| www.clkmg.com/healthylife1/wwxiinfo/paulr@mulmerservices.ca/medmarketus.com/B/WWXI4_1/WWXI/ | 52.27.1.134 | 302 Found | 230 B |
URL User Request GET HTTP/1.1www.clkmg.com/healthylife1/wwxiinfo/paulr@mulmerservices.ca/medmarketus.com/B/WWXI4_1/WWXI/ IP52.27.1.134:443
CertificateIssuerGlobalSign nv-sa Subject*.clkmg.com Fingerprint63:8A:A6:9B:36:83:0A:EC:38:E5:D8:2E:98:37:F2:E2:93:A9:E6:B6 ValidityWed, 28 Feb 2024 22:20:05 GMT - Mon, 31 Mar 2025 22:20:04 GMT
File typeHTML document, ASCII text Hash849487c61ea75f8ca34e2105b6809229 224556f945b6e5514edcea0d21caa6ad2648a429 1e2585796c0d0daae4bb4e350e861f20bba2e64acc9148fd2733c41eb3857d95
GET /healthylife1/wwxiinfo/paulr@mulmerservices.ca/medmarketus.com/B/WWXI4_1/WWXI/ HTTP/1.1
Host: www.clkmg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: undefined-origin
Access-Control-Max-Age: 300
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 16 Apr 2024 20:03:11 GMT
Location: https://mweboutstanding.com/8712/178/3/?subid=
P3P: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server: nginx
Set-Cookie: alc=1; domain=.clkmg.com; expires=Tue Apr 16 20:03:16 2024; path=/;
vid=997473833; domain=.clkmg.com; expires=Wed Apr 16 20:03:11 2025; path=/; SameSite=None; Secure;
X-CM-FE: httpfe-1
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Length: 230
Connection: keep-alive
|
|
| mweboutstanding.com/8712/178/3/?subid= | 172.67.177.109 | 302 Found | 392 B |
URL User Request GET HTTP/2mweboutstanding.com/8712/178/3/?subid= IP172.67.177.109:443
CertificateIssuerGoogle Trust Services LLC Subjectmweboutstanding.com Fingerprint64:75:FE:F0:0D:ED:C1:64:48:80:FA:A9:1F:DF:C4:F2:3F:B7:60:49 ValiditySat, 09 Mar 2024 10:12:33 GMT - Fri, 07 Jun 2024 10:12:32 GMT
File typeHTML document, ASCII text Hashdda556075c953cdeae5a88897a485468 8cc78365a1322ca53ca522bdf7ba7e5c86f03e9a 28acaf27d3bc03d0f73cf11eefbef534d51b9673c7ead16e74e933970973ceb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8712/178/3/?subid= HTTP/1.1
Host: mweboutstanding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 16 Apr 2024 20:03:11 GMT
content-type: text/html; charset=UTF-8
location: https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240416200542394&aff_sub=178
cache-control: max-age=3600, private
pragma: no-cache
expires: Tue, 16 Apr 2024 21:05:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbV7F5ZHxs5yBxg; SameSite=Lax; path=/; expires=Wed, 17-Apr-24 19:03:11 GMT; HttpOnly
server: cloudflare
cf-ray: 8756c6fd1a5156a4-OSL
X-Firefox-Spdy: h2
|
|
| getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 | 52.204.254.132 | 200 OK | 134 B |
URL User Request GET HTTP/2getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP52.204.254.132:443
CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 16 Apr 2024 20:03:12 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://getxitox.com:443/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
|
|
| getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 | 3.232.3.181 | 200 OK | 17 kB |
URL User Request GET HTTP/2getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 IP3.232.3.181:443
CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (456) Hash81ef24d0917e037691c1a7ca65aaa7cd 7753bc3dd2d0fef62f8f72ca4fecd3f6a037b7bd 6f05a9b2cd532af2a9a0838648b90c7559ec155337e575a0f2e80919fb742b57
GET /go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/html; charset=UTF-8
content-length: 17115
server: nginx/1.22.1
x-powered-by: PHP/5.6.40
set-cookie: signifyd_token=2572415457388334385; expires=Wed, 17-Apr-2024 20:03:13 GMT; Max-Age=86400; path=/
hasoffers_affiliate_id=2629; expires=Wed, 17-Apr-2024 20:03:13 GMT; Max-Age=86400; path=/
hasoffers_transaction=1027618f3ba55106eaa997a008e255; expires=Fri, 14-Apr-2034 20:03:13 GMT; Max-Age=315360000; path=/; domain=.getxitox.com
aff_sub1=178; path=/; domain=.getxitox.com
aff_sub5=8712_sessid20240416200542394; path=/; domain=.getxitox.com
visitedindexnoaffprog-maxwebphp=1; expires=Mon, 15-Jul-2024 20:03:13 GMT; Max-Age=7776000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash78666a3bfa68fe4030cf7686466fb3fd c3e382ff7688d080b842eec9f1f1d78256c8b43b 2b7ead6f4e4dedc475d13fca182142503db22d7ba564eb1db91c7646d2d8d7ce
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 20:03:13 GMT
Last-Modified: Tue, 16 Apr 2024 19:57:04 GMT
Server: ECAcc (ska/F6D2)
X-Cache: Miss from cloudfront
Via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: cYosTS7SxePID7odxIHFUzKtqmQcrlrs_mW1AyGL1BBlVTUvsEixAA==
Age: 369
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash78666a3bfa68fe4030cf7686466fb3fd c3e382ff7688d080b842eec9f1f1d78256c8b43b 2b7ead6f4e4dedc475d13fca182142503db22d7ba564eb1db91c7646d2d8d7ce
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 20:03:13 GMT
Last-Modified: Tue, 16 Apr 2024 19:57:04 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 1461474e0d89d7660f19f427648cae0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: GdfwrKQf85ZoogH27uwsPtPa-F3EdgkUHWXDR6FaDi1UALIBs4SMag==
Age: 369
|
|
| getxitox.com/css/main.css | 3.232.3.181 | 200 OK | 2.9 kB |
URL GET HTTP/2getxitox.com/css/main.css IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeassembler source, ASCII text Hashe4e674b25abd1be51b1534dbce77c66b 556a1f78b26f233333259ad453956f85dc56358f 3b480a14755e94f7e571c13d16ebdb9c335a415f8e4cfd90c9e81bc5ec3683bb
GET /css/main.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/css
content-length: 2920
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "2fb4-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/all.min.css | 3.232.3.181 | 200 OK | 12 kB |
URL GET HTTP/2getxitox.com/css/all.min.css IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (54998), with no line terminators Hashedd84d47691f748dbd6414c9c0234d78 107a773061dee58f1ebec5738f49b8ba2c230bbb c5c6e9f9c3344800ce30b5186cecaa2502c43338e3083072a9fe25893dc11cef
GET /css/all.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/css
content-length: 11944
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "d6d6-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/redscarcitybar2.css | 3.232.3.181 | 200 OK | 901 B |
URL GET HTTP/2getxitox.com/css/redscarcitybar2.css IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeassembler source, ASCII text Hash61bf4c685b40b856be942d3bb821e648 c2677116b2a29935e903bb916f1f43b091ccb24e 6c54cb4464bf269625714bf7c58f4799e6ba8528d7d7de58be62a3881a1e866f
GET /css/redscarcitybar2.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/css
content-length: 901
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "e1a-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp | 54.230.111.71 | 200 OK | 22 kB |
URL GET HTTP/2cdn.truegcloud.com/epishieldplus/optimized-images/newseal.webp IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash0b9b41de247a630e02f2e70b9ad4e6be 033d5726086977b3eab3423bf8f0879f9ef65c27 3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee
GET /epishieldplus/optimized-images/newseal.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22242
date: Tue, 16 Apr 2024 07:33:39 GMT
last-modified: Mon, 29 Jun 2020 07:01:49 GMT
etag: "0b9b41de247a630e02f2e70b9ad4e6be"
x-amz-meta-sha256: 3d72685af6f7772d18f7a0dea17e9fb198618d5ad441fef60bfacd755fd6a7ee
x-amz-meta-s3b-last-modified: 20200629T070116Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kd81-pE40CXHp1AHjhWbwekckqWyI9xbiVf1QlCUBUcz6LYX5DM9kA==
age: 44975
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/citroburn/images/MBG-Desktop.png | 54.230.111.71 | 200 OK | 57 kB |
URL GET HTTP/2cdn.truegcloud.com/citroburn/images/MBG-Desktop.png IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 750 x 150, 8-bit/color RGB, non-interlaced Hashc05b836a7658a41daf2dc51be5737be0 a6af6ccb982624a38f1f86c60934c7e4428dabf4 fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5
GET /citroburn/images/MBG-Desktop.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 57158
last-modified: Thu, 20 Aug 2020 10:52:29 GMT
x-amz-meta-sha256: fad3cb3e53deaf8fe4923f979e6b4d7f73f5539e120585fc4174ca86c801dbb5
x-amz-meta-s3b-last-modified: 20200820T105220Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 02:28:42 GMT
etag: "c05b836a7658a41daf2dc51be5737be0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XSod22lTxeCvPUCPh5IU24OgBMB2HzDR1hY6uSUosGIbje-v_N9Vrg==
age: 63272
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/icon-mail1.svg | 54.230.111.71 | 200 OK | 878 B |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-mail1.svg IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashf89f1e4f86398ef896edd781d500d16f 0894b8e3cfb486cfc9269842e3a5e77f033d618d 4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3
GET /nutonen/icon-mail1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 878
date: Tue, 16 Apr 2024 06:55:12 GMT
last-modified: Tue, 07 May 2019 07:49:38 GMT
