz-meta-s3b-last-modified: 20190411T064330Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: umybVOmqu6GKedcX-Jo7pyFc5ACqs2t8GdTlMFf63HmNlA4XIudzhA==
age: 47282
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

3.164.222.26

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
78666a3bfa68fe4030cf7686466fb3fd
c3e382ff7688d080b842eec9f1f1d78256c8b43b
2b7ead6f4e4dedc475d13fca182142503db22d7ba564eb1db91c7646d2d8d7ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 20:03:13 GMT
Server: ECAcc (amb/6AC3)
X-Cache: Miss from cloudfront
Via: 1.1 7146458eabc0c79851363d3a7ad4d72c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: rCRBsRsRiQ-fcEE_KVu5cFf_zWVImmb92yRGRZWB8EsU_qZj4KwfYg==

cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png

54.230.111.71

200 OK

19 kB

URL GET HTTP/2
cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 216 x 133, 8-bit/color RGBA, non-interlaced
Size
19 kB (18574 bytes)
Hash
af6ffdf43cacfbdebbbed0a4a27c804e
0424ceeb566c683b7f4616f5f96484962e2ee3af
4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f

HTTP Headers

GET /simplepromise/SP-Logo-Hanging.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 18574
date: Tue, 16 Apr 2024 06:57:22 GMT
last-modified: Mon, 13 Apr 2020 03:02:47 GMT
etag: "af6ffdf43cacfbdebbbed0a4a27c804e"
x-amz-meta-sha256: 4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f
x-amz-meta-s3b-last-modified: 20200413T030146Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KeYy1BavyXx4Mu4M1qbW4LYc54AxRkkIXOwtxgQvmhRujPZhAOXqsg==
age: 47151
X-Firefox-Spdy: h2

cdn.truegcloud.com/nutonen/icon-location1.svg

54.230.111.71

200 OK

913 B

URL GET HTTP/2
cdn.truegcloud.com/nutonen/icon-location1.svg
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
913 B (913 bytes)
Hash
d3439fa1b0a4ae681311fec979521f2b
11ddfe16802c9d418318933e47478bc4766a297f
f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503

HTTP Headers

GET /nutonen/icon-location1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 913
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503
x-amz-meta-s3b-last-modified: 20190411T064308Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 05:08:09 GMT
etag: "d3439fa1b0a4ae681311fec979521f2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vGZRPlDKNVpKAkTx3xLCs9pUkknryvmPWN_FjCMctgZBGiny464XVA==
age: 53705
X-Firefox-Spdy: h2

cdn.truegcloud.com/nutonen/footer-logo.png

54.230.111.71

200 OK

18 kB

URL GET HTTP/2
cdn.truegcloud.com/nutonen/footer-logo.png
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 422 x 248, 8-bit/color RGBA, non-interlaced
Size
18 kB (18384 bytes)
Hash
86596e58694fe751bc0e74ef3a60986a
9c313a53061f7ed13900b1dc8d1c5bdf60236834
ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef

HTTP Headers

GET /nutonen/footer-logo.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 18384
date: Tue, 16 Apr 2024 05:36:09 GMT
last-modified: Tue, 07 May 2019 07:37:36 GMT
etag: "86596e58694fe751bc0e74ef3a60986a"
x-amz-meta-sha256: ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef
x-amz-meta-s3b-last-modified: 20190411T081706Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EEYYoswFk985H6v40qd572W1W9EMsQWko36DUacmkrSvLVz-ROkrZQ==
age: 52025
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/images/bottle_mention.webp

54.230.111.71

200 OK

76 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/images/bottle_mention.webp
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
76 kB (75832 bytes)
Hash
01a497cf3255f7721149cff77097b1f4
0ad9dc18e4e841527c2c6a2c094d0a9b84073d3f
1e939493061d3e2fe602b8aa184a1c74756a59808656a50b1ac3ebb05c0498ef

HTTP Headers

GET /xitox/images/bottle_mention.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 75832
last-modified: Thu, 13 Apr 2023 08:58:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 20:03:13 GMT
etag: "01a497cf3255f7721149cff77097b1f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aeW3iu0e4HXR2T_0hqf9Vbqsza268TyU_ia5WQl4olFRuEAaveUf4w==
age: 36683
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp

54.230.111.71

200 OK

54 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
54 kB (53456 bytes)
Hash
022d788f32d49ab893e886a0b76cd2fc
4a8afaf743570c7cf07102b4d802ae5b35907e1d
4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93

HTTP Headers

GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 53456
date: Tue, 16 Apr 2024 07:24:49 GMT
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
etag: "022d788f32d49ab893e886a0b76cd2fc"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6u29Ljw73EzRsQzdI7FTsOnbxfe3hlbH7AwK0Fb6rAJ0QW_DNz2XTw==
age: 45505
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-169212633-21

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-169212633-21
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (72972 bytes)
Hash
44471de3f0a9c3fed5f2b0657ee24eee
9e036cd4cfd25817f532f78be99a056b2a9aa742
ad54cea756ec9e1378f331f0a9a9ffe8fd185e2254c62ba4ea02f79339986202

HTTP Headers

GET /gtag/js?id=UA-169212633-21 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 20:03:13 GMT
expires: Tue, 16 Apr 2024 20:03:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72972
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp

54.230.111.71

200 OK

63 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
63 kB (63072 bytes)
Hash
29c062cc5de9d03762bf531f09c243ad
34f557539b1226e9ee6d8635d9b0c3b7ffd7da02
35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3

HTTP Headers

GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 63072
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 20:03:13 GMT
etag: "29c062cc5de9d03762bf531f09c243ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fw52VyAZZJ3PzA0smQ3xuYPo5HessjbmF-I1RDn_4yd15XN5-22BYQ==
age: 8453
X-Firefox-Spdy: h2

getxitox.com/css/skeleton.min.css

3.232.3.181

200 OK

23 kB

URL GET HTTP/2
getxitox.com/css/skeleton.min.css
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65324)
Size
23 kB (23238 bytes)
Hash
a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

HTTP Headers

GET /css/skeleton.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/css
content-length: 23238
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "2606e-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp

54.230.111.71

200 OK

69 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
69 kB (68632 bytes)
Hash
09455703253cc258426078c211587e22
7c0b8afb0b3906a00c241a042794900eb65f22dd
8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f

HTTP Headers

GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 68632
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f
x-amz-meta-s3b-last-modified: 20230406T073709Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 20:03:13 GMT
etag: "09455703253cc258426078c211587e22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f9RKSzCy4Kegk03rA7Mx-CEzg-QhzPOw6Q1Bav9hfoHqQEmlyqYyoQ==
age: 44748
X-Firefox-Spdy: h2

getxitox.com/js/slidereveal.js

3.232.3.181

200 OK

1.6 kB

URL GET HTTP/2
getxitox.com/js/slidereveal.js
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
1.6 kB (1550 bytes)
Hash
31f5a3f634189d0d865a11c9e11d0d79
c00f665e9d15a33455d947b2fa75b731cbd54753
79cddd678b3f3282adb888ed5685ea33f61c3d7dfd562025aa1231fe40ba1140

HTTP Headers

GET /js/slidereveal.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: application/javascript
content-length: 1550
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "159f-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp

54.230.111.71

200 OK

14 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (13484 bytes)
Hash
a95ee5c046085a1dc469198e6531a013
3ec4c8806bd2c987f9b9199394f2e2e8185af8a7
c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9

HTTP Headers

GET /xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 13484
last-modified: Fri, 11 Aug 2023 09:35:58 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9
x-amz-meta-s3b-last-modified: 20230811T093449Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 07:35:46 GMT
etag: "a95ee5c046085a1dc469198e6531a013"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dxMuzZrsMG2BOQn-Bv20E08CUv_BAptld5wxTOawuf55WZuY2Ni9Gw==
age: 44848
X-Firefox-Spdy: h2

getxitox.com/js/skeleton.bundle.min.js

3.232.3.181

200 OK

22 kB

URL GET HTTP/2
getxitox.com/js/skeleton.bundle.min.js
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65297)
Size
22 kB (22295 bytes)
Hash
a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

