landing-dev.xuontiacompany.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vzlinks.com/out.php
Effective URL:
https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=P...
Submission: On March 04 via manual (March 4th 2024, 10:54:00 am UTC) from RO — Scanned from DE

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 13 domains to perform 89 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is landing-dev.xuontiacompany.com.
TLS certificate: Issued by GTS CA 1P5 on January 19th 2024. Valid for: 3 months.

This is the only time landing-dev.xuontiacompany.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.21.45.173 104.21.45.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.11.11 2.19.11.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
17	172.67.163.48 172.67.163.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
36	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
2	13.107.213.60 13.107.213.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
89	14

1 104.21.45.173 (None, )

ASN13335 (CLOUDFLARENET, US)

vzlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.11.11 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-11-11.deploy.static.akamaitechnologies.com

ak.deephicy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.67.163.48 (United States)

ASN13335 (CLOUDFLARENET, US)

gluxouvauure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

excellingvista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

landing-dev.xuontiacompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	xuontiacompany.com landing-dev.xuontiacompany.com	258 KB
17	gluxouvauure.com gluxouvauure.com	72 KB
11	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 30771
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 756 c.clarity.ms — Cisco Umbrella Rank: 1360 u.clarity.ms — Cisco Umbrella Rank: 7562	27 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11818	2 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 244	764 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	265 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	85 KB
1	excellingvista.com 1 redirects excellingvista.com	415 B
1	deephicy.net ak.deephicy.net — Cisco Umbrella Rank: 559265	2 KB
1	vzlinks.com vzlinks.com	1 KB
89	13

	Domain	Requested by
36	landing-dev.xuontiacompany.com	gluxouvauure.com landing-dev.xuontiacompany.com
17	gluxouvauure.com	ak.deephicy.net gluxouvauure.com
11	jouteetu.net	gluxouvauure.com
4	my.rtmark.net	ak.deephicy.net gluxouvauure.com
3	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	static-landings www.clarity.ms
2	fonts.googleapis.com	landing-dev.xuontiacompany.com
1	u.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	landing-dev.xuontiacompany.com
1	excellingvista.com	1 redirects static-landings
1	ak.deephicy.net	vzlinks.com
1	vzlinks.com
89	15

This site contains no links.

Subject Issuer	Validity	Valid
ak.hetaruwg.com R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
gluxouvauure.com GTS CA 1P5	`2024-01-15` - `2024-04-14`	3 months	crt.sh
jouteetu.net R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
xuontiacompany.com GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
Frame ID: 8037BF5528E1520DA28A287CF4277965
Requests: 91 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AdBlocker & Privacy Protector

Page URL History Show full URLs

http://vzlinks.com/out.php Page URL
https://ak.deephicy.net/4/2886&psid= Page URL
https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z... Page URL
https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z... Page URL
https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=788470925816508430&cost=0.002868&z... HTTP 307
https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

89
Requests

89 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

14
IPs

6
Countries

496 kB
Transfer

1196 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vzlinks.com/out.php Page URL
https://ak.deephicy.net/4/2886&psid= Page URL
https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=788470925816508430&cost=0.002868&zoneid=4662728&campaignid=7657060&bannerid=19605752&subzoneid=0&oaid=ee51d52707d1d0b46e9b4db25daf57db HTTP 307
https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=65FAA91E97534BB2A8FDF8A503C97055&RedC=c.clarity.ms&MXFR=14FE12608FB1691C267C06588BB16747 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=65FAA91E97534BB2A8FDF8A503C97055&MUID=26CCFE93DCF06F8504DEEAABDD226E12

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK out.php
vzlinks.com/ 2 KB
1 KB 226ms
187ms Document
text/html 104.21.45.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://vzlinks.com/out.php

Protocol

HTTP/1.1

Server

104.21.45.173 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85f153423e7e66ee-AMS
Cache-Control: public, stale-if-error=1800, max-age=65
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Mar 2024 10:53:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0v8Rzl%2FEdSd1VBRWxScG9I8uJfh%2FnoejesqwdeOWYxFAzQUc%2F6D2gm6OvYyepMJD5Uz8UR5wiNbBxR549HQW5mCviXVbXq1xvdA80s5x%2F3FZlvB4obXFt8u4epifkg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Status-Inferno: MISS
X-Frame-Options: DENY
X-Inferno-Location: /
X-Robots-Tag: noindex
alt-svc: h3=":443"; ma=86400

GET
H2 200 2886&psid=
ak.deephicy.net/4/ 2 KB
2 KB 363ms
236ms Document
text/html 2.19.11.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.deephicy.net/4/2886&psid=
Requested by: Host: vzlinks.com
URL: http://vzlinks.com/out.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.11.11 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-11-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: http://vzlinks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 726
content-type: text/html; charset=utf8
date: Mon, 04 Mar 2024 10:53:55 GMT
expires: Mon, 04 Mar 2024 10:53:55 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://gluxouvauure.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-trace-id: d301d2647b98c88604e90b281be7ae09

POST
H2 200 img.gif
my.rtmark.net/ 43 B
507 B 140ms
44ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080151a323a404ef3acc956cfb8709a

Requested by

Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/2886&psid=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://ak.deephicy.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
gluxouvauure.com/ 41 KB
14 KB 508ms
252ms Document
text/html 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by: Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/2886&psid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: f751e34fa062b697ab3b15dd339a927886cd96fa8f2584f78796c94d1a798d4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85f15347cc4e2d07-IAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 10:53:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewSyrfPExewiLYjSQ4CxZRnAL1Lz2umTuvf5ZoEctbcZXDkQNV7QKWRIOHRYEz2DtzAaPemNW9YOICoDYP%2BnjrKy%2BdEX%2BJZ%2FyaX6%2FDZ1aJnmssuMd5GZwW9O2jcJGByQp4h4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.27

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 44ms
44ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=ee51d52707d1d0b46e9b4db25daf57db

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4d5746b5d768c4cff8f139af9576f05d58fa44528d98304eacf19ec99ddd99b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gluxouvauure.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
gluxouvauure.com/pfe/current/ 35 KB
13 KB 303ms
302ms Script
application/javascript 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 10:53:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Mar 2024 14:04:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e1e065-8a1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veh4OJUYzV8Gw%2FCaIMB1Pna5abdXDvS5b72uvQdgbJAJsPTRY9w0igiroltNLh17B7fWGvJlTwfIQaEQP%2Bw0TzfjLs5GU%2FsexAqTysoyRU8T81GTsoIjfQSkdgsm7qVFKgh5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 85f153496e202d07-IAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
gluxouvauure.com/19/4662728/ 3 KB
2 KB 215ms
214ms XHR
application/json 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/19/4662728/?abt_opts=1&var=2886&var3=788470919910920690&ymid=&rhd=1

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddced43d900142609f5fe714c7269f47fa36fbbf10732bcce5eb9b60ea544435