etag: "f89f1e4f86398ef896edd781d500d16f"
x-amz-meta-sha256: 4fbc2bd04ce02a99fc9c3772b402d8298fdbace89218e8b5e38a00ef679b57c3
x-amz-meta-s3b-last-modified: 20190411T064330Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: umybVOmqu6GKedcX-Jo7pyFc5ACqs2t8GdTlMFf63HmNlA4XIudzhA==
age: 47282
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash78666a3bfa68fe4030cf7686466fb3fd c3e382ff7688d080b842eec9f1f1d78256c8b43b 2b7ead6f4e4dedc475d13fca182142503db22d7ba564eb1db91c7646d2d8d7ce
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 20:03:13 GMT
Server: ECAcc (amb/6AC3)
X-Cache: Miss from cloudfront
Via: 1.1 7146458eabc0c79851363d3a7ad4d72c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: rCRBsRsRiQ-fcEE_KVu5cFf_zWVImmb92yRGRZWB8EsU_qZj4KwfYg==
|
|
| cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png | 54.230.111.71 | 200 OK | 19 kB |
URL GET HTTP/2cdn.truegcloud.com/simplepromise/SP-Logo-Hanging.png IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 216 x 133, 8-bit/color RGBA, non-interlaced Hashaf6ffdf43cacfbdebbbed0a4a27c804e 0424ceeb566c683b7f4616f5f96484962e2ee3af 4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f
GET /simplepromise/SP-Logo-Hanging.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 18574
date: Tue, 16 Apr 2024 06:57:22 GMT
last-modified: Mon, 13 Apr 2020 03:02:47 GMT
etag: "af6ffdf43cacfbdebbbed0a4a27c804e"
x-amz-meta-sha256: 4c2976263cc124564f1e41df75301329ff585d993d55270413cb55969861a25f
x-amz-meta-s3b-last-modified: 20200413T030146Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KeYy1BavyXx4Mu4M1qbW4LYc54AxRkkIXOwtxgQvmhRujPZhAOXqsg==
age: 47151
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/icon-location1.svg | 54.230.111.71 | 200 OK | 913 B |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-location1.svg IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd3439fa1b0a4ae681311fec979521f2b 11ddfe16802c9d418318933e47478bc4766a297f f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503
GET /nutonen/icon-location1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 913
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: f0a4f541d794bf502482fe8b48254d00c0b547b4a6d49343a9f26c7fa34f1503
x-amz-meta-s3b-last-modified: 20190411T064308Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 05:08:09 GMT
etag: "d3439fa1b0a4ae681311fec979521f2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vGZRPlDKNVpKAkTx3xLCs9pUkknryvmPWN_FjCMctgZBGiny464XVA==
age: 53705
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/nutonen/footer-logo.png | 54.230.111.71 | 200 OK | 18 kB |
URL GET HTTP/2cdn.truegcloud.com/nutonen/footer-logo.png IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 422 x 248, 8-bit/color RGBA, non-interlaced Hash86596e58694fe751bc0e74ef3a60986a 9c313a53061f7ed13900b1dc8d1c5bdf60236834 ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef
GET /nutonen/footer-logo.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 18384
date: Tue, 16 Apr 2024 05:36:09 GMT
last-modified: Tue, 07 May 2019 07:37:36 GMT
etag: "86596e58694fe751bc0e74ef3a60986a"
x-amz-meta-sha256: ed9ae8e732f4a13ac6c8a43293c5415953231dfbf4bb465229aff6be23b30bef
x-amz-meta-s3b-last-modified: 20190411T081706Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EEYYoswFk985H6v40qd572W1W9EMsQWko36DUacmkrSvLVz-ROkrZQ==
age: 52025
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/images/bottle_mention.webp | 54.230.111.71 | 200 OK | 76 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/images/bottle_mention.webp IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash01a497cf3255f7721149cff77097b1f4 0ad9dc18e4e841527c2c6a2c094d0a9b84073d3f 1e939493061d3e2fe602b8aa184a1c74756a59808656a50b1ac3ebb05c0498ef
GET /xitox/images/bottle_mention.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 75832
last-modified: Thu, 13 Apr 2023 08:58:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 20:03:13 GMT
etag: "01a497cf3255f7721149cff77097b1f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aeW3iu0e4HXR2T_0hqf9Vbqsza268TyU_ia5WQl4olFRuEAaveUf4w==
age: 36683
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp | 54.230.111.71 | 200 OK | 54 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash022d788f32d49ab893e886a0b76cd2fc 4a8afaf743570c7cf07102b4d802ae5b35907e1d 4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-1.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 53456
date: Tue, 16 Apr 2024 07:24:49 GMT
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
etag: "022d788f32d49ab893e886a0b76cd2fc"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4f53947b748e85bc6bff93f1266d404a2782681e88ce55a350c2c7405184fa93
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6u29Ljw73EzRsQzdI7FTsOnbxfe3hlbH7AwK0Fb6rAJ0QW_DNz2XTw==
age: 45505
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-169212633-21 | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-169212633-21 IP142.250.74.168:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash44471de3f0a9c3fed5f2b0657ee24eee 9e036cd4cfd25817f532f78be99a056b2a9aa742 ad54cea756ec9e1378f331f0a9a9ffe8fd185e2254c62ba4ea02f79339986202
GET /gtag/js?id=UA-169212633-21 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 20:03:13 GMT
expires: Tue, 16 Apr 2024 20:03:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72972
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp | 54.230.111.71 | 200 OK | 63 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash29c062cc5de9d03762bf531f09c243ad 34f557539b1226e9ee6d8635d9b0c3b7ffd7da02 35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-3.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 63072
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 35cd276d909f6389dbd964a6851862e798ad58f832515fa1f8c565dd0bc47fa3
x-amz-meta-s3b-last-modified: 20230406T073708Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 20:03:13 GMT
etag: "29c062cc5de9d03762bf531f09c243ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fw52VyAZZJ3PzA0smQ3xuYPo5HessjbmF-I1RDn_4yd15XN5-22BYQ==
age: 8453
X-Firefox-Spdy: h2
|
|
| getxitox.com/css/skeleton.min.css | 3.232.3.181 | 200 OK | 23 kB |
URL GET HTTP/2getxitox.com/css/skeleton.min.css IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65324) Hasha15c2ac3234aa8f6064ef9c1f7383c37 6e10354828454898fda80f55f3decb347fd9ed21 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
GET /css/skeleton.min.css HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: text/css
content-length: 23238
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "2606e-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp | 54.230.111.71 | 200 OK | 69 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash09455703253cc258426078c211587e22 7c0b8afb0b3906a00c241a042794900eb65f22dd 8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f
GET /xitox/Action%20Based%20ATC/Xitox-FE-ATC-V1-6.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 68632
last-modified: Thu, 06 Apr 2023 07:38:11 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8285ead22cc86b36c62e30e590fabc6e5534f8038d5c76e2f2c4868f1dd0660f
x-amz-meta-s3b-last-modified: 20230406T073709Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 20:03:13 GMT
etag: "09455703253cc258426078c211587e22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f9RKSzCy4Kegk03rA7Mx-CEzg-QhzPOw6Q1Bav9hfoHqQEmlyqYyoQ==
age: 44748
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/slidereveal.js | 3.232.3.181 | 200 OK | 1.6 kB |
URL GET HTTP/2getxitox.com/js/slidereveal.js IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash31f5a3f634189d0d865a11c9e11d0d79 c00f665e9d15a33455d947b2fa75b731cbd54753 79cddd678b3f3282adb888ed5685ea33f61c3d7dfd562025aa1231fe40ba1140
GET /js/slidereveal.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: application/javascript
content-length: 1550
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "159f-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp | 54.230.111.71 | 200 OK | 14 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha95ee5c046085a1dc469198e6531a013 3ec4c8806bd2c987f9b9199394f2e2e8185af8a7 c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9
GET /xitox/aff/Simple-promise---As-Seen-On-Bar-Nomartha.webp HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 13484
last-modified: Fri, 11 Aug 2023 09:35:58 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c8db5b5fb66acbaeb9bbd073d6d844413e487fe46dfc475b57d2ea3f303276c9
x-amz-meta-s3b-last-modified: 20230811T093449Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 07:35:46 GMT
etag: "a95ee5c046085a1dc469198e6531a013"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dxMuzZrsMG2BOQn-Bv20E08CUv_BAptld5wxTOawuf55WZuY2Ni9Gw==
age: 44848
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/skeleton.bundle.min.js | 3.232.3.181 | 200 OK | 22 kB |