HTTP Headers

GET /js/skeleton.bundle.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: application/javascript
content-length: 22295
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "1332b-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getxitox.com/js/jquery.min.js

3.232.3.181

200 OK

31 kB

URL GET HTTP/2
getxitox.com/js/jquery.min.js
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30675 bytes)
Hash
f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: application/javascript
content-length: 30675
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "15850-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.truegcloud.com/scripts/jquery.1.9.1.min.js

54.230.111.71

200 OK

33 kB

URL GET HTTP/2
cdn.truegcloud.com/scripts/jquery.1.9.1.min.js
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
33 kB (33331 bytes)
Hash
9eb27261d238c512adb2c71f4da74872
c48c18939516a16c686081b76431a978c0a9fa81
b316b2fbcbf155d79ecd4f59802f0a9964e225fe72179d144fcf9b92fcca03ea

HTTP Headers

GET /scripts/jquery.1.9.1.min.js HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 26 Jan 2020 18:15:34 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 06:26:46 GMT
cache-control: max-age=86400
etag: W/"397754ba49e9e0cf4e7c190da78dda05"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XmcRMv74MMPVvGvMAT4o3u9saeakwoUFjV2fMTn4ttQXq6_vxiqlfw==
age: 48987
X-Firefox-Spdy: h2

main.tgoptimize.com/load.js?r=0.5477329350688612&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629

44.205.55.198

200 OK

1.4 kB

URL GET HTTP/2
main.tgoptimize.com/load.js?r=0.5477329350688612&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629
IP
44.205.55.198:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectmain.tgoptimize.com
Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.4 kB (1430 bytes)
Hash
20872486e142e4263e62b6d4d8e89780
354b051e78f5a3ff3ac0379de79cbf4060da5704
023315a38f3bf1c67544449988a781707a0be9a6e6a941a65f367d555b44fd8f

HTTP Headers

GET /load.js?r=0.5477329350688612&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:14 GMT
content-type: text/html; charset=UTF-8
content-length: 1430
server: Apache
set-cookie: tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3; expires=Wed, 13-Apr-2039 20:03:14 GMT; Max-Age=473040000; path=/
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC

142.250.74.168

200 OK

104 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (55129)
Size
104 kB (104393 bytes)
Hash
db28b3c405c945a774fad429e41b35e6
94afe7c1d327a98050998a28a6ef78c1a57ee875
ca4c83e5ec7cd0f8e6424be66ae6a275681c6b2103a61462f357a4592a363f6f

HTTP Headers

GET /gtm.js?id=GTM-KMZ74FC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 20:03:14 GMT
expires: Tue, 16 Apr 2024 20:03:14 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 19:20:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104393
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3&r=0.9206487163003106&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629

44.205.55.198

200 OK

35 B

URL GET HTTP/2
main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3&r=0.9206487163003106&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629
IP
44.205.55.198:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectmain.tgoptimize.com
Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
GIF image data, version 87a, 1 x 1
Size
35 B (35 bytes)
Hash
729c3007a8ed0597531b0c76d54a94bb
90fe9b8a8142548fdfab29f59cb0a164a0eaef81
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

HTTP Headers

GET /my.gif?verifier=&tgopt_12129=1&tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3&r=0.9206487163003106&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:14 GMT
content-type: image/gif
content-length: 35
server: Apache
X-Firefox-Spdy: h2

cdn.truegcloud.com/epishieldplus/newseal.png

54.230.111.71

200 OK

29 kB

URL GET HTTP/2
cdn.truegcloud.com/epishieldplus/newseal.png
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 318 x 311, 8-bit colormap, non-interlaced
Size
29 kB (28820 bytes)
Hash
e279243ea699343e8c39ed7b821e8430
6e91efc8e714a73b63a0f91022987ae06d620f44
f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b

HTTP Headers

GET /epishieldplus/newseal.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 28820
last-modified: Mon, 29 Jun 2020 07:24:56 GMT
x-amz-meta-sha256: f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b
x-amz-meta-s3b-last-modified: 20200629T072358Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 09:51:51 GMT
etag: "e279243ea699343e8c39ed7b821e8430"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pAeoX8tpSyOvK36chGTB5PDSmNPYwEcmQwbRldbq-j7E3MyJsp4MNg==
age: 36684
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:38:02 GMT
expires: Fri, 11 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 494712
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

getxitox.com/webfonts/fa-solid-900.woff2

3.232.3.181

200 OK

74 kB

URL GET HTTP/2
getxitox.com/webfonts/fa-solid-900.woff2
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 73852, version 1.0
Size
74 kB (73852 bytes)
Hash
fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

HTTP Headers

GET /webfonts/fa-solid-900.woff2 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/css/all.min.css
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394; tgopt_12129=1; tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:14 GMT
content-length: 73852
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "1207c-616306f036a40"
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.truegcloud.com/xitox/images/bottle_mention.png

54.230.111.71

200 OK

188 kB

URL GET HTTP/2
cdn.truegcloud.com/xitox/images/bottle_mention.png
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
PNG image data, 1308 x 939, 8-bit colormap, non-interlaced
Size
188 kB (187749 bytes)
Hash
5cab986cff18198ae5e79fd393ff75cb
f00667912fd25062171b351245f0f7d0cc289f9e
2d5f155a2e8e45ecdf9294cc6995f06baceb35fd27cb14751d726c6bb662308c

HTTP Headers

GET /xitox/images/bottle_mention.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 187749
date: Tue, 16 Apr 2024 06:25:16 GMT
last-modified: Thu, 13 Apr 2023 08:58:00 GMT
etag: "5cab986cff18198ae5e79fd393ff75cb"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CXmYfPPrlJGrXBuXMsCqB51PM54Cp3-X53VNbjQgCNKQO9WTl47Dhw==
age: 49079
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:21:46 GMT
expires: Fri, 11 Apr 2025 17:21:46 GMT
cache-control: public, max-age=31536000
age: 441688
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg

54.230.111.71

200 OK

34 kB

URL GET HTTP/2
cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
34 kB (34089 bytes)
Hash
a86136a2e44c22023aa5496228684efd
aeb7e2069e3ac3f9755f2d6fe0d0de47886f7c60
495abb81f36868d89668ec02a05d10d715c850cbc581a6a32c5dedf398bd9617

HTTP Headers

GET /cyabags/5thglow-phone-inverted.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 16 Apr 2024 02:49:51 GMT
last-modified: Mon, 24 Jun 2019 02:14:42 GMT
etag: W/"4de1717957b315eb71c304f8ba029ae7"
x-amz-meta-sha256: fc4704f46cf73a52c423292dda6cd0fc8d521e60d20fc1561df114a0d86a55a1
x-amz-meta-s3b-last-modified: 20190613T093902Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jmPVBqYSr_wD9FRN8dZkxQ2a0hEn4rV9SE9y4h3KVbBDE_W622hVXA==
age: 62002
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:02:47 GMT
expires: Wed, 16 Apr 2025 02:02:47 GMT
cache-control: public, max-age=31536000
age: 64827
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

216.58.207.227

200 OK

34 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34288, version 1.0
Size
34 kB (34288 bytes)
Hash
71221d6bf4204042b1bbc3902d08a81b
92a10d7982d33e1e216ee8e1aec79c3ae8bcb8b6
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