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: c5ab97976240455c84096f113a938e7c
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaZnPB4%2Br67quedOeuvzsoDUvnMCxFlhPcmk7%2FTvyIHnAX9uK7p3khaY7n9DflRzb8uTvZDNMp3yLt3oYYse26j6z5E8b9h6FhSC9oX3aiGakIySfHIQWQbPq7J9UhpDRVhY"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85f153496e1e2d07-IAD
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 / Show response
gluxouvauure.com/ 2 B
378 B 226ms
226ms XHR
application/json 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhgTA%2Fyjjx5seE7U2kuLtnSN5EnMjczs%2Bw3NNcgFx%2FCTqOGZAZn3HZYtgRQtkp%2FytY1fmtcsGWQl4em4E3ywsRtpWJ5%2BmIG1%2BphIyW2%2FjkAQJezPnALYl4kL1HL08sVzkawD"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85f153497e262d07-IAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
gluxouvauure.com/ 3 KB
3 KB 87ms
87ms Fetch
application/json 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/rhd?rb=efz9Rj3xhXNrkeD-EhSqiTXhUAkUzjRWw8JHCXIkT9xYFnJVlmIZSvJYDFoXFfpsftPK0HQ-O9027f1Ti2VhqhXSkgMGdJIUhMPkhZQCIAmGgEdmSwwYOQrNyvf5H1syp9SbP2knVkXd2rt_vi_aev5XKLb7XdJf0Lv0L2uWLV2nXyAvcLsqeAKlzfSAWjzRHLZzxLl9sT31GzA1cjUPzjU1PfyCCO1SLQ2ad3pnajj-I9j4-inAfyMyxvNHAWUzPfgfE1Q258AIbUU-Nt0XNrZYntmYdOhl06QT5ivzWSzlDx3tXunc1LURti1VGOq9V_om_CSWfPSS998_oRxxdIlsF7m-X_nHpgk9tFppcgIBaDgyPnLgn8h7gb-7dQ8nGhMWa9YZfr9pF3lDtSzKCWvYHZ9ThSgfJEspReP0fRMakFkmSbeKDxPvIhY_0IEKU2OckJuf0S1W6aarRQCIEWA-lS6TOtd_JEavOCpzxhvwgfDRPHP0G-cKNlT6IpXrc9RMB4sZS_KPLdoRaOuGcmONY6A%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788470919910920690%26ssk%3Dc4518e0cd7dfad47c0b98b7aea9a4c6d%26svar%3D1709549635%26z%3D2886%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=2886&var3=788470919910920690&ymid=&rhd=1&m=link

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e559449f784496b71b9c4ae641e33810a6c7b60174d774cea453320da841db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 93306a94081c07d03a6854d14ab3994a
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFd2HA891S3RojCH4nqfUDbi%2FLTBef45n3wYlInOkB%2B0hwg2L2kQ8UF3ZdJk6cpL0ckYORCn%2F0GwIXcFjKzCCDSSgQqxm53JN2%2F042SUgOq%2FLRlwsjt0KZ2hBKv%2Fuw7lcNha"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85f1534a8a6e664c-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 119ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 4662709
gluxouvauure.com/sw-check-permissions/ 0
997 B 57ms
57ms Other
application/javascript 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gluxouvauure.com/sw-check-permissions/4662709?var=2886&ymid=788470919910920690&uhd=1&zoneId=4662709
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqU6%2F9iOxuAMFmQhKsN2Kaytd1ta%2BoCsyhfvxTuxYFv4C3hi58X11UOcfM2mKQODe8M1p7rup4rExnNaGNwC8n4CbSxA9EFxeYwRi59zsJvccr5aYXmlNDe2vVOHcGM9%2FBc5"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 85f1534b2b3c664c-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

POST
H3 200 zone
gluxouvauure.com/ 0
486 B 40ms
40ms Ping
text/plain 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=2886&ymid=788470919910920690&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=a0937592-9876-476c-97f6-8c24b429b173&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: 8fd75064b89b4a80927c06c37ca4ce28
date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDjpUNwTUZGFhJYz%2FFLEETkPkIpgLSo9S74Lc3z2pOiU9YRUzIJiHjsNsj02kMPqvNjtws8FDknfh3nn7KcLmdpjKdaaY2DPvBKr2rhI2FBr8lCTW6bornCzD3%2BXmxwYtjAZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://gluxouvauure.com
access-control-allow-credentials: true
cf-ray: 85f1534b2b3f664c-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 45ms
44ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=788470919910920690&var=2886

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4d5746b5d768c4cff8f139af9576f05d58fa44528d98304eacf19ec99ddd99b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gluxouvauure.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST custom
jouteetu.net/ 0
0

POST
H2 200 custom
jouteetu.net/ 0
0 112ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST custom
jouteetu.net/ 0
0

GET
H3 200 zone
gluxouvauure.com/ 798 B
977 B 48ms
48ms Fetch
application/json 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=2886&ymid=788470919910920690&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=a0937592-9876-476c-97f6-8c24b429b173&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: a373c6bfb16ffe8bfe2fc5afd890901f
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHHjj7SdDIKhobpHwZdB2wfyD4wsMcLD%2FWAvhKQInJsEMqfEqwjzEdc6DXPbRe0guBcQKF9oNCHg4Uy3Lti6gCjQoAMyXTKdIXD8nkXVzz5sI60acC4KnCgHsH3d6lDdnthq"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 85f1534b3b5b664c-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST custom
jouteetu.net/ 0
0

GET
H3 200 / Show response
gluxouvauure.com/ 41 KB
14 KB 78ms
78ms Document
text/html 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 2b1c8a261df49ade86d791eace85675095230802dad128c1a6758c9a77ea436e

Request headers

Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85f1534b6bc6664c-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 10:53:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxpJwVKJzwyElvW%2FBrzJu%2FMJgl9Mc8%2BfpH8kK2RWnfvIDxhmcvBXZCUblxx3U%2BtVIBkHAFEB7I5uJG654s8GtCscQNCtkFa2EZJMC%2BqQbkquta5h0gxmpy150WdfIx6F4nW%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST custom
jouteetu.net/ 0
0

GET
H3 200 micro.tag.min.js Show response
gluxouvauure.com/pfe/current/ 35 KB
13 KB 46ms
46ms Script
application/javascript 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 10:53:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Mar 2024 14:04:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e1e065-8a1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHeC3UIfsR6MWqCKhr15%2FdO0qap%2B90zEz%2Ba5cC8R4zqliHG00RTJHiT9D2Aq8NzbBUyZlFhJ5ukX%2Fz1kw2OAbaCeS1H%2BkSucZN2cKbpOu7wGACSeVnJoh%2BY0Xrfi31n1CTEq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 85f1534bfca3664c-AMS
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
gluxouvauure.com/19/4662728/ 3 KB
2 KB 41ms
41ms XHR
application/json 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/19/4662728/?abt_opts=1&var=2886&var3=788470919910920690&ymid=&rhd=1