URL GET HTTP/2getxitox.com/js/skeleton.bundle.min.js IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65297) Hasha454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
GET /js/skeleton.bundle.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: application/javascript
content-length: 22295
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "1332b-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| getxitox.com/js/jquery.min.js | 3.232.3.181 | 200 OK | 31 kB |
URL GET HTTP/2getxitox.com/js/jquery.min.js IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashf832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
GET /js/jquery.min.js HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:13 GMT
content-type: application/javascript
content-length: 30675
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "15850-616306f036a40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/scripts/jquery.1.9.1.min.js | 54.230.111.71 | 200 OK | 33 kB |
URL GET HTTP/2cdn.truegcloud.com/scripts/jquery.1.9.1.min.js IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash9eb27261d238c512adb2c71f4da74872 c48c18939516a16c686081b76431a978c0a9fa81 b316b2fbcbf155d79ecd4f59802f0a9964e225fe72179d144fcf9b92fcca03ea
GET /scripts/jquery.1.9.1.min.js HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 26 Jan 2020 18:15:34 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 06:26:46 GMT
cache-control: max-age=86400
etag: W/"397754ba49e9e0cf4e7c190da78dda05"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XmcRMv74MMPVvGvMAT4o3u9saeakwoUFjV2fMTn4ttQXq6_vxiqlfw==
age: 48987
X-Firefox-Spdy: h2
|
|
| main.tgoptimize.com/load.js?r=0.5477329350688612&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 | 44.205.55.198 | 200 OK | 1.4 kB |
URL GET HTTP/2main.tgoptimize.com/load.js?r=0.5477329350688612&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 IP44.205.55.198:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectmain.tgoptimize.com Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14 ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash20872486e142e4263e62b6d4d8e89780 354b051e78f5a3ff3ac0379de79cbf4060da5704 023315a38f3bf1c67544449988a781707a0be9a6e6a941a65f367d555b44fd8f
GET /load.js?r=0.5477329350688612&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:14 GMT
content-type: text/html; charset=UTF-8
content-length: 1430
server: Apache
set-cookie: tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3; expires=Wed, 13-Apr-2039 20:03:14 GMT; Max-Age=473040000; path=/
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC | 142.250.74.168 | 200 OK | 104 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-KMZ74FC IP142.250.74.168:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (55129) Size104 kB (104393 bytes) Hashdb28b3c405c945a774fad429e41b35e6 94afe7c1d327a98050998a28a6ef78c1a57ee875 ca4c83e5ec7cd0f8e6424be66ae6a275681c6b2103a61462f357a4592a363f6f
GET /gtm.js?id=GTM-KMZ74FC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 20:03:14 GMT
expires: Tue, 16 Apr 2024 20:03:14 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 19:20:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104393
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3&r=0.9206487163003106&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 | 44.205.55.198 | 200 OK | 35 B |
URL GET HTTP/2main.tgoptimize.com/my.gif?verifier=&tgopt_12129=1&tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3&r=0.9206487163003106&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 IP44.205.55.198:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectmain.tgoptimize.com Fingerprint12:4B:0B:01:CD:D7:2B:EE:4E:1A:D0:D7:D7:AA:71:26:81:B5:BB:14 ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT
File typeGIF image data, version 87a, 1 x 1 Hash729c3007a8ed0597531b0c76d54a94bb 90fe9b8a8142548fdfab29f59cb0a164a0eaef81 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /my.gif?verifier=&tgopt_12129=1&tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3&r=0.9206487163003106&u=getxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629 HTTP/1.1
Host: main.tgoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:14 GMT
content-type: image/gif
content-length: 35
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/epishieldplus/newseal.png | 54.230.111.71 | 200 OK | 29 kB |
URL GET HTTP/2cdn.truegcloud.com/epishieldplus/newseal.png IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 318 x 311, 8-bit colormap, non-interlaced Hashe279243ea699343e8c39ed7b821e8430 6e91efc8e714a73b63a0f91022987ae06d620f44 f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b
GET /epishieldplus/newseal.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 28820
last-modified: Mon, 29 Jun 2020 07:24:56 GMT
x-amz-meta-sha256: f3067cce3dbc1d2cd7ad1dbc5b0d5befdada893e3cfefca43e6fe52b9fb7ee1b
x-amz-meta-s3b-last-modified: 20200629T072358Z
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 16 Apr 2024 09:51:51 GMT
etag: "e279243ea699343e8c39ed7b821e8430"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pAeoX8tpSyOvK36chGTB5PDSmNPYwEcmQwbRldbq-j7E3MyJsp4MNg==
age: 36684
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:38:02 GMT
expires: Fri, 11 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 494712
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| getxitox.com/webfonts/fa-solid-900.woff2 | 3.232.3.181 | 200 OK | 74 kB |
URL GET HTTP/2getxitox.com/webfonts/fa-solid-900.woff2 IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 73852, version 1.0 Hashfb493903265cad425ccdf8e04fc2de61 fef2f08d60e907750df0bc41ce64a7139642ddf0 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
GET /webfonts/fa-solid-900.woff2 HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/css/all.min.css
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394; tgopt_12129=1; tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:14 GMT
content-length: 73852
server: nginx/1.22.1
last-modified: Tue, 16 Apr 2024 05:58:57 GMT
etag: "1207c-616306f036a40"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/xitox/images/bottle_mention.png | 54.230.111.71 | 200 OK | 188 kB |
URL GET HTTP/2cdn.truegcloud.com/xitox/images/bottle_mention.png IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 1308 x 939, 8-bit colormap, non-interlaced Size188 kB (187749 bytes) Hash5cab986cff18198ae5e79fd393ff75cb f00667912fd25062171b351245f0f7d0cc289f9e 2d5f155a2e8e45ecdf9294cc6995f06baceb35fd27cb14751d726c6bb662308c
GET /xitox/images/bottle_mention.png HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 187749
date: Tue, 16 Apr 2024 06:25:16 GMT
last-modified: Thu, 13 Apr 2023 08:58:00 GMT
etag: "5cab986cff18198ae5e79fd393ff75cb"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CXmYfPPrlJGrXBuXMsCqB51PM54Cp3-X53VNbjQgCNKQO9WTl47Dhw==
age: 49079
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:21:46 GMT
expires: Fri, 11 Apr 2025 17:21:46 GMT
cache-control: public, max-age=31536000
age: 441688
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg | 54.230.111.71 | 200 OK | 34 kB |
URL GET HTTP/2cdn.truegcloud.com/cyabags/5thglow-phone-inverted.svg IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hasha86136a2e44c22023aa5496228684efd aeb7e2069e3ac3f9755f2d6fe0d0de47886f7c60 495abb81f36868d89668ec02a05d10d715c850cbc581a6a32c5dedf398bd9617
GET /cyabags/5thglow-phone-inverted.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 16 Apr 2024 02:49:51 GMT
last-modified: Mon, 24 Jun 2019 02:14:42 GMT
etag: W/"4de1717957b315eb71c304f8ba029ae7"
x-amz-meta-sha256: fc4704f46cf73a52c423292dda6cd0fc8d521e60d20fc1561df114a0d86a55a1
x-amz-meta-s3b-last-modified: 20190613T093902Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jmPVBqYSr_wD9FRN8dZkxQ2a0hEn4rV9SE9y4h3KVbBDE_W622hVXA==
age: 62002
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0 Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:02:47 GMT
expires: Wed, 16 Apr 2025 02:02:47 GMT
cache-control: public, max-age=31536000
age: 64827
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 | 216.58.207.227 | 200 OK | 34 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 34288, version 1.0 Hash71221d6bf4204042b1bbc3902d08a81b 92a10d7982d33e1e216ee8e1aec79c3ae8bcb8b6 92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
GET /s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:57:05 GMT
expires: Fri, 11 Apr 2025 02:57:05 GMT
cache-control: public, max-age=31536000
age: 493569
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 | 216.58.207.227 | 200 OK | 28 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27812, version 1.0 Hash89711a1150919edc93f67f067ef94f62 9f2ac701d67d1ab3a2efe7d4edc663d3d5270fef 6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:40 GMT
expires: Wed, 16 Apr 2025 01:54:40 GMT
cache-control: public, max-age=31536000
age: 65314