HTTP Headers

GET /s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:57:05 GMT
expires: Fri, 11 Apr 2025 02:57:05 GMT
cache-control: public, max-age=31536000
age: 493569
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27812, version 1.0
Size
28 kB (27812 bytes)
Hash
89711a1150919edc93f67f067ef94f62
9f2ac701d67d1ab3a2efe7d4edc663d3d5270fef
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:40 GMT
expires: Wed, 16 Apr 2025 01:54:40 GMT
cache-control: public, max-age=31536000
age: 65314
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
86 kB (86462 bytes)
Hash
158f8680d4ddafcf6013d33a5c22d1bb
305a69c51f1ac93c03dd4e5148e8e13b25c3cdb2
108b63a824fc5f0ba00b2f00e4988f9f94169b3ab998acf179f434230181bc78

HTTP Headers

GET /gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 20:03:14 GMT
expires: Tue, 16 Apr 2024 20:03:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86462
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js

151.101.65.91

200 OK

7.8 kB

URL GET HTTP/2
fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21453), with no line terminators
Size
7.8 kB (7790 bytes)
Hash
58dd1a4eca6cd3e55b7ccf65804454f7
47b1426cb825ea719cf5dc383aa7bcdb0ec300cc
a820bbfcbf9bb777fbafa11bb1fe416edb8c66a036785ae39dff48f0bc59daef

HTTP Headers

GET /embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 44
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=900, s-maxage=1800
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:14 GMT
age: 373
x-served-by: cache-dfw-kdal2120070-DFW, cache-hel1410029-HEL
x-cache: HIT, MISS
x-cache-hits: 9, 0
x-timer: S1713297795.824428,VS0,VE126
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7790
X-Firefox-Spdy: h2

imgs.signifyd.com/uvc4zuwwxp4vqrsd.js?9zs99lsdp73zpttf=w2txo5aa&8dtt7x306fso767k=2572415457388334385

91.235.133.113

200 OK

13 kB

URL GET HTTP/1.1
imgs.signifyd.com/uvc4zuwwxp4vqrsd.js?9zs99lsdp73zpttf=w2txo5aa&8dtt7x306fso767k=2572415457388334385
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (15506)
Size
13 kB (13310 bytes)
Hash
50a63512c5b2b2a09dadd635fc0e9973
5ad702ddab4d7a44e192f9f9a661b408d900d839
e6d7f092d4e79289c7688fe1db631e42462c36dc1e2054f439d5c02c1b07bd34

HTTP Headers

GET /uvc4zuwwxp4vqrsd.js?9zs99lsdp73zpttf=w2txo5aa&8dtt7x306fso767k=2572415457388334385 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Set-Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=228691347.1713297795&gtm=45je44f0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=130322622

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=228691347.1713297795&gtm=45je44f0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=130322622
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68
ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=228691347.1713297795&gtm=45je44f0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=130322622 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 20:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d10lpsik1i8c69.cloudfront.net/w.js

54.230.241.104

200 OK

255 kB

URL GET HTTP/2
d10lpsik1i8c69.cloudfront.net/w.js
IP
54.230.241.104:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
255 kB (255135 bytes)
Hash
8e62e4bc47a4fd176d80d63f48ff6734
a3f3d22721e7cd45e6539fc396810b79525c3144
7e46ac8cdb900010285edfa160df33801d5f0e0d2887e830a85b0a7abad3af35

HTTP Headers

GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 19:48:39 GMT
cache-control: max-age=3600
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LHeyR0JGcy7PAbPCTLpHDOL3y0h6ydArcAp5GCPN0wwxBSXoSbOSFQ==
age: 877
X-Firefox-Spdy: h2

getxitox.com/favicon.ico

3.232.3.181

404 Not Found

711 B

URL GET HTTP/2
getxitox.com/favicon.ico
IP
3.232.3.181:443
ASN
#14618 AMAZON-AES

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectgetxitox.com
Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3
ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
711 B (711 bytes)
Hash
05affb5bd9a015005e21864f7b1f4a48
7d551fedc99f300a3d2cf8d5b4a33dda78ba4e86
9f521aa7baebe8894c29d91fa80a7c1d7fa87ed488591877e9811fe2a83d5f14

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394; tgopt_12129=1; tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3; enterDate=Tue Apr 16 2024 20:03:14 GMT+0000 (GMT); _ga_SNNMPY2Z6B=GS1.1.1713297794.1.1.1713297794.60.0.0; _ga=GA1.1.228691347.1713297795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Tue, 16 Apr 2024 20:03:15 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.22.1
content-encoding: gzip
X-Firefox-Spdy: h2

imgs.signifyd.com/dezTh6F4cvGDbFuj?c9cce14c1e59e543=_ewZy5GQ0pOY7N_LI1ke_xKEMQQCOEScFNcuF_JB9kVuaU9Xhd_RhqbFVXfssMg-pydCzumAQ8TtRAfHwgWzFY373TK17v1gNIT7fbuzF-Q-C_ejVoLt5mNwSUdqKgLngtbMhKKpAz5wKKy1

91.235.133.113

200 OK

81 B

URL GET HTTP/1.1
imgs.signifyd.com/dezTh6F4cvGDbFuj?c9cce14c1e59e543=_ewZy5GQ0pOY7N_LI1ke_xKEMQQCOEScFNcuF_JB9kVuaU9Xhd_RhqbFVXfssMg-pydCzumAQ8TtRAfHwgWzFY373TK17v1gNIT7fbuzF-Q-C_ejVoLt5mNwSUdqKgLngtbMhKKpAz5wKKy1
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced
Size
81 B (81 bytes)
Hash
1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

HTTP Headers

GET /dezTh6F4cvGDbFuj?c9cce14c1e59e543=_ewZy5GQ0pOY7N_LI1ke_xKEMQQCOEScFNcuF_JB9kVuaU9Xhd_RhqbFVXfssMg-pydCzumAQ8TtRAfHwgWzFY373TK17v1gNIT7fbuzF-Q-C_ejVoLt5mNwSUdqKgLngtbMhKKpAz5wKKy1 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png

imgs.signifyd.com/Y9ogHaBYdU16chzH?32b326bb556cf24c=S9x_Dmb73HRWf1t5qSRGUYU6I3_z2qPZdX0dEbAExTXkEvm6hTH42Y2k176hVGhnni3saetoj62HBCDPj2EkmX7qQOe5Sivko5rBCxCemrSg-BJjdY-EQTYi9gGkL2k80rKJdJDwQ7iTM_8xyL4ce5tQRxtlGg7b3k1d5fNqoFKwd8eyzBSnsy0ePw&jb=313824246a736f753d4e6b667d7a246a71673d4e696c7778266a73623f44617a67646f7a2d32323934

91.235.133.113

200 OK

46 kB

URL GET HTTP/1.1
imgs.signifyd.com/Y9ogHaBYdU16chzH?32b326bb556cf24c=S9x_Dmb73HRWf1t5qSRGUYU6I3_z2qPZdX0dEbAExTXkEvm6hTH42Y2k176hVGhnni3saetoj62HBCDPj2EkmX7qQOe5Sivko5rBCxCemrSg-BJjdY-EQTYi9gGkL2k80rKJdJDwQ7iTM_8xyL4ce5tQRxtlGg7b3k1d5fNqoFKwd8eyzBSnsy0ePw&jb=313824246a736f753d4e6b667d7a246a71673d4e696c7778266a73623f44617a67646f7a2d32323934
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (9002)
Size
46 kB (45790 bytes)
Hash
53126c05f2932351f50bc182cb7ae438
135724f51e093c974a12d1c7f15af7b69ba643eb
356bcca3a3c86564fbdbdbd3245e9da7ffd20e960c28ecb79a73a311a37e6c74