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a7ebcd2c648846019bfd3992acfececb08c47107c8ea57abf5eb75160d992e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 02035011e1bab669438babab385e80dd
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyN63b0W8kBP6zftOQYY2Ch5opF6OH%2B18sjXO%2BkHZv398NGSv8Pb508Q%2FT2xSzzU21DiqBMGDOyX7%2FiaFPFpfdHxPJtrTnYDF8suMCI8OUiu7HtEh3JOLu3%2FApzWaEbcaM6C"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85f1534bfca7664c-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
gluxouvauure.com/ 2 B
527 B 53ms
53ms XHR
application/json 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojvh%2Bubn83LKHkWV56609FiCL0WEQIlCLP36LNrR4EX0ktB2S67GZUuv567xnwtBOBLjCViN5CrqsXQMprnE%2FMop4o55WudYZac2v1VycsBwe%2BgHUo1a%2B%2Bsp5uR90nGU74Wl"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85f1534c2cec664c-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
gluxouvauure.com/ 3 KB
3 KB 68ms
67ms Fetch
application/json 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/rhd?rb=MH1RFVtEkCnI5YIgGIfbsm3VbHwL2S5UXe5BrklSOz2G8EeBGwVkIlxq3x-nKWE4yGHvk2vOejl5Lmth_G9hCtj8x-MKpRgj-el65iU7V3g_Gp5JTf5S1PfDt9lBYYcbtA9Ri2HM6Rx6y61gXVVHlIKcjfcXd2N70eSgDyMSLX5SL9ZMGej-ISwiOSwI09DBL-KWyJUe0caSBvJ-zeZjHXMP2ASQNpDCx4x7nFwYfuBUSZXHjgYxPwOmTxQStAldckJfMDHskEHDdkPyi0uLVnSNPxmgZLCeVAvK2bzrjXDCVjhOVcbRCJU16zZsERrByOSLTqXg71JkdHRpNIXhpCOiO_BFe17Mhfu_rv9Qcjpn1aQXrwOKAUtCcLBDho3_I5sgj0XpKDH2daAEveaGrZ2haKyWPnVabyXT3DZVjmbJB10MkNpMaaHD8oT4SKWC1ETHRy3hiCmBumwOyWzhizkMDt6p2uQ_x-1FIk9O7z1DjFZPqOIOwLWiRyIgzP3_kAIsupI7-iRr46zrp3FRbmKN6vVucR1S&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788470919910920690%26ssk%3Dc4518e0cd7dfad47c0b98b7aea9a4c6d%26svar%3D1709549635%26z%3D2886%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D%26rdc%3D2&drf=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788470919910920690%26ssk%3Dc4518e0cd7dfad47c0b98b7aea9a4c6d%26svar%3D1709549635%26z%3D2886%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=2886&var3=788470919910920690&ymid=&rhd=1&m=link

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc169ae11f4762421ffc547e7b9f7e05f940521bb8e1454de3a28245b10af59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: e1b5b9150b3e9382ff045223713bdabb
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtqktfN4EzBADm9U3eXa45GJ3q6pX82oCTX%2Bo1fdnJ%2BENDVlx98c6%2BnDSKGHKzhZBw2V1ejnXW235%2FjJw8qqhuwAC7BwpYUKj7QVfsNu1G4usvhjt7%2FcASkmIQQqngs9GUoO"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85f1534c4d18664c-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 37ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 4662709
gluxouvauure.com/sw-check-permissions/ 0
998 B 58ms
58ms Other
application/javascript 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gluxouvauure.com/sw-check-permissions/4662709?var=2886&ymid=788470919910920690&uhd=1&zoneId=4662709
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCNxSXf1GEtM4Ajf46rhmPoo7x6YH220R5VuOWP90GHnFMkABXt1kUyEyRcDKhWm%2B2VXQibFP5lszuo7SIx%2Fetq0LPbSkl7n8Okyk54HfgKbyV3ncRvRMuo32S%2Fng0npKhqX"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 85f1534c6d59664c-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 37ms
36ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 zone
gluxouvauure.com/ 0
487 B 39ms
39ms Ping
text/plain 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=2886&ymid=788470919910920690&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=4cf6ccb6-bc0d-41e3-b1f0-2e31f059f6fe&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: 3ff95b8adf8c7cfbe424b2947ed62d7d
date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvofTEWt21JTPMZ1ht6QUBnCnyZLT0SCW0JgbWhv20VoKjaGjVtRl09aXsiqR%2BtDb25X48BiTjWuOF9UV2daYrCpSkDzFsCSbYqxRsugRUo0TjESlEOFRAhEEZ83%2F4Heh%2FpW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://gluxouvauure.com
access-control-allow-credentials: true
cf-ray: 85f1534c6d5e664c-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 37ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 38ms
38ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 47ms
47ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=788470919910920690&var=2886

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4d5746b5d768c4cff8f139af9576f05d58fa44528d98304eacf19ec99ddd99b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gluxouvauure.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 37ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 39ms
39ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 37ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zone Show response
gluxouvauure.com/ 798 B
980 B 44ms
44ms Fetch
application/json 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=2886&ymid=788470919910920690&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=4cf6ccb6-bc0d-41e3-b1f0-2e31f059f6fe&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ffd4868012bb3a421268b2554e7106c4fae560c2b5f9d85f61437079111b401

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 278c180f74adc64f203a2aeeb165b3a7
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwTRdQBG9i4fwaqtCnPLJ1U8t1%2FmKvz13xECK2%2B74Xb7GEeVJW4DpG03QMSmvzqvoGJHgMNrCGxGdIVkZRkxQLkO9wx2yPd7xnUj1I4yMKx9ifDevmm9PoQs7tqGZlX9iO%2BY"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 85f1534c7d73664c-AMS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H2 200 custom
jouteetu.net/ 0
0 37ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 37ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788470919910920690&var=2886&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gluxouvauure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2

200

Primary Request t39a Show response
landing-dev.xuontiacompany.com/
Redirect Chain

https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=788470925816508430&cost=0.002868&zoneid=4662728&campaignid=7657060&bannerid=19605752&subzoneid=0&oaid=ee51d52707d1d0b46e9b4db25d...
https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&i...

15 KB
3 KB

439ms
211ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af7c416a2dad1a60b0c5beeb67c6032c71e7738be8603731209d4f88476c53f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85f153521af14262-EWR
content-encoding: br
content-type: text/html
date: Mon, 04 Mar 2024 10:53:57 GMT
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtbV%2FTX995JWN%2BUVRpQfMczLlSv7qE12pqouHjOJgq2gXx3m3Rjlpj57NHNJHZZOrdsIradShYgJpdnzGYNA6pooHqLiuS4TsDCKv7h392Q0PP%2BA7sj2XH5j3F2Nd7F1yi1ANSHiq6eZsS0gypzMbUM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

content-length: 0
date: Mon, 04 Mar 2024 10:53:57 GMT
location: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
server: Caddy
x-request-id: 4f32483e-05f2-4e12-8c1b-933e063b4acb

POST
H3 200 cat.php
gluxouvauure.com/ 0
756 B 42ms
41ms Ping
text/plain 172.67.163.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gluxouvauure.com/cat.php?userId=ee51d52707d1d0b46e9b4db25daf57db&zoneid=4662728&rb=MH1RFVtEkCnI5YIgGIfbsm3VbHwL2S5UXe5BrklSOz2G8EeBGwVkIlxq3x-nKWE4yGHvk2vOejl5Lmth_G9hCtj8x-MKpRgj-el65iU7V3g_Gp5JTf5S1PfDt9lBYYcbtA9Ri2HM6Rx6y61gXVVHlIKcjfcXd2N70eSgDyMSLX5SL9ZMGej-ISwiOSwI09DBL-KWyJUe0caSBvJ-zeZjHXMP2ASQNpDCx4x7nFwYfuBUSZXHjgYxPwOmTxQStAldckJfMDHskEHDdkPyi0uLVnSNPxmgZLCeVAvK2bzrjXDCVjhOVcbRCJU16zZsERrByOSLTqXg71JkdHRpNIXhpCOiO_BFe17Mhfu_rv9Qcjpn1aQXrwOKAUtCcLBDho3_I5sgj0XpKDH2daAEveaGrZ2haKyWPnVabyXT3DZVjmbJB10MkNpMaaHD8oT4SKWC1ETHRy3hiCmBumwOyWzhizkMDt6p2uQ_x-1FIk9O7z1DjFZPqOIOwLWiRyIgzP3_kAIsupI7-iRr46zrp3FRbmKN6vVucR1S&var=2886&var3=788470919910920690&ymid=&rhd=1