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 86 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash158f8680d4ddafcf6013d33a5c22d1bb 305a69c51f1ac93c03dd4e5148e8e13b25c3cdb2 108b63a824fc5f0ba00b2f00e4988f9f94169b3ab998acf179f434230181bc78
GET /gtag/js?id=G-SNNMPY2Z6B&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 20:03:14 GMT
expires: Tue, 16 Apr 2024 20:03:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86462
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js | 151.101.65.91 | 200 OK | 7.8 kB |
URL GET HTTP/2fast.vidalytics.com/embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21453), with no line terminators Hash58dd1a4eca6cd3e55b7ccf65804454f7 47b1426cb825ea719cf5dc383aa7bcdb0ec300cc a820bbfcbf9bb777fbafa11bb1fe416edb8c66a036785ae39dff48f0bc59daef
GET /embeds/hLKq71Yz/w27RqUkIUgikMasW/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 44
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=900, s-maxage=1800
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:14 GMT
age: 373
x-served-by: cache-dfw-kdal2120070-DFW, cache-hel1410029-HEL
x-cache: HIT, MISS
x-cache-hits: 9, 0
x-timer: S1713297795.824428,VS0,VE126
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7790
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/uvc4zuwwxp4vqrsd.js?9zs99lsdp73zpttf=w2txo5aa&8dtt7x306fso767k=2572415457388334385 | 91.235.133.113 | 200 OK | 13 kB |
URL GET HTTP/1.1imgs.signifyd.com/uvc4zuwwxp4vqrsd.js?9zs99lsdp73zpttf=w2txo5aa&8dtt7x306fso767k=2572415457388334385 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeJavaScript source, ASCII text, with very long lines (15506) Hash50a63512c5b2b2a09dadd635fc0e9973 5ad702ddab4d7a44e192f9f9a661b408d900d839 e6d7f092d4e79289c7688fe1db631e42462c36dc1e2054f439d5c02c1b07bd34
GET /uvc4zuwwxp4vqrsd.js?9zs99lsdp73zpttf=w2txo5aa&8dtt7x306fso767k=2572415457388334385 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Set-Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=228691347.1713297795>m=45je44f0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=130322622 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=228691347.1713297795>m=45je44f0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=130322622 IP142.250.74.163:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68 ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SNNMPY2Z6B&cid=228691347.1713297795>m=45je44f0v9116850825za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=130322622 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 20:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| d10lpsik1i8c69.cloudfront.net/w.js | 54.230.241.104 | 200 OK | 255 kB |
URL GET HTTP/2d10lpsik1i8c69.cloudfront.net/w.js IP54.230.241.104:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size255 kB (255135 bytes) Hash8e62e4bc47a4fd176d80d63f48ff6734 a3f3d22721e7cd45e6539fc396810b79525c3144 7e46ac8cdb900010285edfa160df33801d5f0e0d2887e830a85b0a7abad3af35
GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 19:48:39 GMT
cache-control: max-age=3600
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LHeyR0JGcy7PAbPCTLpHDOL3y0h6ydArcAp5GCPN0wwxBSXoSbOSFQ==
age: 877
X-Firefox-Spdy: h2
|
|
| getxitox.com/favicon.ico | 3.232.3.181 | 404 Not Found | 711 B |
IP3.232.3.181:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectgetxitox.com Fingerprint92:F4:5D:E4:E6:5E:CC:24:9B:1E:1B:8A:4C:69:7D:8B:4A:B5:2D:C3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash05affb5bd9a015005e21864f7b1f4a48 7d551fedc99f300a3d2cf8d5b4a33dda78ba4e86 9f521aa7baebe8894c29d91fa80a7c1d7fa87ed488591877e9811fe2a83d5f14
GET /favicon.ico HTTP/1.1
Host: getxitox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
Cookie: signifyd_token=2572415457388334385; hasoffers_affiliate_id=2629; hasoffers_transaction=1027618f3ba55106eaa997a008e255; aff_sub1=178; aff_sub5=8712_sessid20240416200542394; tgopt_12129=1; tgopt_id=Po7fswHiiQJgPUG8na5lRpWRBeXjZhx3; enterDate=Tue Apr 16 2024 20:03:14 GMT+0000 (GMT); _ga_SNNMPY2Z6B=GS1.1.1713297794.1.1.1713297794.60.0.0; _ga=GA1.1.228691347.1713297795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 16 Apr 2024 20:03:15 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.22.1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/dezTh6F4cvGDbFuj?c9cce14c1e59e543=_ewZy5GQ0pOY7N_LI1ke_xKEMQQCOEScFNcuF_JB9kVuaU9Xhd_RhqbFVXfssMg-pydCzumAQ8TtRAfHwgWzFY373TK17v1gNIT7fbuzF-Q-C_ejVoLt5mNwSUdqKgLngtbMhKKpAz5wKKy1 | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/dezTh6F4cvGDbFuj?c9cce14c1e59e543=_ewZy5GQ0pOY7N_LI1ke_xKEMQQCOEScFNcuF_JB9kVuaU9Xhd_RhqbFVXfssMg-pydCzumAQ8TtRAfHwgWzFY373TK17v1gNIT7fbuzF-Q-C_ejVoLt5mNwSUdqKgLngtbMhKKpAz5wKKy1 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /dezTh6F4cvGDbFuj?c9cce14c1e59e543=_ewZy5GQ0pOY7N_LI1ke_xKEMQQCOEScFNcuF_JB9kVuaU9Xhd_RhqbFVXfssMg-pydCzumAQ8TtRAfHwgWzFY373TK17v1gNIT7fbuzF-Q-C_ejVoLt5mNwSUdqKgLngtbMhKKpAz5wKKy1 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| imgs.signifyd.com/Y9ogHaBYdU16chzH?32b326bb556cf24c=S9x_Dmb73HRWf1t5qSRGUYU6I3_z2qPZdX0dEbAExTXkEvm6hTH42Y2k176hVGhnni3saetoj62HBCDPj2EkmX7qQOe5Sivko5rBCxCemrSg-BJjdY-EQTYi9gGkL2k80rKJdJDwQ7iTM_8xyL4ce5tQRxtlGg7b3k1d5fNqoFKwd8eyzBSnsy0ePw&jb=313824246a736f753d4e6b667d7a246a71673d4e696c7778266a73623f44617a67646f7a2d32323934 | 91.235.133.113 | 200 OK | 46 kB |
URL GET HTTP/1.1imgs.signifyd.com/Y9ogHaBYdU16chzH?32b326bb556cf24c=S9x_Dmb73HRWf1t5qSRGUYU6I3_z2qPZdX0dEbAExTXkEvm6hTH42Y2k176hVGhnni3saetoj62HBCDPj2EkmX7qQOe5Sivko5rBCxCemrSg-BJjdY-EQTYi9gGkL2k80rKJdJDwQ7iTM_8xyL4ce5tQRxtlGg7b3k1d5fNqoFKwd8eyzBSnsy0ePw&jb=313824246a736f753d4e6b667d7a246a71673d4e696c7778266a73623f44617a67646f7a2d32323934 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeJavaScript source, ASCII text, with very long lines (9002) Hash53126c05f2932351f50bc182cb7ae438 135724f51e093c974a12d1c7f15af7b69ba643eb 356bcca3a3c86564fbdbdbd3245e9da7ffd20e960c28ecb79a73a311a37e6c74
GET /Y9ogHaBYdU16chzH?32b326bb556cf24c=S9x_Dmb73HRWf1t5qSRGUYU6I3_z2qPZdX0dEbAExTXkEvm6hTH42Y2k176hVGhnni3saetoj62HBCDPj2EkmX7qQOe5Sivko5rBCxCemrSg-BJjdY-EQTYi9gGkL2k80rKJdJDwQ7iTM_8xyL4ce5tQRxtlGg7b3k1d5fNqoFKwd8eyzBSnsy0ePw&jb=313824246a736f753d4e6b667d7a246a71673d4e696c7778266a73623f44617a67646f7a2d32323934 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 63a625b3bceb9b27
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
|
|
| imgs.signifyd.com/zUiO6_CLAe3dX5im?6a3aa809d39f67d0=Y4L-E7-CyDOJ57c4Xx0SyngBn67PxJ4xfQbd1JsMfBuGIvaUcMxnAa-OjgZVDQRw9Dt5Z-rn3cRFUz__IAO_96lYcsmd_hiahlRYhhB3YNwZZ7XqG_CSOqH8VGGVuKLXHSVDDjd6xn_6Mz2U | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/zUiO6_CLAe3dX5im?6a3aa809d39f67d0=Y4L-E7-CyDOJ57c4Xx0SyngBn67PxJ4xfQbd1JsMfBuGIvaUcMxnAa-OjgZVDQRw9Dt5Z-rn3cRFUz__IAO_96lYcsmd_hiahlRYhhB3YNwZZ7XqG_CSOqH8VGGVuKLXHSVDDjd6xn_6Mz2U IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /zUiO6_CLAe3dX5im?6a3aa809d39f67d0=Y4L-E7-CyDOJ57c4Xx0SyngBn67PxJ4xfQbd1JsMfBuGIvaUcMxnAa-OjgZVDQRw9Dt5Z-rn3cRFUz__IAO_96lYcsmd_hiahlRYhhB3YNwZZ7XqG_CSOqH8VGGVuKLXHSVDDjd6xn_6Mz2U HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825za200&_p=1713297794549&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713297794&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4258 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825za200&_p=1713297794549&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713297794&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4258 IP216.239.32.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825za200&_p=1713297794549&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713297794&sct=1&seg=0&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4258 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://getxitox.com
date: Tue, 16 Apr 2024 20:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 | 151.101.65.91 | 200 OK | 1.1 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash01a4b36b437c6ff93d233c8d0abbe2f8 1663d9258a4fa2236d3c8f794b91ccbf5260d3cd 8567054e9b455b4735a7f5e412debf56810844e204d1d4ab0f80743d839989a4
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/stream.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1137
x-guploader-uploadid: ADPycduVrkjVXVCM_5Dr4IG6fXw-U_g98JYx8F9fYztxutiIAkFOxp1_R7j5wo-P3Vf85T5Ej2fY0Ycnaro-GNOMTvjQqzSGEm9f
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:09 GMT
last-modified: Mon, 25 Sep 2023 15:30:29 GMT
etag: "01a4b36b437c6ff93d233c8d0abbe2f8"
x-goog-generation: 1695655829791443
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1137
content-type: application/octet-stream
x-goog-hash: crc32c=5Yk1dA==, md5=AaSza0N8b/k9IzyNCrvi+A==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 808816
date: Tue, 16 Apr 2024 20:03:15 GMT
x-served-by: cache-dfw-kdfw8210133-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 596, 0
x-timer: S1713297796.671361,VS0,VE126