HTTP Headers

GET /Y9ogHaBYdU16chzH?32b326bb556cf24c=S9x_Dmb73HRWf1t5qSRGUYU6I3_z2qPZdX0dEbAExTXkEvm6hTH42Y2k176hVGhnni3saetoj62HBCDPj2EkmX7qQOe5Sivko5rBCxCemrSg-BJjdY-EQTYi9gGkL2k80rKJdJDwQ7iTM_8xyL4ce5tQRxtlGg7b3k1d5fNqoFKwd8eyzBSnsy0ePw&jb=313824246a736f753d4e6b667d7a246a71673d4e696c7778266a73623f44617a67646f7a2d32323934 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 63a625b3bceb9b27
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

imgs.signifyd.com/zUiO6_CLAe3dX5im?6a3aa809d39f67d0=Y4L-E7-CyDOJ57c4Xx0SyngBn67PxJ4xfQbd1JsMfBuGIvaUcMxnAa-OjgZVDQRw9Dt5Z-rn3cRFUz__IAO_96lYcsmd_hiahlRYhhB3YNwZZ7XqG_CSOqH8VGGVuKLXHSVDDjd6xn_6Mz2U

91.235.133.113

200 OK

81 B

URL GET HTTP/1.1
imgs.signifyd.com/zUiO6_CLAe3dX5im?6a3aa809d39f67d0=Y4L-E7-CyDOJ57c4Xx0SyngBn67PxJ4xfQbd1JsMfBuGIvaUcMxnAa-OjgZVDQRw9Dt5Z-rn3cRFUz__IAO_96lYcsmd_hiahlRYhhB3YNwZZ7XqG_CSOqH8VGGVuKLXHSVDDjd6xn_6Mz2U
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced
Size
81 B (81 bytes)
Hash
1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

HTTP Headers

GET /zUiO6_CLAe3dX5im?6a3aa809d39f67d0=Y4L-E7-CyDOJ57c4Xx0SyngBn67PxJ4xfQbd1JsMfBuGIvaUcMxnAa-OjgZVDQRw9Dt5Z-rn3cRFUz__IAO_96lYcsmd_hiahlRYhhB3YNwZZ7XqG_CSOqH8VGGVuKLXHSVDDjd6xn_6Mz2U HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png

region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825za200&_p=1713297794549&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713297794&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4258

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825za200&_p=1713297794549&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713297794&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4258
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825za200&_p=1713297794549&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713297794&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4258 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://getxitox.com
date: Tue, 16 Apr 2024 20:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8

151.101.65.91

200 OK

1.1 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
1.1 kB (1137 bytes)
Hash
01a4b36b437c6ff93d233c8d0abbe2f8
1663d9258a4fa2236d3c8f794b91ccbf5260d3cd
8567054e9b455b4735a7f5e412debf56810844e204d1d4ab0f80743d839989a4

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1137
x-guploader-uploadid: ADPycduVrkjVXVCM_5Dr4IG6fXw-U_g98JYx8F9fYztxutiIAkFOxp1_R7j5wo-P3Vf85T5Ej2fY0Ycnaro-GNOMTvjQqzSGEm9f
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:09 GMT
last-modified: Mon, 25 Sep 2023 15:30:29 GMT
etag: "01a4b36b437c6ff93d233c8d0abbe2f8"
x-goog-generation: 1695655829791443
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1137
content-type: application/octet-stream
x-goog-hash: crc32c=5Yk1dA==, md5=AaSza0N8b/k9IzyNCrvi+A==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 808816
date: Tue, 16 Apr 2024 20:03:15 GMT
x-served-by: cache-dfw-kdfw8210133-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 596, 0
x-timer: S1713297796.671361,VS0,VE126
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

91.235.133.113

204 No Content

0 B

URL GET HTTP/1.1
imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jb=3136246e73613d35633b67313b323432663d313664363338323736656360396d666162606e3966
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jb=3136246e73613d35633b67313b323432663d313664363338323736656360396d666162606e3966 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript

imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO

91.235.133.113

200 OK

13 kB

URL GET HTTP/1.1
imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
HTML document, ASCII text, with very long lines (15506)
Size
13 kB (13306 bytes)
Hash
85b3058f7fb97a27a0d896a54311442d
05fbe3f18eb5211ac6bfd13b8f458ca43f71e078
53ce6f0dcc83185270707e97c9ec02726407fcce27db545d115ec7926e79bc77

HTTP Headers

GET /oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

imgs.signifyd.com/W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg

91.235.133.113

200 OK

13 kB

URL GET HTTP/1.1
imgs.signifyd.com/W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
HTML document, ASCII text, with very long lines (15506)
Size
13 kB (13254 bytes)
Hash
c0f33bc4686a8b9b97011fcccb05a828
345949f0be34499829dd9aa1a0df55fac0e9ed86
6b682f1ae229632604b12f69abb0ec28145933845ddbe2064da8feb1c47b95ce

HTTP Headers

GET /W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&ja=3a34362426633d3026783f382e643f313030307a313230342661663d333030387a3330303c2671787b3f3078302664727035392e33323a382c333030362c313238302e33383a362e313030302e313230342c313238322e393830362c322430246d763f32376635316631393c3b6736606e3232396034366264333835603869643163362e6d6c3d30247363643d32362464603f6a7476787327334327324625324665677c706b766f7a26636d6d273046676f2532446b666c677a6e6d69666470706d672d6d617875676a26726a70273b467672636c732533443132303f3e333a66316a613735333236656161393b356938323a65303d352732346366665f737560332d3b4633373a2d32346164645f7375623227314c2d303461646e5f71756031253344253234636e6e5d7175603c2531442730366166665f71776a3d2731443a3f31305f7167737369643232303c3836333630383037343031393425323663646e616e6b61766d5f6b6427314432363239247264353724706a35653a3030666661353535333b3b6e3667626730393b33676034613939323b326c2e6a6a3d303c6161663266626332356536666c3c603b65616a663561363738316265643224627b6d3f4c6b66757a266871623d466972676467702730303b3e2668736d773d4c696e757a246660613f343a2e6e6f74723f3026747a643f575c4b246f617660723f373364353438653460313e383a6066666e623a39613b393666666436643f38643332636d3366363463646634323931373e6a3b6433606b36353760306665326626723f78647765696c57666e61716a25354566616e716d29726e7565616e5d776b6c646f77735f6f676c61635d706e6979677227374566616c73672378647765696c5761666f60675f6163726f60637c2d3747666364736721726e7567696e5f7377616b6976696f6d25374564636c736521706e776f616c5d736a6763697763746525354566636e7b6d23726c776f696c5f7067616c706c617b677a2d3747666364736721726e7567696e5f746e6b57726e617b6d7227354764616c736521726e7d6f6b6c5f666d76636c747025354566616e716d29726e7565616e5d7374655f7669657767702d3d4764616e7b6523706e7767696e5f6a6374692d37476663647367266161643d353833373339&jb=3b35246e713d4d6f7a6b6e64692730463726302732322a583131253340273a384e6b6e77702530307a3a365f36342531402d3a327076273b413b362c322925323047676163672730463038313230333231253230466b706d6e6d7a25304e39342e32