Requested by

Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 6cac5bff506e0356269b67efd07e7114
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pbq6IhA%2F8NWCqHYx9pn1rPuL9uuEUKb7ugUGuc8VB6h6itXJlWTrobWB9VFp7hIYP0cgM%2FwacwHxStxnwSEHQVc6wpWXhrvg4rIVaI%2FE%2FLpOTpXwKIJj2DCfVd8Vq6m9F35G"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://gluxouvauure.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85f1534fea49664c-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 style.css
landing-dev.xuontiacompany.com/t39a/ 19 KB
4 KB 124ms
123ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af0b2fe4b87c52852c9e69c0f36632d50e78cd5382fd41c033f8a6144946ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244918
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-4bf8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2KlSxOsOlzycrIeW8%2F4ur8O3e%2BcRn%2Bsih%2FUmGEtlqf11720mhLT8k3D7a9PC4qVwccmoCGFPqbQMwZ3ecLhxX3DjYRC8EhSJqFk7fF8tXPqZrJry2TapT1ZYOKKd7k7TtgL%2FOvjoqxuAB8xG1ahp0E%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85f153536be74262-EWR
expires: Sat, 01 Mar 2025 14:51:59 GMT

GET
H2 200 shared.css
landing-dev.xuontiacompany.com/styles/ 27 KB
7 KB 116ms
115ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing-dev.xuontiacompany.com/styles/shared.css?f32a166c3aec68771e15147bb8dd6c80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799272975f9a7ab73725e7fc61ebcb03eca6fd3f5a06bf5b45fddd7f2bedede7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6935
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-6cae"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBbs6bSq1lBPdv1iMxPo%2Fq6Wkl5dd7br49Ru4Gvi%2BtYkdeFr0Prx0lJYEAvD2kMA4b5d31FSL%2F8WkzYyonabbn7KMPTPT6DaKX72e5CufSTKmBySot4p%2BWpnlANMCg9IBTiuWQX7HqQxoPDuQGTErAM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153536be84262-EWR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
85 KB 106ms
52ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9be67555851e5ac017a91a74d8cb87149c9fd1b3d41c9e08d23a03a8cae2b60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86811
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 10:53:57 GMT

GET
H2 200 EN.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ 2 KB
932 B 114ms
113ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/locales/EN.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd2061a7b11b9e3b2e56b8f53a7ea2547fc6b465d13bf5441c81be6d28daa9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-6d2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjzZ%2F0%2FrGoPnnN2X7Fp7vSbF3nFm00aLuY7vy5Dyf%2Ftf75zDj5zUnvv1KowZbn%2FQeHijZ3NYOEAVocAesN1HkqMjiTkitwpnNlHz44KIK08I8EU5oSA9k7RFxzcH1F0kvWKp9Q5NMquNT7LGjm87LkE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153536be94262-EWR

GET
H2 200 arrow_drop_down.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 228 B
483 B 114ms
114ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/arrow_drop_down.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f45562c1bf1f621a1a24111f9ffd9b89c9eb806a116beff4079c9b0830d746

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-e4"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qB1duYl%2BakCvqkXEXeyGA8oSeHdT5r22vRjGSA3xKbkATHkjcNVAHIbo5c4zU31%2BcSj%2FAxXWqTq06peWjni2ViUmBhOIajYEM7wx4z3dT9rdcKrQuqprznQnqBSm0SU4Kb6y09ZXwUmWjTWEaWeOq8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 85f153536bea4262-EWR

GET
H2 200 DE.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ 453 B
772 B 124ms
121ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/locales/DE.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b40f2a19d1427470258e3c1114cfb1353d891819585f391d7b473813fbfc2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-1c5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FOMDE%2BcOaIDcFMdlMQBHLGegZVLFlCqW7r%2F49ibDOyKOGNk0XN9tKdJkXriU0PR1wQVMWHKhENCP5o3iOOSnL9Bs1k0Xhzh0y%2B209hjpUBrgy6I8ngSgm1va1BIu5lNjtxUcqk13jtAhqHDG8IxHNI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153537bf44262-EWR

GET
H2 200 ES.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ 1 KB
954 B 119ms
116ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ES.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab945250b36efab1b3edeb16672ce19aebd882decfd58d5d04451193c895114f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-5c0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18%2BvXwIzrWHeNSkI6PkRmr5oVxgw1YcwjHEJH0%2B7Iy4mfujG0TLF2YaQSp71fbh4w34qxVHki92NgfaVzcT2g8qQb%2Fh3jrehxJ3HdIdg3ZH%2B4MtreUZ9RYywwCQpMrfYvu62DQ%2B1sS0sppTp3i48th0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153537bf54262-EWR

GET
H2 200 FR.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ 463 B
594 B 121ms
118ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/locales/FR.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c1f8387eaf1669b6a0df9c04b336701b0a3a5bd9a20e3eea2e1668e7387983

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-1cf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5VSqAUF3T%2BmL8Md94Jt2xZEw0YEzXFu2KlqNtOGJV8UFDLu8%2BNy5pKsFPtl%2FMeK2hJx44MwMkuLGa7E3DJIi2ZwqgGYGA5yESGY8damvjMsPEWLndcjmW%2BZRcH45tgaL%2FNEfxXs%2BvoK5xKBmFLGvz0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153537bf74262-EWR

GET
H2 200 IT.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ 477 B
598 B 119ms
117ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/locales/IT.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d66b497d02a7cd78cc054be46c366281311d8da297d10444b882160db14219

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-1dd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sljgMY6%2FoyyxctPQeiboNVonY%2BuLbHThkdUmFdTvkwLewGBg6%2B2PGrEvkRrX4GaqdNQT1zyyf7Zj4co6oP9kumcQ7yZbqmPs0Sf3maggh%2F6%2FUPWBOvSK6R3Fq186lQjyC61BAuWbheaq0%2FaoRwwZjA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153537bf84262-EWR

GET
H2 200 NL.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ 450 B
595 B 213ms
211ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/locales/NL.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bbb643c2815a66a29683d9e538c3404f98fef3d0100113e0967ed6bc499988

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-1c2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwT4Zcclc%2BgM%2BgQ38WMfOmtGAC8gljUrcIVp%2FUUNQ7Wgw5b%2Bz%2BnKi2UDTCprPThkXwj6bbXduCmNLTAWfIQrF7BVgsSJTxzl%2FP%2Fnov8UWb1whY4R3zBA%2Bcy5OrEKj7cbrLNIOhOQRmqOL5xljymMTCU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c554262-EWR

GET
H2 200 PT.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ 975 B
757 B 222ms
219ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/locales/PT.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41dd81ecf0fdcf6065d7fba2ea5fcb2529529c981fc6066d70d8d98b778f9b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-3cf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlltSYJsWj3Sm0XDxZ%2BSLQjcKIzDoEKvxSOLTk9ZbkunzImCh5O7mjTOmbPkmXEnLA2%2BE6oXMkSbtaWnLnt73a3PN%2FG0%2B9osv7dI%2FePTRjFz1Xf5IEKddbhJ0eoon4cK0DVgIFMCPQRuRaibMui70LA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c574262-EWR

GET
H2 200 feature_banner-1.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/features/ 18 KB
6 KB 214ms
212ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/features/feature_banner-1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922be72b779d865d3c4b03de3d2b134406ddc1c44700b69d57b3c84e3b60a733

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-4874"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJK%2FdVe91iA0Hd%2FqgKkeo%2FXOsMn%2FvZVYrODKuU31U2XiBvK9ZI2SIlIKOF4WIl47u2g3Ghw53jn2izMk8f6dCE3bqtkfFE1q%2FP447BLWTquKFOhlPrzeuHbaCK6Yf4xIfpkAxmwNmVWn1M0vyKl8Lhk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c584262-EWR