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jb=3136246e73613d35633b67313b323432663d313664363338323736656360396d666162606e3966 | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jb=3136246e73613d35633b67313b323432663d313664363338323736656360396d666162606e3966 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jb=3136246e73613d35633b67313b323432663d313664363338323736656360396d666162606e3966 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO | 91.235.133.113 | 200 OK | 13 kB |
URL GET HTTP/1.1imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeHTML document, ASCII text, with very long lines (15506) Hash85b3058f7fb97a27a0d896a54311442d 05fbe3f18eb5211ac6bfd13b8f458ca43f71e078 53ce6f0dcc83185270707e97c9ec02726407fcce27db545d115ec7926e79bc77
GET /oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
|
|
| imgs.signifyd.com/W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg | 91.235.133.113 | 200 OK | 13 kB |
URL GET HTTP/1.1imgs.signifyd.com/W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typeHTML document, ASCII text, with very long lines (15506) Hashc0f33bc4686a8b9b97011fcccb05a828 345949f0be34499829dd9aa1a0df55fac0e9ed86 6b682f1ae229632604b12f69abb0ec28145933845ddbe2064da8feb1c47b95ce
GET /W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
|
|
| imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&ja=3a34362426633d3026783f382e643f313030307a313230342661663d333030387a3330303c2671787b3f3078302664727035392e33323a382c333030362c313238302e33383a362e313030302e313230342c313238322e393830362c322430246d763f32376635316631393c3b6736606e3232396034366264333835603869643163362e6d6c3d30247363643d32362464603f6a7476787327334327324625324665677c706b766f7a26636d6d273046676f2532446b666c677a6e6d69666470706d672d6d617875676a26726a70273b467672636c732533443132303f3e333a66316a613735333236656161393b356938323a65303d352732346366665f737560332d3b4633373a2d32346164645f7375623227314c2d303461646e5f71756031253344253234636e6e5d7175603c2531442730366166665f71776a3d2731443a3f31305f7167737369643232303c3836333630383037343031393425323663646e616e6b61766d5f6b6427314432363239247264353724706a35653a3030666661353535333b3b6e3667626730393b33676034613939323b326c2e6a6a3d303c6161663266626332356536666c3c603b65616a663561363738316265643224627b6d3f4c6b66757a266871623d466972676467702730303b3e2668736d773d4c696e757a246660613f343a2e6e6f74723f3026747a643f575c4b246f617660723f373364353438653460313e383a6066666e623a39613b393666666436643f38643332636d3366363463646634323931373e6a3b6433606b36353760306665326626723f78647765696c57666e61716a25354566616e716d29726e7565616e5d776b6c646f77735f6f676c61635d706e6979677227374566616c73672378647765696c5761666f60675f6163726f60637c2d3747666364736721726e7567696e5f7377616b6976696f6d25374564636c736521706e776f616c5d736a6763697763746525354566636e7b6d23726c776f696c5f7067616c706c617b677a2d3747666364736721726e7567696e5f746e6b57726e617b6d7227354764616c736521726e7d6f6b6c5f666d76636c747025354566616e716d29726e7565616e5d7374655f7669657767702d3d4764616e7b6523706e7767696e5f6a6374692d37476663647367266161643d353833373339&jb=3b35246e713d4d6f7a6b6e64692730463726302732322a583131253340273a384e6b6e77702530307a3a365f36342531402d3a327076273b413b362c322925323047676163672730463038313230333231253230466b706d6e6d7a25304e39342e32 | 91.235.133.113 | 204 204 | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&ja=3a34362426633d3026783f382e643f313030307a313230342661663d333030387a3330303c2671787b3f3078302664727035392e33323a382c333030362c313238302e33383a362e313030302e313230342c313238322e393830362c322430246d763f32376635316631393c3b6736606e3232396034366264333835603869643163362e6d6c3d30247363643d32362464603f6a7476787327334327324625324665677c706b766f7a26636d6d273046676f2532446b666c677a6e6d69666470706d672d6d617875676a26726a70273b467672636c732533443132303f3e333a66316a613735333236656161393b356938323a65303d352732346366665f737560332d3b4633373a2d32346164645f7375623227314c2d303461646e5f71756031253344253234636e6e5d7175603c2531442730366166665f71776a3d2731443a3f31305f7167737369643232303c3836333630383037343031393425323663646e616e6b61766d5f6b6427314432363239247264353724706a35653a3030666661353535333b3b6e3667626730393b33676034613939323b326c2e6a6a3d303c6161663266626332356536666c3c603b65616a663561363738316265643224627b6d3f4c6b66757a266871623d466972676467702730303b3e2668736d773d4c696e757a246660613f343a2e6e6f74723f3026747a643f575c4b246f617660723f373364353438653460313e383a6066666e623a39613b393666666436643f38643332636d3366363463646634323931373e6a3b6433606b36353760306665326626723f78647765696c57666e61716a25354566616e716d29726e7565616e5d776b6c646f77735f6f676c61635d706e6979677227374566616c73672378647765696c5761666f60675f6163726f60637c2d3747666364736721726e7567696e5f7377616b6976696f6d25374564636c736521706e776f616c5d736a6763697763746525354566636e7b6d23726c776f696c5f7067616c706c617b677a2d3747666364736721726e7567696e5f746e6b57726e617b6d7227354764616c736521726e7d6f6b6c5f666d76636c747025354566616e716d29726e7565616e5d7374655f7669657767702d3d4764616e7b6523706e7767696e5f6a6374692d37476663647367266161643d353833373339&jb=3b35246e713d4d6f7a6b6e64692730463726302732322a583131253340273a384e6b6e77702530307a3a365f36342531402d3a327076273b413b362c322925323047676163672730463038313230333231253230466b706d6e6d7a25304e39342e32 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&ja=3a34362426633d3026783f382e643f313030307a313230342661663d333030387a3330303c2671787b3f3078302664727035392e33323a382c333030362c313238302e33383a362e313030302e313230342c313238322e393830362c322430246d763f32376635316631393c3b6736606e3232396034366264333835603869643163362e6d6c3d30247363643d32362464603f6a7476787327334327324625324665677c706b766f7a26636d6d273046676f2532446b666c677a6e6d69666470706d672d6d617875676a26726a70273b467672636c732533443132303f3e333a66316a613735333236656161393b356938323a65303d352732346366665f737560332d3b4633373a2d32346164645f7375623227314c2d303461646e5f71756031253344253234636e6e5d7175603c2531442730366166665f71776a3d2731443a3f31305f7167737369643232303c3836333630383037343031393425323663646e616e6b61766d5f6b6427314432363239247264353724706a35653a3030666661353535333b3b6e3667626730393b33676034613939323b326c2e6a6a3d303c6161663266626332356536666c3c603b65616a663561363738316265643224627b6d3f4c6b66757a266871623d466972676467702730303b3e2668736d773d4c696e757a246660613f343a2e6e6f74723f3026747a643f575c4b246f617660723f373364353438653460313e383a6066666e623a39613b393666666436643f38643332636d3366363463646634323931373e6a3b6433606b36353760306665326626723f78647765696c57666e61716a25354566616e716d29726e7565616e5d776b6c646f77735f6f676c61635d706e6979677227374566616c73672378647765696c5761666f60675f6163726f60637c2d3747666364736721726e7567696e5f7377616b6976696f6d25374564636c736521706e776f616c5d736a6763697763746525354566636e7b6d23726c776f696c5f7067616c706c617b677a2d3747666364736721726e7567696e5f746e6b57726e617b6d7227354764616c736521726e7d6f6b6c5f666d76636c747025354566616e716d29726e7565616e5d7374655f7669657767702d3d4764616e7b6523706e7767696e5f6a6374692d37476663647367266161643d353833373339&jb=3b35246e713d4d6f7a6b6e64692730463726302732322a583131253340273a384e6b6e77702530307a3a365f36342531402d3a327076273b413b362c322925323047676163672730463038313230333231253230466b706d6e6d7a25304e39342e32 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
|
|
| imgs.signifyd.com/fp/clear.png | 91.235.133.113 | 200 OK | 81 B |
URL GET HTTP/1.1imgs.signifyd.com/fp/clear.png IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, w2txo5aa/63a625b3bceb9b272572415457388334385
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:03:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 16 Apr 2024 20:03:15 GMT
Expires: Sun, 15 Apr 2029 20:03:15 GMT
Etag: 9c8f72602fa74a499a8e770360fe0010
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://getxitox.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 | 151.101.65.91 | 200 OK | 60 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashbb832cf8865dc7037ea21352c755da04 46c3b18627b8a603947e0bda666c82c769c2c522 ef601bbf5efb4e47db18c4b7858513cd182d221b44098beab6e3d84d3b053ba0
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1280x720_2750000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 59930
x-guploader-uploadid: ABPtcPqLEnakTffi6lBwaoRqvU3vv7zb92rK9OIsV_i4E14p4YAn1OL8ymoeBZf5anHVhXTnOneuQqTrfQ
cache-control: public, max-age=31104000
expires: Thu, 03 Apr 2025 13:01:22 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "bb832cf8865dc7037ea21352c755da04"
x-goog-generation: 1693324458401827
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 59930
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=5Rge5g==, md5=u4Ms+IZdxwN+ohNSx1XaBA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 716514
date: Tue, 16 Apr 2024 20:03:15 GMT
x-served-by: cache-dfw-kdal2120023-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 380, 0