91.235.133.113

204 204

0 B

URL GET HTTP/1.1
imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&ja=3a34362426633d3026783f382e643f313030307a313230342661663d333030387a3330303c2671787b3f3078302664727035392e33323a382c333030362c313238302e33383a362e313030302e313230342c313238322e393830362c322430246d763f32376635316631393c3b6736606e3232396034366264333835603869643163362e6d6c3d30247363643d32362464603f6a7476787327334327324625324665677c706b766f7a26636d6d273046676f2532446b666c677a6e6d69666470706d672d6d617875676a26726a70273b467672636c732533443132303f3e333a66316a613735333236656161393b356938323a65303d352732346366665f737560332d3b4633373a2d32346164645f7375623227314c2d303461646e5f71756031253344253234636e6e5d7175603c2531442730366166665f71776a3d2731443a3f31305f7167737369643232303c3836333630383037343031393425323663646e616e6b61766d5f6b6427314432363239247264353724706a35653a3030666661353535333b3b6e3667626730393b33676034613939323b326c2e6a6a3d303c6161663266626332356536666c3c603b65616a663561363738316265643224627b6d3f4c6b66757a266871623d466972676467702730303b3e2668736d773d4c696e757a246660613f343a2e6e6f74723f3026747a643f575c4b246f617660723f373364353438653460313e383a6066666e623a39613b393666666436643f38643332636d3366363463646634323931373e6a3b6433606b36353760306665326626723f78647765696c57666e61716a25354566616e716d29726e7565616e5d776b6c646f77735f6f676c61635d706e6979677227374566616c73672378647765696c5761666f60675f6163726f60637c2d3747666364736721726e7567696e5f7377616b6976696f6d25374564636c736521706e776f616c5d736a6763697763746525354566636e7b6d23726c776f696c5f7067616c706c617b677a2d3747666364736721726e7567696e5f746e6b57726e617b6d7227354764616c736521726e7d6f6b6c5f666d76636c747025354566616e716d29726e7565616e5d7374655f7669657767702d3d4764616e7b6523706e7767696e5f6a6374692d37476663647367266161643d353833373339&jb=3b35246e713d4d6f7a6b6e64692730463726302732322a583131253340273a384e6b6e77702530307a3a365f36342531402d3a327076273b413b362c322925323047676163672730463038313230333231253230466b706d6e6d7a25304e39342e32
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&ja=3a34362426633d3026783f382e643f313030307a313230342661663d333030387a3330303c2671787b3f3078302664727035392e33323a382c333030362c313238302e33383a362e313030302e313230342c313238322e393830362c322430246d763f32376635316631393c3b6736606e3232396034366264333835603869643163362e6d6c3d30247363643d32362464603f6a7476787327334327324625324665677c706b766f7a26636d6d273046676f2532446b666c677a6e6d69666470706d672d6d617875676a26726a70273b467672636c732533443132303f3e333a66316a613735333236656161393b356938323a65303d352732346366665f737560332d3b4633373a2d32346164645f7375623227314c2d303461646e5f71756031253344253234636e6e5d7175603c2531442730366166665f71776a3d2731443a3f31305f7167737369643232303c3836333630383037343031393425323663646e616e6b61766d5f6b6427314432363239247264353724706a35653a3030666661353535333b3b6e3667626730393b33676034613939323b326c2e6a6a3d303c6161663266626332356536666c3c603b65616a663561363738316265643224627b6d3f4c6b66757a266871623d466972676467702730303b3e2668736d773d4c696e757a246660613f343a2e6e6f74723f3026747a643f575c4b246f617660723f373364353438653460313e383a6066666e623a39613b393666666436643f38643332636d3366363463646634323931373e6a3b6433606b36353760306665326626723f78647765696c57666e61716a25354566616e716d29726e7565616e5d776b6c646f77735f6f676c61635d706e6979677227374566616c73672378647765696c5761666f60675f6163726f60637c2d3747666364736721726e7567696e5f7377616b6976696f6d25374564636c736521706e776f616c5d736a6763697763746525354566636e7b6d23726c776f696c5f7067616c706c617b677a2d3747666364736721726e7567696e5f746e6b57726e617b6d7227354764616c736521726e7d6f6b6c5f666d76636c747025354566616e716d29726e7565616e5d7374655f7669657767702d3d4764616e7b6523706e7767696e5f6a6374692d37476663647367266161643d353833373339&jb=3b35246e713d4d6f7a6b6e64692730463726302732322a583131253340273a384e6b6e77702530307a3a365f36342531402d3a327076273b413b362c322925323047676163672730463038313230333231253230466b706d6e6d7a25304e39342e32 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 204
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive

imgs.signifyd.com/fp/clear.png

91.235.133.113

200 OK

81 B

URL GET HTTP/1.1
imgs.signifyd.com/fp/clear.png
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type
PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced
Size
81 B (81 bytes)
Hash
1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

HTTP Headers

GET /fp/clear.png HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, w2txo5aa/63a625b3bceb9b272572415457388334385
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 16 Apr 2024 20:03:15 GMT
Expires: Sun, 15 Apr 2029 20:03:15 GMT
Etag: 9c8f72602fa74a499a8e770360fe0010
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://getxitox.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8

151.101.65.91

200 OK

60 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
60 kB (59930 bytes)
Hash
bb832cf8865dc7037ea21352c755da04
46c3b18627b8a603947e0bda666c82c769c2c522
ef601bbf5efb4e47db18c4b7858513cd182d221b44098beab6e3d84d3b053ba0

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 59930
x-guploader-uploadid: ABPtcPqLEnakTffi6lBwaoRqvU3vv7zb92rK9OIsV_i4E14p4YAn1OL8ymoeBZf5anHVhXTnOneuQqTrfQ
cache-control: public, max-age=31104000
expires: Thu, 03 Apr 2025 13:01:22 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "bb832cf8865dc7037ea21352c755da04"
x-goog-generation: 1693324458401827
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 59930
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=5Rge5g==, md5=u4Ms+IZdxwN+ohNSx1XaBA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 716514
date: Tue, 16 Apr 2024 20:03:15 GMT
x-served-by: cache-dfw-kdal2120023-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 380, 0
x-timer: S1713297796.936885,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8

151.101.65.91

200 OK

46 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
46 kB (46406 bytes)
Hash
dc6e5df96aa662744cfe6bbdb276d17d
dc4994afb2fe9a920b5c6f328b0fc93b31342aae
6a384320df21e240d2b0c9d0adf9993fbc72c69ecafce6c6e8bd85099f2fa430

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 46406
x-guploader-uploadid: ADPycdvl9tUYJsOSc0CQuPe0acpD2ES6XmvIfTXgyWdDIcU9_y9N7rZIjW6jNRDYyZOuGHI624-8V_-Tj7s2zhkvPpy-JluPtmsw
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "dc6e5df96aa662744cfe6bbdb276d17d"
x-goog-generation: 1693324458399105
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 46406
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Rc2Iow==, md5=3G5d+WqmYnRM/mu9snbRfQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 725325
date: Tue, 16 Apr 2024 20:03:15 GMT
x-served-by: cache-dfw-kdfw8210043-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 337, 0
x-timer: S1713297796.940542,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

77 B

URL POST HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bitmovin.com
FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C
ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT

File type
JSON text data
Size
77 B (77 bytes)
Hash
40f9443d5dc02e385b00b24c1f570269
c0e65fe8f73334d638173b9e33eff4f36d913104
ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 99
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: v1.62.1
date: Tue, 16 Apr 2024 20:03:15 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

imgs.signifyd.com/hBzYCHqqQvFV4HOL?af255b4aee77fb9d=_0gKJyxjBz8jt0oJZv-_nPfx-uVtOOdXEl3l7g927JdbCYZatpAQ_px63oSOSfEDo9foYiipdmUuvQkX3x_eLEBgnWqPZJAAFBQ4JXHUZMpPcAO1yBxPezxo7ThN5F-m9-Wg&jf=3136246e73623d613334603e6d36346163383436376366616330363735376c3b663332316d6564

91.235.133.113

204 No Content

0 B

URL GET HTTP/1.1
imgs.signifyd.com/hBzYCHqqQvFV4HOL?af255b4aee77fb9d=_0gKJyxjBz8jt0oJZv-_nPfx-uVtOOdXEl3l7g927JdbCYZatpAQ_px63oSOSfEDo9foYiipdmUuvQkX3x_eLEBgnWqPZJAAFBQ4JXHUZMpPcAO1yBxPezxo7ThN5F-m9-Wg&jf=3136246e73623d613334603e6d36346163383436376366616330363735376c3b663332316d6564
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hBzYCHqqQvFV4HOL?af255b4aee77fb9d=_0gKJyxjBz8jt0oJZv-_nPfx-uVtOOdXEl3l7g927JdbCYZatpAQ_px63oSOSfEDo9foYiipdmUuvQkX3x_eLEBgnWqPZJAAFBQ4JXHUZMpPcAO1yBxPezxo7ThN5F-m9-Wg&jf=3136246e73623d613334603e6d36346163383436376366616330363735376c3b663332316d6564 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Tue, 16 Apr 2024 20:03:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts

151.101.65.91

200 OK

160 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
160 kB (160176 bytes)
Hash
7fdcbc5ecf72c2dba9eccdac95c0cc60
c967d3220f65717f925b41f2fcc9f28ceac5337f
4104a53abb2627f21691f7dbbd6d787f5aee7c0326651e7103878343e679f185

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 160176
x-guploader-uploadid: ABPtcPpGUBBW_yJIVGa5Wmiz8vAhMkvji1ZzPIHkypzCKV1njR5w8iasUiU1O20_PvfVW9cn9jk
cache-control: public, max-age=31104000
expires: Thu, 16 Jan 2025 17:39:17 GMT
last-modified: Tue, 29 Aug 2023 15:50:41 GMT
etag: "7fdcbc5ecf72c2dba9eccdac95c0cc60"
x-goog-generation: 1693324241421854
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 160176
content-type: video/mp2t
x-goog-hash: crc32c=EYz/Ow==, md5=f9y8Xs9ywtup7M2slcDMYA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 804313
date: Tue, 16 Apr 2024 20:03:16 GMT
x-served-by: cache-dfw-kdfw8210085-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 239, 0
x-timer: S1713297796.115900,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts

151.101.65.91

200 OK

35 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
35 kB (34968 bytes)
Hash
5c5618a29d45a23b88d2203da2c52649
8ae3529c5b0a94f1fb7621f7e7034dc2c45d610b
43bfb43eb0a7f2b3faaae84c7d460e74277955f9fcdc496b134bb28621df5179

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 34968
x-guploader-uploadid: ABPtcPrVJV-F4L5jmSAtnNyhFr3qd44tEYX7SuZlgeRfyAqmYm1gPjjfwBskHiWo_kjjb30knzTDcEsqYDQT4YlVDguWaoDp10yo
cache-control: public, max-age=31104000
expires: Fri, 15 Nov 2024 12:05:27 GMT
last-modified: Tue, 29 Aug 2023 15:52:06 GMT
etag: "5c5618a29d45a23b88d2203da2c52649"
x-goog-generation: 1693324326196317
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 34968
content-type: video/mp2t
x-goog-hash: crc32c=6HX6Lw==, md5=XFYYop1FojuI0iA9osUmSQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:16 GMT
age: 720107
x-served-by: cache-dfw-kdfw8210163-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 440, 1
x-timer: S1713297796.117315,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

stats.vidalytics.com/awesome-log?cid=hLKq71Yz

107.178.211.97

200 OK

43 B

URL GET HTTP/2
stats.vidalytics.com/awesome-log?cid=hLKq71Yz
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=hLKq71Yz HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "hLKq71Yz/EtMPFP8fZfJMfMFT"
date: Tue, 16 Apr 2024 20:03:16 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
X-Firefox-Spdy: h2

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8

151.101.65.91

200 OK

61 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
61 kB (61057 bytes)
Hash
91ab9584d43ed322ce297c4beada2e1d
ff66133b04457395acd80b0155761abb8811bbdd
317587a6fa28c2060c4c73cd5047b0101bd0caa39743f5b065d663f30f4a3f5e

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 61057
x-guploader-uploadid: ABPtcPrjMF5MHXWFw-6j0Ww5QojTVgKJ6OTeVhejt0ts3miaUO1qD9_dYyhgapQty-RR_JNmDg
cache-control: public, max-age=31104000
expires: Mon, 24 Feb 2025 08:00:11 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "91ab9584d43ed322ce297c4beada2e1d"
x-goog-generation: 1693324458420188
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 61057
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Yhv9Qg==, md5=kauVhNQ+0yLOKXxL6touHQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 808816
date: Tue, 16 Apr 2024 20:03:16 GMT
x-served-by: cache-dfw-kdfw8210161-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 368, 0
x-timer: S1713297796.309027,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts

151.101.65.91

200 OK

56 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
56 kB (55460 bytes)
Hash
611179996a3c9bd41d228fba2460da0d
18c519295bfebe1f89c1c8c96dbf32dc6ff76058
2dec35022f925d2935a394d57da2ca699bc8a9f107a8c56cb40f412516e6835c

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 55460
x-guploader-uploadid: ADPycdtNu_u_yccZNO8LDr9JPtGDbovWO_1j7D5nUi_sR3mnnGPUkLuR7phm0IrpVl6OcdQmrtWhyi0q1IVT97pAhorIihVvadJ5
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "611179996a3c9bd41d228fba2460da0d"
x-goog-generation: 1693324327555621
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55460
content-type: video/mp2t
x-goog-hash: crc32c=Asyviw==, md5=YRF5mWo8m9QdIo+6JGDaDQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 945038
date: Tue, 16 Apr 2024 20:03:16 GMT
x-served-by: cache-dfw-kdfw8210040-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 765, 0
x-timer: S1713297796.311027,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jac=1&je=33333b24267765693d3b332631322c34302631373424726d3d79657324637d6c6a3f64643d3460353632383035356366376d6a343239616b65666363373637323665613739383461363a3d363038616739643039373b343e3b333630303b31666430246578333d646434306d643562323f383a61643662373966623a646a6d606765316e3563616161643339363432

91.235.133.113

204 No Content

0 B

URL GET HTTP/1.1
imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jac=1&je=33333b24267765693d3b332631322c34302631373424726d3d79657324637d6c6a3f64643d3460353632383035356366376d6a343239616b65666363373637323665613739383461363a3d363038616739643039373b343e3b333630303b31666430246578333d646434306d643562323f383a61643662373966623a646a6d606765316e3563616161643339363432
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jac=1&je=33333b24267765693d3b332631322c34302631373424726d3d79657324637d6c6a3f64643d3460353632383035356366376d6a343239616b65666363373637323665613739383461363a3d363038616739643039373b343e3b333630303b31666430246578333d646434306d643562323f383a61643662373966623a646a6d606765316e3563616161643339363432 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Tue, 16 Apr 2024 20:03:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: text/javascript

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts

151.101.65.91

200 OK

54 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
54 kB (54144 bytes)
Hash
adf371f1a9684b35e655bddab7ae4d79
dcf2b775cd36762751a9b3ff5adefd821afb04f3
942e39e8342ee313fe81e1dd69fc2329bb90eff9c131d74dbb988455bb0772a2

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 54144
x-guploader-uploadid: ADPycdtBATaygqwRg_i2otfShV8AuUv9TzXo3v8-MP-0vXZygrO67j3P9MQYUxhhV7tWdBJqrej54xCzzvLFdnGStRn8uaBDBh8c
cache-control: public, max-age=31104000
expires: Fri, 27 Sep 2024 03:56:46 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "adf371f1a9684b35e655bddab7ae4d79"
x-goog-generation: 1693324327962747
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54144
content-type: video/mp2t
x-goog-hash: crc32c=wTW46Q==, md5=rfNx8aloSzXmVb3at65NeQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:16 GMT
age: 808816
x-served-by: cache-dfw-kdfw8210037-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 497, 1
x-timer: S1713297796.377126,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 4172
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:16 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts

151.101.65.91

200 OK

56 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
56 kB (55460 bytes)
Hash
611179996a3c9bd41d228fba2460da0d
18c519295bfebe1f89c1c8c96dbf32dc6ff76058
2dec35022f925d2935a394d57da2ca699bc8a9f107a8c56cb40f412516e6835c