GET
H2 200 feature_logo_1.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/features/ 509 B
613 B 216ms
213ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/features/feature_logo_1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b226474e5f0bad40d1d89eb2ea0b7dc0baba05a0834fdb02173ea0d89894cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-1fd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFhXCQZxTqW26pcRNb95yyyPenAt5iGTtzYrqMKewtqw7kYSco9KMZaCYOimjuAe45a%2FW8vwBlBV4jD3w2tzD6%2BEiMX3AZseypeWlcx3Gp9Wd1k7i2u38F8aBNoHj8RuMrXcCao4xaFNlDuKmIfoneM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c594262-EWR

GET
H2 200 feature_banner-2.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/features/ 10 KB
3 KB 238ms
236ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/features/feature_banner-2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f868a345a189b37840aee4d6942b2962a1742765cbfd97b9a04f0c7760eae03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-2612"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3i6ncdbXYoDqXYbqV0rkbibmTG2OGPMS1rzqTLwa4n7Dtsgggy3DOcvIuKjI24A%2Fw3XPwLsQ7NR1tmxtWBcOiXtI0xOhXnJy9f%2B3sVm4tNSnRPj%2Ba3nSe6GAZUAVQ0W0uQHHh9T1KrqDd7h9VNLwyU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c5a4262-EWR

GET
H2 200 feature_logo_2.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/features/ 1 KB
1 KB 237ms
235ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/features/feature_logo_2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1a1fe492a8a08985a54167a852913066ad44e90162aa79386945861666f8fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-447"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW9e2SPAUIo%2B2F%2F7%2BI%2BA36wyPed2zQXCr07qRS9ffyJemLdUx0NGjU3GdvhSwrIs2IiLsnrtR0fc1jJKD8KBr8UUcLLdZ0XEFjWFg8bvHe62F19DCxevtfHN6U3%2ByjtKej5cc7IB0ATCQEr5ChDD54Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c5b4262-EWR

GET
H2 200 feature_banner-3.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/features/ 11 KB
3 KB 239ms
237ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/features/feature_banner-3.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622f8aeff490fce880850d1b8bd9d52f20aef04123a8417bbc44c9349cf9fac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5565
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-2db7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KA8uzoGWJurMw4x1NQFgfvFZkmBXu6FmLZaGZaOaEYFKiMjDLYOG4hAbyLvVnTRlq88p2sweFzmCzY8DbQwRdyIu4aMzJfcEErj6Q7bEKWSCRQeWuo1P7fIoWRsNm5a1LGTlxj2Qho6qKjz00zGv3c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c5c4262-EWR

GET
H2 200 feature_logo_3.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/features/ 4 KB
2 KB 240ms
238ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/features/feature_logo_3.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b040d4e4c5a91e7bc8740c778fa738c8470dfac0588c5294ad2d90d899ede36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5634
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-e53"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFdKbxtSb7hNpkNGvAlbb13jZX0zJWy6pWAofThDNNSkPnGLBUIPuocztJZmGAfXiYNzT9ULvZ9qbbFjd4eQNbdI6D1iTSNg1ScEpAiUIK5VaA9OiVccHP1ESF47ISep6%2F0okSm5FrL80jrhhq0zeR4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c5d4262-EWR

GET
H2 200 feature_banner-4.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/features/ 15 KB
5 KB 238ms
236ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/features/feature_banner-4.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efd24949b583aee5301aeb16d27000b8bd5744343dbe55a3a02b17c6b10f10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5634
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-3c89"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHrzQt%2Bv24EdbpO80pP%2FyX4MRjMeyzG4HWHe5wVgGZYR96%2Fs0y248qb3MzRwUqjAZfY9EhFDYxKJsyoS1HfEFUdgtDbxV5mtyRJmI7Lx9KgteouPOFHaH7dBZgeSrdcT%2BLHm6DF14gJCjxm5xQZLsGE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c5e4262-EWR

GET
H2 200 feature_logo_4.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/features/ 1 KB
831 B 239ms
237ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/features/feature_logo_4.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fecd384266d355fe0d06767f5a866265809ab89150c27dea64e205a986d28b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5634
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-414"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt7yCGvK4LWTA4YDmGDWtM30KML1HA1waJyDP9EIW0n5skVsPm60AtRB7o6xrlb27Cv3mKH2agoG3zat0aXyT6kektw1%2FMqoHSdQjdSfTy0QFSSyukrwaWlgGYSyqNEb%2FQZaDYBJuKq365rXG8CUDFM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c5f4262-EWR

GET
H2 200 Rate.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 309 B
530 B 239ms
237ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/Rate.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b6db83b2a1d77281219272959d3622392487eda0ce2ab2eead1c0891d3fe04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5634
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-135"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G397TKoBTjVod2EhD8lALO0d9X1I%2BNMqJRzWRuiqd3k%2ByZa1sm2dttLWCndDKE51RcSFv2Q8nc4%2FHqXvgmEpArIlKlyDoXA7OX0gL0rjmzojIA%2B6vEkz0g1UOREVhmi6OOC6wWRMdzF44m1%2B7%2BX2xFI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c604262-EWR

GET
H2 200 instruction.webp
landing-dev.xuontiacompany.com/images/promo-images/t39/ 67 KB
67 KB 222ms
221ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/instruction.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5634
alt-svc: h3=":443"; ma=86400
content-length: 68124
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: "65e1eb3e-10a1c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Cw42owzgt3xNSHAnWSeO0MPsAjCcZZOPFPjKH%2FU7kh5wHTPa8WJP6wzsHNpa%2BCOPiGhU1jer6nfMwzYLp0eiZOrvSr2D2A0%2BjejCkbcmW140wrN0meUwaQsdXE310Xv4H%2FAOFlOw7yq1zYgHNes0lU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85f153541c614262-EWR

GET
H2 200 cursor-finger.webp
landing-dev.xuontiacompany.com/images/promo-images/t39/ 580 B
913 B 237ms
236ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/cursor-finger.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a818289b7887c0da0b8def330e0a6b14d94e0cfb11bd45a8262d644d6f1c41e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5634
alt-svc: h3=":443"; ma=86400
content-length: 580
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: "65e1eb3e-244"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiRTiw2mWyIuFRZMLmiVpRxB%2F163z9fSfU3LSv1Jw%2FKftmFfw489kxAt%2FxH0tNXNEb15x5yke75VqG5h6mcYBX8OMK6E18ZaiSynWvjD%2Bw32FiyU0Yr9747WGpl9wMybPE2w3wLgPWLUqUvPZ0rigTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85f153541c634262-EWR

GET
H2 200 compatability-banner.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 27 KB
10 KB 239ms
238ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/compatability-banner.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b37bf1274aca6936234156f537127881a4e4ff565c458068366a87365ea9c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5634
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-6d32"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPD%2Ba4RQGo4GdpbmgtIcVet4v9IJVlVB6xXl51DkdrfAQBuBFZhe9aD3UEUlSfhJ2l%2F%2BYG0SykRRoPYK9M0iyPV60mDn9IdlWJ0D%2Fy2ty7BBzNMDdG%2B%2F0w%2FgHz2W%2BBfCXqxci5d2b%2FMuQyNtwt%2B5xKU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153541c644262-EWR