x-timer: S1713297796.936885,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 | 151.101.65.91 | 200 OK | 46 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashdc6e5df96aa662744cfe6bbdb276d17d dc4994afb2fe9a920b5c6f328b0fc93b31342aae 6a384320df21e240d2b0c9d0adf9993fbc72c69ecafce6c6e8bd85099f2fa430
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 46406
x-guploader-uploadid: ADPycdvl9tUYJsOSc0CQuPe0acpD2ES6XmvIfTXgyWdDIcU9_y9N7rZIjW6jNRDYyZOuGHI624-8V_-Tj7s2zhkvPpy-JluPtmsw
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "dc6e5df96aa662744cfe6bbdb276d17d"
x-goog-generation: 1693324458399105
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 46406
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Rc2Iow==, md5=3G5d+WqmYnRM/mu9snbRfQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 725325
date: Tue, 16 Apr 2024 20:03:15 GMT
x-served-by: cache-dfw-kdfw8210043-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 337, 0
x-timer: S1713297796.940542,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| analytics-ingress-global.bitmovin.com/licensing | 35.190.27.197 | 200 OK | 77 B |
URL POST HTTP/2analytics-ingress-global.bitmovin.com/licensing IP35.190.27.197:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subject*.bitmovin.com FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT
Hash40f9443d5dc02e385b00b24c1f570269 c0e65fe8f73334d638173b9e33eff4f36d913104 ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 99
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: v1.62.1
date: Tue, 16 Apr 2024 20:03:15 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| imgs.signifyd.com/hBzYCHqqQvFV4HOL?af255b4aee77fb9d=_0gKJyxjBz8jt0oJZv-_nPfx-uVtOOdXEl3l7g927JdbCYZatpAQ_px63oSOSfEDo9foYiipdmUuvQkX3x_eLEBgnWqPZJAAFBQ4JXHUZMpPcAO1yBxPezxo7ThN5F-m9-Wg&jf=3136246e73623d613334603e6d36346163383436376366616330363735376c3b663332316d6564 | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/hBzYCHqqQvFV4HOL?af255b4aee77fb9d=_0gKJyxjBz8jt0oJZv-_nPfx-uVtOOdXEl3l7g927JdbCYZatpAQ_px63oSOSfEDo9foYiipdmUuvQkX3x_eLEBgnWqPZJAAFBQ4JXHUZMpPcAO1yBxPezxo7ThN5F-m9-Wg&jf=3136246e73623d613334603e6d36346163383436376366616330363735376c3b663332316d6564 IP91.235.133.113:443
Requested byhttps://imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hBzYCHqqQvFV4HOL?af255b4aee77fb9d=_0gKJyxjBz8jt0oJZv-_nPfx-uVtOOdXEl3l7g927JdbCYZatpAQ_px63oSOSfEDo9foYiipdmUuvQkX3x_eLEBgnWqPZJAAFBQ4JXHUZMpPcAO1yBxPezxo7ThN5F-m9-Wg&jf=3136246e73623d613334603e6d36346163383436376366616330363735376c3b663332316d6564 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/oqDdqv8mf_bOrTD_?d26448878c4fbaea=VDEZ9ty0fge3_2e0xVV4M0m22bFEHm-UxEmYe9P5KO_SxkHyEiIgmNb4pdJlHNC728L3LMJimklS21CfbZx-qDkl15VE_M4EdyU0x0kIFPH-ZAwMyY-31OXrgFS7qwrWCLnxyRPXQOPWMcsZimq2Kw1MEIlVrUKIHu1A42buieFsDqjIKm5FuZAqEfCO
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Tue, 16 Apr 2024 20:03:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts | 151.101.65.91 | 200 OK | 160 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size160 kB (160176 bytes) Hash7fdcbc5ecf72c2dba9eccdac95c0cc60 c967d3220f65717f925b41f2fcc9f28ceac5337f 4104a53abb2627f21691f7dbbd6d787f5aee7c0326651e7103878343e679f185
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1280x720_h264_2750000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 160176
x-guploader-uploadid: ABPtcPpGUBBW_yJIVGa5Wmiz8vAhMkvji1ZzPIHkypzCKV1njR5w8iasUiU1O20_PvfVW9cn9jk
cache-control: public, max-age=31104000
expires: Thu, 16 Jan 2025 17:39:17 GMT
last-modified: Tue, 29 Aug 2023 15:50:41 GMT
etag: "7fdcbc5ecf72c2dba9eccdac95c0cc60"
x-goog-generation: 1693324241421854
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 160176
content-type: video/mp2t
x-goog-hash: crc32c=EYz/Ow==, md5=f9y8Xs9ywtup7M2slcDMYA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 804313
date: Tue, 16 Apr 2024 20:03:16 GMT
x-served-by: cache-dfw-kdfw8210085-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 239, 0
x-timer: S1713297796.115900,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts | 151.101.65.91 | 200 OK | 35 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash5c5618a29d45a23b88d2203da2c52649 8ae3529c5b0a94f1fb7621f7e7034dc2c45d610b 43bfb43eb0a7f2b3faaae84c7d460e74277955f9fcdc496b134bb28621df5179
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 34968
x-guploader-uploadid: ABPtcPrVJV-F4L5jmSAtnNyhFr3qd44tEYX7SuZlgeRfyAqmYm1gPjjfwBskHiWo_kjjb30knzTDcEsqYDQT4YlVDguWaoDp10yo
cache-control: public, max-age=31104000
expires: Fri, 15 Nov 2024 12:05:27 GMT
last-modified: Tue, 29 Aug 2023 15:52:06 GMT
etag: "5c5618a29d45a23b88d2203da2c52649"
x-goog-generation: 1693324326196317
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 34968
content-type: video/mp2t
x-goog-hash: crc32c=6HX6Lw==, md5=XFYYop1FojuI0iA9osUmSQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:16 GMT
age: 720107
x-served-by: cache-dfw-kdfw8210163-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 440, 1
x-timer: S1713297796.117315,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/awesome-log?cid=hLKq71Yz | 107.178.211.97 | 200 OK | 43 B |
URL GET HTTP/2stats.vidalytics.com/awesome-log?cid=hLKq71Yz IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=hLKq71Yz HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "hLKq71Yz/EtMPFP8fZfJMfMFT"
date: Tue, 16 Apr 2024 20:03:16 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 | 151.101.65.91 | 200 OK | 61 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash91ab9584d43ed322ce297c4beada2e1d ff66133b04457395acd80b0155761abb8811bbdd 317587a6fa28c2060c4c73cd5047b0101bd0caa39743f5b065d663f30f4a3f5e
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/video_TS_h264_aac_96000_1920x1080_4500000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 61057
x-guploader-uploadid: ABPtcPrjMF5MHXWFw-6j0Ww5QojTVgKJ6OTeVhejt0ts3miaUO1qD9_dYyhgapQty-RR_JNmDg
cache-control: public, max-age=31104000
expires: Mon, 24 Feb 2025 08:00:11 GMT
last-modified: Tue, 29 Aug 2023 15:54:18 GMT
etag: "91ab9584d43ed322ce297c4beada2e1d"
x-goog-generation: 1693324458420188
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 61057
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=Yhv9Qg==, md5=kauVhNQ+0yLOKXxL6touHQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 808816
date: Tue, 16 Apr 2024 20:03:16 GMT
x-served-by: cache-dfw-kdfw8210161-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 368, 0
x-timer: S1713297796.309027,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts | 151.101.65.91 | 200 OK | 56 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash611179996a3c9bd41d228fba2460da0d 18c519295bfebe1f89c1c8c96dbf32dc6ff76058 2dec35022f925d2935a394d57da2ca699bc8a9f107a8c56cb40f412516e6835c
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 55460
x-guploader-uploadid: ADPycdtNu_u_yccZNO8LDr9JPtGDbovWO_1j7D5nUi_sR3mnnGPUkLuR7phm0IrpVl6OcdQmrtWhyi0q1IVT97pAhorIihVvadJ5
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "611179996a3c9bd41d228fba2460da0d"
x-goog-generation: 1693324327555621
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55460
content-type: video/mp2t
x-goog-hash: crc32c=Asyviw==, md5=YRF5mWo8m9QdIo+6JGDaDQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 945038
date: Tue, 16 Apr 2024 20:03:16 GMT
x-served-by: cache-dfw-kdfw8210040-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 765, 0
x-timer: S1713297796.311027,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jac=1&je=33333b24267765693d3b332631322c34302631373424726d3d79657324637d6c6a3f64643d3460353632383035356366376d6a343239616b65666363373637323665613739383461363a3d363038616739643039373b343e3b333630303b31666430246578333d646434306d643562323f383a61643662373966623a646a6d606765316e3563616161643339363432 | 91.235.133.113 | 204 No Content | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jac=1&je=33333b24267765693d3b332631322c34302631373424726d3d79657324637d6c6a3f64643d3460353632383035356366376d6a343239616b65666363373637323665613739383461363a3d363038616739643039373b343e3b333630303b31666430246578333d646434306d643562323f383a61643662373966623a646a6d606765316e3563616161643339363432 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_HXGtrzmrYfI-6Im?d3b58307081a79ce=sF0vaU00_wzDv60fTFw3ScNqnhLT8d9LZD2qbO7tAbOiISOxOxYwzwKIr7LgipLlA_5GYqGMm6F6AMzY3FZX6B8ck4liuqHK9Ubb1tgthRFA_I3DsavAt5oXpBInqmv557h9&jac=1&je=33333b24267765693d3b332631322c34302631373424726d3d79657324637d6c6a3f64643d3460353632383035356366376d6a343239616b65666363373637323665613739383461363a3d363038616739643039373b343e3b333630303b31666430246578333d646434306d643562323f383a61643662373966623a646a6d606765316e3563616161643339363432 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Tue, 16 Apr 2024 20:03:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts | 151.101.65.91 | 200 OK | 54 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hashadf371f1a9684b35e655bddab7ae4d79 dcf2b775cd36762751a9b3ff5adefd821afb04f3 942e39e8342ee313fe81e1dd69fc2329bb90eff9c131d74dbb988455bb0772a2
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/3.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 54144
x-guploader-uploadid: ADPycdtBATaygqwRg_i2otfShV8AuUv9TzXo3v8-MP-0vXZygrO67j3P9MQYUxhhV7tWdBJqrej54xCzzvLFdnGStRn8uaBDBh8c
cache-control: public, max-age=31104000
expires: Fri, 27 Sep 2024 03:56:46 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "adf371f1a9684b35e655bddab7ae4d79"
x-goog-generation: 1693324327962747
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54144
content-type: video/mp2t
x-goog-hash: crc32c=wTW46Q==, md5=rfNx8aloSzXmVb3at65NeQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:16 GMT
age: 808816
x-served-by: cache-dfw-kdfw8210037-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 497, 1
x-timer: S1713297796.377126,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 4172
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:16 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts | 151.101.65.91 | 200 OK | 56 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash611179996a3c9bd41d228fba2460da0d 18c519295bfebe1f89c1c8c96dbf32dc6ff76058 2dec35022f925d2935a394d57da2ca699bc8a9f107a8c56cb40f412516e6835c
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 55460
x-guploader-uploadid: ADPycdtNu_u_yccZNO8LDr9JPtGDbovWO_1j7D5nUi_sR3mnnGPUkLuR7phm0IrpVl6OcdQmrtWhyi0q1IVT97pAhorIihVvadJ5
cache-control: public, max-age=31104000
expires: Thu, 19 Sep 2024 22:00:10 GMT
last-modified: Tue, 29 Aug 2023 15:52:07 GMT
etag: "611179996a3c9bd41d228fba2460da0d"
x-goog-generation: 1693324327555621
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55460
content-type: video/mp2t
x-goog-hash: crc32c=Asyviw==, md5=YRF5mWo8m9QdIo+6JGDaDQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:16 GMT
age: 945038
x-served-by: cache-dfw-kdfw8210040-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 765, 1
x-timer: S1713297796.420650,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 448
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:16 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825z8838620505za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5250 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825z8838620505za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5250 IP216.239.32.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825z8838620505za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=2&tfd=5250 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 30
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Tue, 16 Apr 2024 20:03:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts | 151.101.65.91 | 200 OK | 1.7 MB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size1.7 MB (1703844 bytes) Hashbbc8b235acb49c32a227d2806b9a77bb 9d6edbe67629cbf19cf1c8646b83a803042dd016 c08fab17a1b7ccd9f2d3d6c259cd1ae680d51d38e45019f66b055e6369f29d62
GET /video/hLKq71Yz/q9U1j5A1HOdnC0js/96402/95753__FFMPEG/ts/video/1920x1080_h264_4500000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1703844
x-guploader-uploadid: ABPtcPqHuuF86veLmGM5qKVRAz-5VinWtJKlM4sncw7HWcVkURSQpWTCl8S9uRrF-lhCF5R3lGI
cache-control: public, max-age=31104000
expires: Tue, 08 Apr 2025 05:19:31 GMT
last-modified: Tue, 29 Aug 2023 15:51:36 GMT
etag: "bbc8b235acb49c32a227d2806b9a77bb"
x-goog-generation: 1693324296670685
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1703844
content-type: video/mp2t
x-goog-hash: crc32c=87ippA==, md5=u8iyNay0nDKiJ9KAa5p3uw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Tue, 16 Apr 2024 20:03:16 GMT
age: 312225
x-served-by: cache-dfw-kdfw8210164-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 166, 0
x-timer: S1713297796.366731,VS0,VE147
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:38:02 GMT
expires: Fri, 11 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 494714
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 698
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:16 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg | 151.101.65.91 | 200 OK | 54 kB |
URL GET HTTP/3fast.vidalytics.com/video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc60.3.100", baseline, precision 8, 1920x1080, components 3 Hashbc55b1f437bddbe74f9d74d181f068da d48ba897a8f63eadbf55b8ddc854ccd4f7299d13 f3db1c97e2c94cecc0b57997f11951afc151451495407a9a1c5ac9306bf0f30d
GET /video/hLKq71Yz/7_IA54dlSdWFdbwp/95535/85364__FFMPEG/thumb/thumbnail-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 53910
x-guploader-uploadid: ADPycdtZfwa3mZxHTiR8V00dI6D1_y0C9fYhQ7wVgZNebfqMIj0Evn-GHw0gyYctCAwiSAtv5fGD25Jci43NuQ90ot4-9g
cache-control: public, max-age=31104000
expires: Sun, 22 Sep 2024 18:59:28 GMT
last-modified: Fri, 14 Jul 2023 06:17:36 GMT
etag: "bc55b1f437bddbe74f9d74d181f068da"
x-goog-generation: 1689315456332968
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 53910
x-goog-meta-x-goog-reserved-source-generation: 1683106408845786
x-goog-custom-time: 2023-05-03T09:33:28.923Z
content-type: image/jpeg
x-goog-hash: crc32c=+PKXAg==, md5=vFWx9De92+dPnXTRgfBo2g==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 718900
date: Tue, 16 Apr 2024 20:03:16 GMT
x-served-by: cache-dfw-kdfw8210171-DFW, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 369, 0
x-timer: S1713297797.803253,VS0,VE127
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 407
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:16 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 449
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 20:03:17 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://getxitox.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10251 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10251 IP216.239.32.36:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SNNMPY2Z6B>m=45je44f0v9116850825za200&_p=1713297794549&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=228691347.1713297795&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713297794&sct=1&seg=1&dl=https%3A%2F%2Fgetxitox.com%2Fgo%2Findexnoaffprog-maxweb.php%3Ftrans%3D1027618f3ba55106eaa997a008e255%26aff_sub1%3D178%26aff_sub2%3D%26aff_sub3%3D%26aff_sub4%3D%26aff_sub5%3D8712_sessid20240416200542394%26affiliate_id%3D2629&dt=Simple%20Promise%E2%84%A2&_s=3&tfd=10251 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 471
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://getxitox.com
date: Tue, 16 Apr 2024 20:03:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| imgs.signifyd.com/nc-AoZM3wd8SC1-C?1e2b3239b880815e=TkSwZi_hAwpuQEKxq36t9qTatpDJV-kI9QanqzXryl11U9lLx3Ao8aWGcQfk_hNiRRQT1QAE14ud5lkY3QaQ2wyy-KyThT-Vu4rxBLBaUst3GeAKSYRxlaWOJgkQcva22jBODWdlWGtd31-KRTO4Cw0ue8j0ZRLy0r_zsbJWaUVUyiQA3Q-Hube4p0tg&je=33323624267265763d333a2639342e353a26343a2c373b2e31322c353b2c393f2e37382c30382e34302c31392c33362c3a3a24373b2e333f2c37392c33342c35392e3336243d3a2c343024353b2e33302c35392e31322e3d312c33332e3d392c30352e35392e31362e3730263b3a2c37312e32352e37382e34302c373b263832 | 91.235.133.113 | 204 204 | 0 B |
URL GET HTTP/1.1imgs.signifyd.com/nc-AoZM3wd8SC1-C?1e2b3239b880815e=TkSwZi_hAwpuQEKxq36t9qTatpDJV-kI9QanqzXryl11U9lLx3Ao8aWGcQfk_hNiRRQT1QAE14ud5lkY3QaQ2wyy-KyThT-Vu4rxBLBaUst3GeAKSYRxlaWOJgkQcva22jBODWdlWGtd31-KRTO4Cw0ue8j0ZRLy0r_zsbJWaUVUyiQA3Q-Hube4p0tg&je=33323624267265763d333a2639342e353a26343a2c373b2e31322c353b2c393f2e37382c30382e34302c31392c33362c3a3a24373b2e333f2c37392c33342c35392e3336243d3a2c343024353b2e33302c35392e31322e3d312c33332e3d392c30352e35392e31362e3730263b3a2c37312e32352e37382e34302c373b263832 IP91.235.133.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nc-AoZM3wd8SC1-C?1e2b3239b880815e=TkSwZi_hAwpuQEKxq36t9qTatpDJV-kI9QanqzXryl11U9lLx3Ao8aWGcQfk_hNiRRQT1QAE14ud5lkY3QaQ2wyy-KyThT-Vu4rxBLBaUst3GeAKSYRxlaWOJgkQcva22jBODWdlWGtd31-KRTO4Cw0ue8j0ZRLy0r_zsbJWaUVUyiQA3Q-Hube4p0tg&je=33323624267265763d333a2639342e353a26343a2c373b2e31322c353b2c393f2e37382c30382e34302c31392c33362c3a3a24373b2e333f2c37392c33342c35392e3336243d3a2c343024353b2e33302c35392e31322e3d312c33332e3d392c30352e35392e31362e3730263b3a2c37312e32352e37382e34302c373b263832 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Tue, 16 Apr 2024 20:03:26 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
|
|
| imgs.signifyd.com/UzDc_FnGiI5vwLFe?c9699330b2a195be=evAaLyegjPu2QuJnsojEQz-DFJdnyoGVLMVgC3r-OfV6V1kk0CqCimXU6tFh6ETBqmW4YdpHE8wYPTp3My0sWLtPuzGQbU97Ri3qGuxf9_q20eKHYL8JkpttwtkJ6rtUp7h1 | 91.235.133.113 | | 0 B |
URL imgs.signifyd.com/UzDc_FnGiI5vwLFe?c9699330b2a195be=evAaLyegjPu2QuJnsojEQz-DFJdnyoGVLMVgC3r-OfV6V1kk0CqCimXU6tFh6ETBqmW4YdpHE8wYPTp3My0sWLtPuzGQbU97Ri3qGuxf9_q20eKHYL8JkpttwtkJ6rtUp7h1 IP91.235.133.113:0
CertificateIssuerGoDaddy.com, Inc. Subjectimgs.signifyd.com Fingerprint64:73:61:0C:C1:DE:98:76:97:CA:10:64:37:35:29:37:AF:67:CC:49 ValidityFri, 20 Oct 2023 18:31:31 GMT - Wed, 20 Nov 2024 18:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /UzDc_FnGiI5vwLFe?c9699330b2a195be=evAaLyegjPu2QuJnsojEQz-DFJdnyoGVLMVgC3r-OfV6V1kk0CqCimXU6tFh6ETBqmW4YdpHE8wYPTp3My0sWLtPuzGQbU97Ri3qGuxf9_q20eKHYL8JkpttwtkJ6rtUp7h1 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8
Origin: https://imgs.signifyd.com
DNT: 1
Connection: keep-alive
Referer: https://imgs.signifyd.com/W_f-X-MtADx2DXdE?ac984c29b77ded9b=9CFh-rTsqqdi3f43s1QHj_XcLki43LaZQLiwqG5-fsN81gXCtQ88Nv4YWe-myrpVH2b0E-z0SWOBN3MAAdIkQ7SzRBlBdwvprw0DqDGFZhTLS-MCBlxchul0YAOiLc8VEmvBcITm69UPz8t3rwpueHvLgauoJSjAQ5Q8cxUz-UpYjo__5WyqNsoQgdYFqg
Cookie: thx_guid=0f7cc74a35234e9a00b8b9e2416d82db
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Tue, 16 Apr 2024 20:03:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://imgs.signifyd.com
Content-Type: text/javascript
|
|
| cdn.truegcloud.com/nutonen/icon-phone1.svg | 54.230.111.71 | 200 OK | 1.9 kB |
URL GET HTTP/2cdn.truegcloud.com/nutonen/icon-phone1.svg IP54.230.111.71:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn.truegcloud.com FingerprintBF:DE:4B:29:3B:DF:32:8B:84:54:EF:63:94:3E:99:0E:A7:FC:AC:96 ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash28ea5af0306be5e04e6d23a05c20a2df 81bbf02bc8d345ff5e085fd9ce72183e2ae6e371 8787d451983f6cf74e35b1a97f41f8ccf7407860a62a47404045550b6bd945d2
GET /nutonen/icon-phone1.svg HTTP/1.1
Host: cdn.truegcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 07 May 2019 07:49:38 GMT
x-amz-meta-sha256: 6776eab96b7b8ff2ddaf5c5d06c92b468c648d1d20f3712ff3aef3c0373df9a8
x-amz-meta-s3b-last-modified: 20190411T064318Z
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 06:37:47 GMT
etag: W/"3aa1961a3af018163eb0f8e09fea1239"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9f0yk2r9leTwOfRstwGAIXJ0UEop91TvSDZcyKrBJ5MGFiPG5W0x5A==
age: 48327
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Merriweather&display=swap | 142.250.74.106 | 200 OK | 1.9 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Merriweather&display=swap IP142.250.74.106:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1909), with no line terminators Hash5f9cadc082c9d1811f19204aee0863e6 33cfb38663b09d3d6955691ad6bb8072575f003a 8ef722f3cdd606bc88a101794fb62c659ba723277aca99f5c12d0755846af153
GET /css2?family=Merriweather&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 20:03:13 GMT
date: Tue, 16 Apr 2024 20:03:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js | 151.101.65.91 | 200 OK | 980 kB |
URL GET HTTP/3fast.vidalytics.com/players/v.4.2.1.000-vid-prod/player.min.js IP151.101.65.91:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size980 kB (979583 bytes) Hash21ea705829c05759544342ba2f4ac461 2fa8e86431a1468bf7bbceb53b8662101bc70da8 b1ccbf581da817ca36d109e168b2cec2a34e7884c8e20c6722c6bff41da53b60
GET /players/v.4.2.1.000-vid-prod/player.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getxitox.com
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 252774
x-guploader-uploadid: ABPtcPo5Lg48CpwLdCNW2rFusARl9mmOn5dmITcmLSHJfHJQ3WKJzSL4ADAT93v8t8VUudGNWUlrOwG3SA
cache-control: public, max-age=86400, s-maxage=2592000
expires: Sun, 03 Mar 2024 11:03:19 GMT
last-modified: Fri, 02 Feb 2024 10:27:41 GMT
etag: "4fe59d178779b42a5f9c26452a22bdc2"
x-goog-generation: 1706869661807310
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 252774
x-goog-meta-surrogate-key: player-versioned
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=X1iFKw==, md5=T+WdF4d5tCpfnCZFKiK9wg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2281007
date: Tue, 16 Apr 2024 20:03:15 GMT
x-served-by: cache-dfw-kdfw8210138-DFW, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 252846, 0
x-timer: S1713297795.170941,VS0,VE1
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| cdn-scripts.signifyd.com/api/script-tag.js | 143.204.55.119 | 200 OK | 11 kB |
URL GET HTTP/2cdn-scripts.signifyd.com/api/script-tag.js IP143.204.55.119:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn-scripts.signifyd.com Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (375) Hashd34fe38d39e71cd6ace9ab1bfc0bb10a 6d41bc7164467c62317d5c7a15e3a076f8dd1e66 68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91
GET /api/script-tag.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 10 Jan 2024 11:26:22 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 19:45:58 GMT
cache-control: max-age=1800
etag: W/"d34fe38d39e71cd6ace9ab1bfc0bb10a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AiZArQQ8X0rTy_f3vIoCQtSBdL3EifVfENVC_19P40hhSvPnWLBWwA==
age: 1036
X-Firefox-Spdy: h2
|
|
| cdn-scripts.signifyd.com/api/company_toolkit.js | 143.204.55.119 | 200 OK | 3.7 kB |
URL GET HTTP/2cdn-scripts.signifyd.com/api/company_toolkit.js IP143.204.55.119:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerAmazon Subjectcdn-scripts.signifyd.com Fingerprint24:C3:B6:A5:B6:58:0C:BC:B6:1C:E0:C9:B8:57:20:5D:37:14:F0:ED ValidityMon, 03 Jul 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3789), with no line terminators Hash81d5650ba1ef440941133a1015607c0e 5aabc3cca75c29450d845f2363d5bc06c3e94d83 4671472e5e3b29cf8f4ffec8b2a875fbb73708a3452c74af3d2cf18b0f010ed0
GET /api/company_toolkit.js HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 30 May 2023 10:18:44 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 16 Apr 2024 19:58:04 GMT
cache-control: max-age=1800
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ERDHwjnCdmYdHARB59UPLVU-IsiozSR57TIBy-KmqbH7Wh7iNADOIQ==
age: 310
X-Firefox-Spdy: h2
|
|
| tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240416200542394&aff_sub=178 | 54.78.40.72 | 302 Found | 68 kB |
URL User Request GET HTTP/1.1tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240416200542394&aff_sub=178 IP54.78.40.72:443
CertificateIssuerAmazon Subjecttracking.getxitox-at.com Fingerprint93:AF:69:32:64:D7:9D:1C:FB:83:DD:A7:3C:31:62:F9:8B:AD:7D:8D ValidityThu, 27 Jul 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20240416200542394&aff_sub=178 HTTP/1.1
Host: tracking.getxitox-at.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 16 Apr 2024 20:03:12 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 392
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_111=1969; expires=Wed, 17 Apr 2024 20:03:12 GMT; path=/; SameSite=None; Secure
enc_aff_session_111=ENC0333e1d85e70130bf0ba8da5508163c99f7c8779cad8dee36a75c8546b19bcb399ffea570298d2600f08c7328eb0a45ddc9678a7019ad7d68606e94f47733a647f0e078ad4db78150cbb1f5f7b9c6634564b43621933571d8c5e57b35063f6cbfa52d02d7bd7693ea1b962c1daa1eff53d474c3229bbb6443a8ae36c7311c5b165078e756a6189c6f4b8e3332a8c94c5e97d438eb5ef105aee7caf98e2ce4bc6fe2ba0628a; expires=Thu, 16 May 2024 20:03:12 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Fri, 12 Mar 2027 06:43:12 GMT; path=/; SameSite=None; Secure
Tracking_id: 1027618f3ba55106eaa997a008e255
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 95a288cc8d1b6940808cad22eb20a11f
Access-Control-Allow-Headers: Tune-SDK-Version
|
|
| go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 | 172.66.43.113 | 200 OK | 0 B |
URL GET HTTP/2go.maxweb.com/conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 IP172.66.43.113:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerLet's Encrypt Subjectmaxweb.com Fingerprint0A:CD:DD:BD:95:0C:D2:00:0B:46:8A:C1:CA:53:50:87:83:FD:42:2A ValiditySun, 03 Mar 2024 04:01:42 GMT - Sat, 01 Jun 2024 04:01:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /conversion/iframe/?a=8712&token=35fe7d1193cc401666650f781c088af3 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 20:03:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 16 Apr 2024 21:05:26 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-server: WEB_6
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbV9TY7teoxnBRv; SameSite=Lax; path=/; expires=Wed, 17-Apr-24 19:03:14 GMT; HttpOnly
server: cloudflare
cf-ray: 8756c7108c90b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap | 142.250.74.106 | 200 OK | 18 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap IP142.250.74.106:443
Requested byhttps://getxitox.com/go/indexnoaffprog-maxweb.php?trans=1027618f3ba55106eaa997a008e255&aff_sub1=178&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20240416200542394&affiliate_id=2629 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash3b065b6898522abb5efd016c431e352e 5fe6ebc8faa406c9dca15accc7fa11ee8b5f7534 43917159ff2b0eb2c88150c707902308ac0cb96b9cdea717a66054e2fe3ba19f
GET /css?family=Lato:400,400i,700,700i|Montserrat:400,400i,600,600i,700,700i,800,800i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getxitox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 20:03:13 GMT
date: Tue, 16 Apr 2024 20:03:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|