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 55460
x-guploader-uploadid: ADPycdtNu_u_yccZNO8LDr9JPtGDbovWO_1j7D5nUi_sR3mnnGPUkLuR7phm0IrpVl6OcdQmrtWhyi0q1IVT97pAhorIihVvadJ5
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "611179996a3c9bd41d228fba2460da0d"
x-goog-generation: 1693324327555621
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55460
content-type: video/mp2t
x-goog-hash: crc32c=Asyviw==, md5=YRF5mWo8m9QdIo+6JGDaDQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:16 GMT
age: 945038
x-served-by: cache-dfw-kdfw8210040-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 765, 1
x-timer: S1713297796.420650,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 448
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:16 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825z8838620505za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5250

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825z8838620505za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5250
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825z8838620505za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5250 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 30
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Tue, 16 Apr 2024 20:03:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts

151.101.65.91

200 OK

1.7 MB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
1.7 MB (1703844 bytes)
Hash
bbc8b235acb49c32a227d2806b9a77bb
9d6edbe67629cbf19cf1c8646b83a803042dd016
c08fab17a1b7ccd9f2d3d6c259cd1ae680d51d38e45019f66b055e6369f29d62

HTTP Headers

GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1703844
x-guploader-uploadid: ABPtcPqHuuF86veLmGM5qKVRAz-5VinWtJKlM4sncw7HWcVkURSQpWTCl8S9uRrF-lhCF5R3lGI
cache-control: public, max-age=31104000
expires: Tue, 08 Apr 2025 05:19:31 GMT
last-modified: Tue, 29 Aug 2023 15:51:36 GMT
etag: "bbc8b235acb49c32a227d2806b9a77bb"
x-goog-generation: 1693324296670685
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1703844
content-type: video/mp2t
x-goog-hash: crc32c=87ippA==, md5=u8iyNay0nDKiJ9KAa5p3uw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:16 GMT
age: 312225
x-served-by: cache-dfw-kdfw8210164-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 166, 0
x-timer: S1713297796.366731,VS0,VE147
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:38:02 GMT
expires: Fri, 11 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 494714
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 698
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:16 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg

151.101.65.91

200 OK

54 kB

URL GET HTTP/3
fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc60.3.100", baseline, precision 8, 1920x1080, components 3
Size
54 kB (53910 bytes)
Hash
bc55b1f437bddbe74f9d74d181f068da
d48ba897a8f63eadbf55b8ddc854ccd4f7299d13
f3db1c97e2c94cecc0b57997f11951afc151451495407a9a1c5ac9306bf0f30d

HTTP Headers

GET /video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 53910
x-guploader-uploadid: ADPycdtZfwa3mZxHTiR8V00dI6D1_y0C9fYhQ7wVgZNebfqMIj0Evn-GHw0gyYctCAwiSAtv5fGD25Jci43NuQ90ot4-9g
cache-control: public, max-age=31104000
expires: Sun, 22 Sep 2024 18:59:28 GMT
last-modified: Fri, 14 Jul 2023 06:17:36 GMT
etag: "bc55b1f437bddbe74f9d74d181f068da"
x-goog-generation: 1689315456332968
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 53910
x-goog-meta-x-goog-reserved-source-generation: 1683106408845786
x-goog-custom-time: 2023-05-03T09:33:28.923Z
content-type: image/jpeg
x-goog-hash: crc32c=+PKXAg==, md5=vFWx9De92+dPnXTRgfBo2g==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 718900
date: Tue, 16 Apr 2024 20:03:16 GMT
x-served-by: cache-dfw-kdfw8210171-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 369, 0
x-timer: S1713297797.803253,VS0,VE127
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 407
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:16 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 449
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:17 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10251

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10251
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-SNNMPY2Z6B&gtm=45je44f0v9116850825za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10251 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 471
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Tue, 16 Apr 2024 20:03:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

imgs.signifyd.com/nc-AoZM3wd8SC1-C?1e2b3239b880815e=TkSwZi_hAwpuQEKxq36t9qTatpDJV-kI9QanqzXryl11U9lLx3Ao8aWGcQfk_hNiRRQT1QAE14ud5lkY3QaQ2wyy-KyThT-Vu4rxBLBaUst3GeAKSYRxlaWOJgkQcva22jBODWdlWGtd31-KRTO4Cw0ue8j0ZRLy0r_zsbJWaUVUyiQA3Q-Hube4p0tg&je=33323624267265763d333a2639342e353a26343a2c373b2e31322c353b2c393f2e37382c30382e34302c31392c33362c3a3a24373b2e333f2c37392c33342c35392e3336243d3a2c343024353b2e33302c35392e31322e3d312c33332e3d392c30352e35392e31362e3730263b3a2c37312e32352e37382e34302c373b263832

91.235.133.113

204 204

0 B

URL GET HTTP/1.1
imgs.signifyd.com/nc-AoZM3wd8SC1-C?1e2b3239b880815e=TkSwZi_hAwpuQEKxq36t9qTatpDJV-kI9QanqzXryl11U9lLx3Ao8aWGcQfk_hNiRRQT1QAE14ud5lkY3QaQ2wyy-KyThT-Vu4rxBLBaUst3GeAKSYRxlaWOJgkQcva22jBODWdlWGtd31-KRTO4Cw0ue8j0ZRLy0r_zsbJWaUVUyiQA3Q-Hube4p0tg&je=33323624267265763d333a2639342e353a26343a2c373b2e31322c353b2c393f2e37382c30382e34302c31392c33362c3a3a24373b2e333f2c37392c33342c35392e3336243d3a2c343024353b2e33302c35392e31322e3d312c33332e3d392c30352e35392e31362e3730263b3a2c37312e32352e37382e34302c373b263832
IP
91.235.133.113:443
ASN
#30286 THM

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nc-AoZM3wd8SC1-C?1e2b3239b880815e=TkSwZi_hAwpuQEKxq36t9qTatpDJV-kI9QanqzXryl11U9lLx3Ao8aWGcQfk_hNiRRQT1QAE14ud5lkY3QaQ2wyy-KyThT-Vu4rxBLBaUst3GeAKSYRxlaWOJgkQcva22jBODWdlWGtd31-KRTO4Cw0ue8j0ZRLy0r_zsbJWaUVUyiQA3Q-Hube4p0tg&je=33323624267265763d333a2639342e353a26343a2c373b2e31322c353b2c393f2e37382c30382e34302c31392c33362c3a3a24373b2e333f2c37392c33342c35392e3336243d3a2c343024353b2e33302c35392e31322e3d312c33332e3d392c30352e35392e31362e3730263b3a2c37312e32352e37382e34302c373b263832 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 204
Date: Tue, 16 Apr 2024 20:03:26 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive

imgs.signifyd.com/UzDc_FnGiI5vwLFe?c9699330b2a195be=evAaLyegjPu2QuJnsojEQz-DFJdnyoGVLMVgC3r-OfV6V1kk0CqCimXU6tFh6ETBqmW4YdpHE8wYPTp3My0sWLtPuzGQbU97Ri3qGuxf9_q20eKHYL8JkpttwtkJ6rtUp7h1

91.235.133.113

0 B

URL
imgs.signifyd.com/UzDc_FnGiI5vwLFe?c9699330b2a195be=evAaLyegjPu2QuJnsojEQz-DFJdnyoGVLMVgC3r-OfV6V1kk0CqCimXU6tFh6ETBqmW4YdpHE8wYPTp3My0sWLtPuzGQbU97Ri3qGuxf9_q20eKHYL8JkpttwtkJ6rtUp7h1
IP
91.235.133.113:0
ASN
#30286 THM