GET
H2 200 index.js Show response
landing-dev.xuontiacompany.com/js/ 321 KB
45 KB 126ms
123ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing-dev.xuontiacompany.com/js/index.js?f32a166c3aec68771e15147bb8dd6c80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef14fa4713c19157b8f0eb4d41d673f7a18f2d138817b88658f583949f21d6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6839
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-50571"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ot%2B96%2BQ4aOhha6xKPm4Ksw4aMAmbQ1yYEcAvMVDJvzWHnh%2Fh371k08Wqrh9Fjai97AXGnTiAN9D1U51V0uQpuTXwjrkA4L68LD3n%2Fm7%2BzmMF2V%2FzU39l32LCejrd%2FyHqJZrh7jS%2B%2FyZCbJL9DEItkkE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153537bf64262-EWR

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
814 B 86ms
31ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/styles/shared.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 10:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 09:37:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 10:53:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1019 B 76ms
30ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500&display=swap

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

2d1f8156fd08b1a0d08a77105ccb7d62ddab490ca320dd609bb7da52e82234de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 10:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 09:54:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 10:53:57 GMT

GET
H2 200 jfl2pu6cif Show response
www.clarity.ms/tag/ 650 B
1013 B 280ms
196ms Script
application/x-javascript 13.107.213.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jfl2pu6cif
Requested by: Host: static-landings
URL: webpack://static-landings/./src/js/index.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c50b2a682ffd1175cc29f06667aed73ad7cbf7cb6ea5a909908e903d54e872fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: -1
date: Mon, 04 Mar 2024 10:53:58 GMT
x-azure-ref: 20240304T105357Z-vb49brdb1d50b55a99cektq0c0000000019000000001e24v
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H3 200 banner-background.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 168 B
663 B 44ms
43ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/banner-background.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb0d0c5ee5d39d7dc1d7193638e693fc3da791189be9794efbaa2aa38466097c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5127
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-a8"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKq3jDADgOUa%2FPG4l29nJ9Ry1F%2BRDQGIEwImFnKCvNy5FzwWQWjdr7YlBkRNXb%2BcalA71C9SksQvYH04l0V6ZKR%2FamPSTTdz%2F0Xb8Qg9nnh6Xm%2FkL%2BxS14IRmzTHg1XmBxqlatcz2IzE3PKpCWLcB2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 85f153548ed56f3f-CDG

GET
H3 200 arrow_forward.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 249 B
704 B 46ms
45ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/arrow_forward.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87fda4f3a69241a941110f26d4837a768bf0a864e58aa79cf8d414fc9a0136c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5127
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-f9"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqilkl2dLhV%2Bp5PO6LzE5z%2FL0IukupfxWelTH5mpBeo5iJJo7MFx3ybrYXGSjvFNMkNeLly%2F%2FkUjkk412%2BXELaDsRk0rvGhg6x9UGYgKpIPCbVeOB58NbQ5tT3X%2Bvz6cCjdnzooc0ShaUfHA2SM58XE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 85f153548ed66f3f-CDG

GET
H3 200 done_outline.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 259 B
757 B 42ms
41ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/done_outline.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b797c4abdedec3e173cdf21250305b33a5fbdf54466912ce75cc9f271da2c44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5127
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-103"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1yq3QnZGk3P5UxdfuIMA95jsi0YsO4saEkc1QMgIgD03JIuBgY91y6wbkdXX%2BZ90MYz%2Bb4mSHmTB8aCGq%2BOLWm1elFhMe%2FjsAR41pW0%2Bi5o%2B42Omozi%2B6Q4S24kwFv7DGAE4UJd%2BWPXgkgKXgEk5GQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153548ed86f3f-CDG

GET
H3 200 makbook.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 11 KB
4 KB 44ms
44ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/makbook.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5735522be0fd6c5949744d53ec36ad657d676d33a8504b90c4fad119e718972

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5127
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-2d40"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2WYiYOiw%2FnawnKzpZt2YWn3e6FdlMRH73QviFwc2JCG6fA4OPRK0qROWeINQFBI0pZyMM4uW8mRzLeAj5OI0%2BX3dTG%2BYjZqa9WmUZmlSTSWCdkD%2B8OTAGZc8oD%2FcvaBVWbpqFfS0k1xC0Tw47wtXmg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153548eda6f3f-CDG

GET
H3 200 geh.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 170 B
661 B 46ms
45ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/geh.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85e87c59be8a86993d61b2f5c0977b9a9ea899c14322757933e07da416a80d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5127
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-aa"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5h91tLtno%2BijS%2BsrowpOunQDEf6ejGS%2F4mYOL3dvl%2BwBiTYbTjlNU1CXszqJ0TJszcKrlJWgJaRusi6%2FOth3kbezeo2PD%2FigdO78Mw83FaIRK8uXZyRoVKmqCkG5iHHfcPNKSpM8bFgMOxI6vOFiTko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 85f153548edc6f3f-CDG

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 97ms
45ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://landing-dev.xuontiacompany.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:10:25 GMT
x-content-type-options: nosniff
age: 524612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:10:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 79ms
28ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://landing-dev.xuontiacompany.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:00:36 GMT
x-content-type-options: nosniff
age: 525201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:00:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 74ms
22ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://landing-dev.xuontiacompany.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:48:58 GMT
x-content-type-options: nosniff
age: 525899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:48:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
265 B 84ms
29ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WV373MWWXX&gtm=45je42t1v9138627631za220&_p=1709549637841&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1461040502.1709549638&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709549637&sct=1&seg=0&dl=https%3A%2F%2Flanding-dev.xuontiacompany.com%2Ft39a%3Fclk_domain%3Dexcellingvista.com%26flow%3Dbinom%26campaignId%3D10557%26cid%3Dcniqghb2r96s73b01dog%26source%3DPropellerAds%26lpkey%3D1709536ece109886dcc5be034dccc92f717a049937%26isV2%3Dtrue&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=769
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 10:53:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://landing-dev.xuontiacompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 src_landings_t39a__locales_en_json.daede2079d4595937aeb.js Show response
landing-dev.xuontiacompany.com/js/ 4 KB
2 KB 46ms
46ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing-dev.xuontiacompany.com/js/src_landings_t39a__locales_en_json.daede2079d4595937aeb.js

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/js/index.js?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d05dc40e0f3777d156530f440526707a212364629426e0bfcd84cab39de8ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1962
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-e62"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJU3rtxBhtspji2qGUyEUsbM8K%2B%2BWQPuBBW%2FKwXpkFf2IaLTuxoRv%2FBOT3wTo3jQgEBoSWFRdk%2FlC0%2BZMVI%2Fkc4hmcl9XbOY0m5UmpknYbLMThzrYC%2FzmuBCwGf5CXe8hjrssUO4pvxpO8llP9aMql4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f15354bf206f3f-CDG

GET
H3 200 US.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/locales/ 3 KB
1 KB 42ms
41ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/locales/US.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ebc5aaa8d469faabe54a6823e4101f324485b83e4600f9d8e7b9a7809f624d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7113
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-a2e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkr62M9p%2FP%2BXsGGhu5YxaZ36XgjVu6%2FQwB9aQZdxjO75NK0e1cmjPwv66BecYzp%2F6dqM1yW%2FLH0GwnH3dDgB%2FIKd0I0odujgA9x00tGNCCIqJYSRJHKrQpSJ1ZzY0sQ4Mh1ojTT8uN5P7FzFi%2B6FVD8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153550f9d6f3f-CDG

GET
H3 200 instruction-en.webp
landing-dev.xuontiacompany.com/images/promo-images/t39/instruction/ 67 KB
67 KB 45ms
45ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/instruction/instruction-en.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1962
alt-svc: h3=":443"; ma=86400
content-length: 68124
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: "65e1eb3e-10a1c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qflydRhbEIXPLMKh6yb5hAlqk%2FBfY9hiSkMwGFZVzlIpf028k3bsoHznCkhX4led5lSBfxU7cqQ%2B69XnedphrCsiMHYNUXRkVM6t54xxVJADr7xS%2FqBhpz0s09xgbFcC4KTwzH%2BY8QfuiHKfvDC6ylM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85f153550fa06f3f-CDG

GET
H3 200 logo-full.svg
landing-dev.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/ 28 KB
11 KB 127ms
126ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/logo-full.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/styles/shared.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90597e5f5b82b89af25836180dcd0181fbc6f6d32a07408802529db0a69b2148

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/styles/shared.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4858
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-71a9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTW4T8FlLvTMxOH8DF4wvkNVfUwIz4orzwKeZfbFd9N04uYXlkYb0K4TyP1A%2BuwqaykxwAZZFBU6%2BvQkcJQ9TMZwV2mvv0UV%2Fuq8AeSd%2F3fWzlHadc3JpHsQdBSL5kDe%2Fqd7bu2uRS92LZrfc%2BQKHb0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153551fab6f3f-CDG

GET
H3 200 chrome-icon.svg
landing-dev.xuontiacompany.com/images/promo-images/t39/ 6 KB
2 KB 131ms
131ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/promo-images/t39/chrome-icon.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c9974fc6f862743b88b99a74aecc083e75668bcbf2e24c45c590de7ba197ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/t39a/style.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4233
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-19ff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI%2B%2BnTciJJ6tQDPmJk%2FC4vuVDZGY2nIUue%2BzxhwzlEcY6ef3nqQ92Qyx8rTOsyRJ2Xg1boHA12KNCW5esGStC5N82obPaCup%2BG1YYCFK08HQokSq8T1WtGFgPBVhYcev0cjpZoHqUzAGrE6Bat6f3mA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153551fac6f3f-CDG

GET
H3 200 chrome_store_icon.svg
landing-dev.xuontiacompany.com/images/browser-icons/ 2 KB
1 KB 132ms
132ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/browser-icons/chrome_store_icon.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/styles/shared.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/styles/shared.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4233
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-853"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3qzoDpvyZS21d%2BnLgNOPeiy595zosAfRn%2BzywZ5eIW3mDWl9R%2ByfTAH7sc54rofXpbHnQUU9w3H%2BpNjhnNtpYlnjAmm9wy%2Fj2gECxg10MJR7fj1wFdkRE%2F6svHZybndXfKOl%2BfO%2FT1eBm4scjtb71U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153551fae6f3f-CDG

GET
H3 200 logo.svg
landing-dev.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/ 3 KB
2 KB 133ms
133ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing-dev.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/logo.svg

Requested by

Host: landing-dev.xuontiacompany.com
URL: https://landing-dev.xuontiacompany.com/styles/shared.css?f32a166c3aec68771e15147bb8dd6c80

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a4cd38860b44bc04c63b1ed77464018947977ef14a0fcee06305c385131f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/styles/shared.css?f32a166c3aec68771e15147bb8dd6c80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4858
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 14:50:38 GMT
server: cloudflare
etag: W/"65e1eb3e-a0b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvI3b3lxd4dZEGnWN99mvAJsyNt5ydwemlLZ5rJQ3ihBA%2BGA6E38zKhHeaPQAr7GRdDxrffZ5FcBTCmjjfjFZiDywgZ4U0SZGOcE7U%2Bht1oge4J8EjtiBHnV%2BMDfOnd7KN1OnryipWmcdMtz6uMJxsQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 85f153551fb06f3f-CDG

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.22/ 60 KB
25 KB 45ms
44ms Script
application/javascript 13.107.213.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.22/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jfl2pu6cif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 10:53:58 GMT
content-encoding: br
last-modified: Thu, 29 Feb 2024 15:07:22 GMT
etag: W/"0x8DC39382173A2DD"
vary: Accept-Encoding
x-azure-ref: 20240304T105358Z-vb49brdb1d50b55a99cektq0c0000000019000000001e25e
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: b7b797f2-701e-0063-4c62-6db320000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET click
excellingvista.com/ 0
0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=65FAA91E97534BB2A8FDF8A503C97055&RedC=c.clarity.ms&MXFR=14FE12608FB1691C267C06588BB16747
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=65FAA91E97534BB2A8FDF8A503C97055&MUID=26CCFE93DCF06F8504DEEAABDD226E12

42 B
465 B

74ms
74ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=65FAA91E97534BB2A8FDF8A503C97055&MUID=26CCFE93DCF06F8504DEEAABDD226E12
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing-dev.xuontiacompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 10:53:58 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 04 Mar 2024 10:53:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC97555CDB114FA8AA89E111F24571AE Ref B: FRAEDGE2013 Ref C: 2024-03-04T10:53:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=65FAA91E97534BB2A8FDF8A503C97055&MUID=26CCFE93DCF06F8504DEEAABDD226E12
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
310 B 322ms
106ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.22/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://landing-dev.xuontiacompany.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://landing-dev.xuontiacompany.com
Date: Mon, 04 Mar 2024 10:53:58 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: excellingvista.com
URL: https://excellingvista.com/click?upd_clickid=cniqghb2r96s73b01dog&add_event6=1

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ak.deephicy.net/	1970-01-21 03:38:05	Name: OAID Value: 0080151a323a404ef3acc956cfb8709a
ak.deephicy.net/	1970-01-21 03:38:05	Name: oaidts Value: 1709549635
my.rtmark.net/	1970-01-21 03:38:05	Name: ID Value: 0080151a323a404ef3acc956cfb8709a
gluxouvauure.com/	1970-01-21 03:38:05	Name: oaidts Value: 1709549635
gluxouvauure.com/	1970-01-21 04:28:29	Name: syncedCookie Value: true
gluxouvauure.com/	1970-01-21 03:38:05	Name: OAID Value: ee51d52707d1d0b46e9b4db25daf57db
gluxouvauure.com/	1970-01-20 18:52:29	Name: prefetchAd_4662728 Value: true
gluxouvauure.com/	1970-01-20 18:52:33	Name: reverse Value: 2Omw6p_m2_BQCaIQXKqtYldVRpbEkPp3mPHl3OSJyjk
excellingvista.com/	1970-01-21 03:38:05	Name: uclick Value: zr6Iwg1UPIo1g7D1YWCYvm2oLkwQap8JrBGvNTxyyQZMRa2FSRLc6IKHeDew6XSJM3bwcy8=
excellingvista.com/	1970-01-21 03:38:05	Name: bcid Value: cniqghb2r96s73b01dog
excellingvista.com/	1970-01-21 03:38:05	Name: cid Value: cniqghb2r96s73b01dog
.xuontiacompany.com/	1970-01-21 04:28:29	Name: _ga Value: GA1.1.1461040502.1709549638
.xuontiacompany.com/	1970-01-21 04:28:29	Name: _ga_WV373MWWXX Value: GS1.1.1709549637.1.0.1709549637.0.0.0
.xuontiacompany.com/	1970-01-21 04:28:29	Name: clk_domain Value: excellingvista.com
.xuontiacompany.com/	1970-01-21 04:28:29	Name: flow Value: binom
.xuontiacompany.com/	1970-01-21 04:28:29	Name: campaignId Value: 10557
.xuontiacompany.com/	1970-01-21 04:28:29	Name: cid Value: cniqghb2r96s73b01dog
.xuontiacompany.com/	1970-01-21 04:28:29	Name: source Value: PropellerAds
.xuontiacompany.com/	1970-01-21 04:28:29	Name: lpkey Value: 1709536ece109886dcc5be034dccc92f717a049937
.xuontiacompany.com/	1970-01-21 04:28:29	Name: isV2 Value: true
www.clarity.ms/	1970-01-21 03:38:05	Name: CLID Value: c45f1786507b4ee29606f12f94a4d732.20240304.20250304
.xuontiacompany.com/	1970-01-21 03:38:05	Name: _clck Value: 1kujulb%7C2%7Cfjs%7C0%7C1524
.bing.com/	1970-01-21 04:14:05	Name: MUID Value: 26CCFE93DCF06F8504DEEAABDD226E12
.c.bing.com/	1970-01-20 19:02:34	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:14:05	Name: SRM_B Value: 26CCFE93DCF06F8504DEEAABDD226E12
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:14:05	Name: MUID Value: 26CCFE93DCF06F8504DEEAABDD226E12
.c.clarity.ms/	1970-01-20 19:02:34	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:52:30	Name: ANONCHK Value: 0
.xuontiacompany.com/	1970-01-20 18:53:56	Name: _clsk Value: pj6lpd%7C1709549638585%7C1%7C1%7Cu.clarity.ms%2Fcollect

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ak.deephicy.net/partitial/1242039/?var=2886&ab2r=0&prfrev=false&rhd=false&sf=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gluxouvauure.com/?s=788470919910920690&ssk=c4518e0cd7dfad47c0b98b7aea9a4c6d&svar=1709549635&z=2886&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=cniqghb2r96s73b01dog&add_event6=1' from origin 'https://landing-dev.xuontiacompany.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://excellingvista.com/click?upd_clickid=cniqghb2r96s73b01dog&add_event6=1 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing-dev.xuontiacompany.com/t39a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cniqghb2r96s73b01dog&source=PropellerAds&lpkey=1709536ece109886dcc5be034dccc92f717a049937&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.deephicy.net
c.bing.com
c.clarity.ms
excellingvista.com
fonts.googleapis.com
fonts.gstatic.com
gluxouvauure.com
jouteetu.net
landing-dev.xuontiacompany.com
my.rtmark.net
region1.google-analytics.com
u.clarity.ms
vzlinks.com
www.clarity.ms
www.googletagmanager.com
excellingvista.com
jouteetu.net
104.21.45.173
13.107.213.60
139.45.195.8
139.45.197.251
142.250.184.202
142.250.185.136
142.250.185.67
172.67.163.48
188.114.97.3
2.19.11.11
204.79.197.200
216.239.34.36
4.227.249.197
52.58.28.63
68.219.88.97
0e559449f784496b71b9c4ae641e33810a6c7b60174d774cea453320da841db2
2b1c8a261df49ade86d791eace85675095230802dad128c1a6758c9a77ea436e
2d1f8156fd08b1a0d08a77105ccb7d62ddab490ca320dd609bb7da52e82234de
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8
38a7ebcd2c648846019bfd3992acfececb08c47107c8ea57abf5eb75160d992e
3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd
3d05dc40e0f3777d156530f440526707a212364629426e0bfcd84cab39de8ab7
41dd81ecf0fdcf6065d7fba2ea5fcb2529529c981fc6066d70d8d98b778f9b2c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4af0b2fe4b87c52852c9e69c0f36632d50e78cd5382fd41c033f8a6144946ac5
4d5746b5d768c4cff8f139af9576f05d58fa44528d98304eacf19ec99ddd99b8
4f868a345a189b37840aee4d6942b2962a1742765cbfd97b9a04f0c7760eae03
4fecd384266d355fe0d06767f5a866265809ab89150c27dea64e205a986d28b5
53a4cd38860b44bc04c63b1ed77464018947977ef14a0fcee06305c385131f5f
55c1f8387eaf1669b6a0df9c04b336701b0a3a5bd9a20e3eea2e1668e7387983
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5b226474e5f0bad40d1d89eb2ea0b7dc0baba05a0834fdb02173ea0d89894cb1
5cd2061a7b11b9e3b2e56b8f53a7ea2547fc6b465d13bf5441c81be6d28daa9c
622f8aeff490fce880850d1b8bd9d52f20aef04123a8417bbc44c9349cf9fac8
67c9974fc6f862743b88b99a74aecc083e75668bcbf2e24c45c590de7ba197ac
799272975f9a7ab73725e7fc61ebcb03eca6fd3f5a06bf5b45fddd7f2bedede7
7b37bf1274aca6936234156f537127881a4e4ff565c458068366a87365ea9c59
7b40f2a19d1427470258e3c1114cfb1353d891819585f391d7b473813fbfc2dd
84ebc5aaa8d469faabe54a6823e4101f324485b83e4600f9d8e7b9a7809f624d
85e87c59be8a86993d61b2f5c0977b9a9ea899c14322757933e07da416a80d8a
87fda4f3a69241a941110f26d4837a768bf0a864e58aa79cf8d414fc9a0136c3
90597e5f5b82b89af25836180dcd0181fbc6f6d32a07408802529db0a69b2148
90b6db83b2a1d77281219272959d3622392487eda0ce2ab2eead1c0891d3fe04
922be72b779d865d3c4b03de3d2b134406ddc1c44700b69d57b3c84e3b60a733
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b040d4e4c5a91e7bc8740c778fa738c8470dfac0588c5294ad2d90d899ede36
9be67555851e5ac017a91a74d8cb87149c9fd1b3d41c9e08d23a03a8cae2b60f
9efd24949b583aee5301aeb16d27000b8bd5744343dbe55a3a02b17c6b10f10f
9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180
9ffd4868012bb3a421268b2554e7106c4fae560c2b5f9d85f61437079111b401
a6d66b497d02a7cd78cc054be46c366281311d8da297d10444b882160db14219
a818289b7887c0da0b8def330e0a6b14d94e0cfb11bd45a8262d644d6f1c41e9
ab945250b36efab1b3edeb16672ce19aebd882decfd58d5d04451193c895114f
af7c416a2dad1a60b0c5beeb67c6032c71e7738be8603731209d4f88476c53f1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b797c4abdedec3e173cdf21250305b33a5fbdf54466912ce75cc9f271da2c44f
b8bbb643c2815a66a29683d9e538c3404f98fef3d0100113e0967ed6bc499988
bb0d0c5ee5d39d7dc1d7193638e693fc3da791189be9794efbaa2aa38466097c
c50b2a682ffd1175cc29f06667aed73ad7cbf7cb6ea5a909908e903d54e872fd
c5735522be0fd6c5949744d53ec36ad657d676d33a8504b90c4fad119e718972
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9
d9f45562c1bf1f621a1a24111f9ffd9b89c9eb806a116beff4079c9b0830d746
ddced43d900142609f5fe714c7269f47fa36fbbf10732bcce5eb9b60ea544435
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef14fa4713c19157b8f0eb4d41d673f7a18f2d138817b88658f583949f21d6d6
f1a1fe492a8a08985a54167a852913066ad44e90162aa79386945861666f8fd4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f751e34fa062b697ab3b15dd339a927886cd96fa8f2584f78796c94d1a798d4e
fc169ae11f4762421ffc547e7b9f7e05f940521bb8e1454de3a28245b10af59f

landing-dev.xuontiacompany.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

89 %HTTPS

0 %IPv6

13 Domains

15 Subdomains

14 IPs

6 Countries

496 kBTransfer

1196 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

landing-dev.xuontiacompany.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

89 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

14
IPs

6
Countries

496 kB
Transfer

1196 kB
Size

30
Cookies

89 HTTP transactions
2 data transactions