Certificate
IssuerGoDaddy.com, Inc.
Subjectimgs.signifyd.com
Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49
ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /UzDc_FnGiI5vwLFe?c9699330b2a195be=evAaLyegjPu2QuJnsojEQz-DFJdnyoGVLMVgC3r-OfV6V1kk0CqCimXU6tFh6ETBqmW4YdpHE8wYPTp3My0sWLtPuzGQbU97Ri3qGuxf9_q20eKHYL8JkpttwtkJ6rtUp7h1 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8
Origin: https://imgs.signifyd.com
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 204 No Content
Date: Tue, 16 Apr 2024 20:03:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://imgs.signifyd.com
Content-Type: text/javascript

cdn.truegcloud.com/nutonen/icon-phone1.svg

54.230.111.71

200 OK

1.9 kB

URL GET HTTP/2
cdn.truegcloud.com/nutonen/icon-phone1.svg
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn.truegcloud.com
FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96
ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1873 bytes)
Hash
28ea5af0306be5e04e6d23a05c20a2df
81bbf02bc8d345ff5e085fd9ce72183e2ae6e371
8787d451983f6cf74e35b1a97f41f8ccf7407860a62a47404045550b6bd945d2

HTTP Headers

GET /nutonen/icon-phone1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: 6776eab96b7b8ff2ddaf5c5d06c92b468c648d1d20f3712ff3aef3c0373df9a8
x-amz-meta-s3b-last-modified: 20190411T064318Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 06:37:47 GMT
etag: W/"3aa1961a3af018163eb0f8e09fea1239"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9f0yk2r9leTwOfRstwGAIXJ0UEop91TvSDZcyKrBJ5MGFiPG5W0x5A==
age: 48327
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Merriweather&display=swap

142.250.74.106

200 OK

1.9 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Merriweather&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1909), with no line terminators
Size
1.9 kB (1864 bytes)
Hash
5f9cadc082c9d1811f19204aee0863e6
33cfb38663b09d3d6955691ad6bb8072575f003a
8ef722f3cdd606bc88a101794fb62c659ba723277aca99f5c12d0755846af153

HTTP Headers

GET /css2?family=Merriweather&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 20:03:13 GMT
date: Tue, 16 Apr 2024 20:03:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js

151.101.65.91

200 OK

980 kB

URL GET HTTP/3
fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
980 kB (979583 bytes)
Hash
21ea705829c05759544342ba2f4ac461
2fa8e86431a1468bf7bbceb53b8662101bc70da8
b1ccbf581da817ca36d109e168b2cec2a34e7884c8e20c6722c6bff41da53b60

HTTP Headers

GET /players/v.4.2.1.000-vid-prod/player.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 252774
x-guploader-uploadid: ABPtcPo5Lg48CpwLdCNW2rFusARl9mmOn5dmITcmLSHJfHJQ3WKJzSL4ADAT93v8t8VUudGNWUlrOwG3SA
cache-control: public, max-age=86400, s-maxage=2592000
expires: Sun, 03 Mar 2024 11:03:19 GMT
last-modified: Fri, 02 Feb 2024 10:27:41 GMT
etag: "4fe59d178779b42a5f9c26452a22bdc2"
x-goog-generation: 1706869661807310
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 252774
x-goog-meta-surrogate-key: player-versioned
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=X1iFKw==, md5=T+WdF4d5tCpfnCZFKiK9wg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2281007
date: Tue, 16 Apr 2024 20:03:15 GMT
x-served-by: cache-dfw-kdfw8210138-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 252846, 0
x-timer: S1713297795.170941,VS0,VE1
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn-scripts.signifyd.com/api/script-tag.js

143.204.55.119

200 OK

11 kB

URL GET HTTP/2
cdn-scripts.signifyd.com/api/script-tag.js
IP
143.204.55.119:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn-scripts.signifyd.com
Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED
ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (375)
Size
11 kB (10731 bytes)
Hash
d34fe38d39e71cd6ace9ab1bfc0bb10a
6d41bc7164467c62317d5c7a15e3a076f8dd1e66
68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91

HTTP Headers

GET /api/script-tag.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 10 Jan 2024 11:26:22 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 19:45:58 GMT
cache-control: max-age=1800
etag: W/"d34fe38d39e71cd6ace9ab1bfc0bb10a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AiZArQQ8X0rTy_f3vIoCQtSBdL3EifVfENVC_19P40hhSvPnWLBWwA==
age: 1036
X-Firefox-Spdy: h2

cdn-scripts.signifyd.com/api/company_toolkit.js

143.204.55.119

200 OK

3.7 kB

URL GET HTTP/2
cdn-scripts.signifyd.com/api/company_toolkit.js
IP
143.204.55.119:443
ASN
#16509 AMAZON-02

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerAmazon
Subjectcdn-scripts.signifyd.com
Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED
ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3789), with no line terminators
Size
3.7 kB (3662 bytes)
Hash
81d5650ba1ef440941133a1015607c0e
5aabc3cca75c29450d845f2363d5bc06c3e94d83
4671472e5e3b29cf8f4ffec8b2a875fbb73708a3452c74af3d2cf18b0f010ed0

HTTP Headers

GET /api/company_toolkit.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 30 May 2023 10:18:44 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 19:58:04 GMT
cache-control: max-age=1800
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ERDHwjnCdmYdHARB59UPLVU-IsiozSR57TIBy-KmqbH7Wh7iNADOIQ==
age: 310
X-Firefox-Spdy: h2

tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240416200542394&aff_sub=178

54.78.40.72

302 Found

68 kB

URL User Request GET HTTP/1.1
tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240416200542394&aff_sub=178
IP
54.78.40.72:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjecttracking.getxitox-at.com
Fingerprint93:AF:69:32:64:D7:9D:1C:FB:83:DD:A7:3C:31:62:F9:8B:AD:7D:8D
ValidityThu, 27 Jul 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT

File type

Size
68 kB (67504 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240416200542394&aff_sub=178 HTTP/1.1
Host: tracking.getxitox-at.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Tue, 16 Apr 2024 20:03:12 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 392
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_111=1969; expires=Wed, 17 Apr 2024 20:03:12 GMT; path=/; SameSite=None; Secure
enc_aff_session_111=ENC0333e1d85e70130bf0ba8da5508163c99f7c8779cad8dee36a75c8546b19bcb399ffea570298d2600f08c7328eb0a45ddc9678a7019ad7d68606e94f47733a647f0e078ad4db78150cbb1f5f7b9c6634564b43621933571d8c5e57b35063f6cbfa52d02d7bd7693ea1b962c1daa1eff53d474c3229bbb6443a8ae36c7311c5b165078e756a6189c6f4b8e3332a8c94c5e97d438eb5ef105aee7caf98e2ce4bc6fe2ba0628a; expires=Thu, 16 May 2024 20:03:12 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Fri, 12 Mar 2027 06:43:12 GMT; path=/; SameSite=None; Secure
Tracking_id: 1027618f3ba55106eaa997a008e255
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 95a288cc8d1b6940808cad22eb20a11f
Access-Control-Allow-Headers: Tune-SDK-Version

go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3

172.66.43.113

200 OK

0 B

URL GET HTTP/2
go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3
IP
172.66.43.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerLet's Encrypt
Subjectmaxweb.com
Fingerprint0A:CD:DD:BD:95:0C:D2:00:0B:46:8A:C1:CA:53:50:87:83:FD:42:2A
ValiditySun, 03 Mar 2024 04:01:42 GMT - Sat, 01 Jun 2024 04:01:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 16 Apr 2024 21:05:26 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbV9TY7teoxnBRv; SameSite=Lax; path=/; expires=Wed, 17-Apr-24 19:03:14 GMT; HttpOnly
server: cloudflare
cf-ray: 8756c7108c90b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap

142.250.74.106

200 OK

18 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
18 kB (17766 bytes)
Hash
3b065b6898522abb5efd016c431e352e
5fe6ebc8faa406c9dca15accc7fa11ee8b5f7534
43917159ff2b0eb2c88150c707902308ac0cb96b9cdea717a66054e2fe3ba19f

HTTP Headers

GET /css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 20:03:13 GMT
date: Tue, 16 Apr 2024 20:03:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (55)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL