landing.xuontiacompany.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.extension-install.com/click?key=7f02eb1c8ef2efa42fc2&visitor_id=FxECclBDW0dkfFggWEV3U18ASGEUTUhPbGFWZAxSb1tOAF1ySklSR2...
Effective URL:
https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g...
Submission Tags: @phish_report
Submission: On March 29 via api (March 29th 2024, 6:10:41 am UTC) from FI — Scanned from FI

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is landing.xuontiacompany.com.
TLS certificate: Issued by GTS CA 1P5 on March 18th 2024. Valid for: 3 months.

This is the only time landing.xuontiacompany.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
50	10

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

track.extension-install.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

landing.xuontiacompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

landing.xuontiacompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	xuontiacompany.com landing.xuontiacompany.com	260 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 753 c.clarity.ms — Cisco Umbrella Rank: 1387 n.clarity.ms — Cisco Umbrella Rank: 6663	27 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2042	316 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 245	764 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	91 KB
1	extension-install.com 1 redirects track.extension-install.com	428 B
50	8

	Domain	Requested by
37	landing.xuontiacompany.com	landing.xuontiacompany.com
3	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms	1 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	landing.xuontiacompany.com www.clarity.ms
2	fonts.googleapis.com	landing.xuontiacompany.com
1	n.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	www.googletagmanager.com	landing.xuontiacompany.com
1	track.extension-install.com	1 redirects landing.xuontiacompany.com
50	10

This site contains no links.

Subject Issuer	Validity	Valid
xuontiacompany.com GTS CA 1P5	`2024-03-18` - `2024-06-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
Frame ID: A2FAF42059438C639674316848BF9AFB
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AdBlocker & Privacy Protector

Page URL History Show full URLs

https://track.extension-install.com/click?key=7f02eb1c8ef2efa42fc2&visitor_id=FxECclBDW0dkfFggWEV3U18ASGEUTUhPbG... HTTP 307
https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

50
Requests

96 %
HTTPS

64 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

427 kB
Transfer

904 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.extension-install.com/click?key=7f02eb1c8ef2efa42fc2&visitor_id=FxECclBDW0dkfFggWEV3U18ASGEUTUhPbGFWZAxSb1tOAF1ySklSR2x9H3APVmBVXgICbktPWEZ4NRl2WAJ4WFoLAXZGW0ZXM2ZYfEhVfVJaC1Z0QltGVzNnWHxYVH5WQBECe1BDXUdlYlZkDF5vW1gfRiVDSUhPd2gfIAxfLllcHl0iFEtHQTNmHGtTUi8AQVBTcUJLWEFkaRh_XUVhQwoCVWFIS0ZXM2FIZFBTYUMKAldhSEtGVzNhTmRQU2FDCgJRYUhPWUN5chx3XEV3VlofRiVDTkhPZGFJakgBfFhOCVV3R1VIE2diWHxZGg&zoneid=20368270&campaignid=2337&CreativeID=7202&siteid=39180829-e6e1-421f-9623-ec02e5968e54&domain=20368270&keywords=adult%2520social&placement_id=20368270&banner_id=7202 HTTP 307
https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=98FA3A6356564DA99853EBF7F1393D9E&RedC=c.clarity.ms&MXFR=06B9831639E46DBD335697473DE46387 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=98FA3A6356564DA99853EBF7F1393D9E&MUID=2E62BB5A97BB69FE18F2AF0B966968A3

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request t39a Show response
landing.xuontiacompany.com/
Redirect Chain

https://track.extension-install.com/click?key=7f02eb1c8ef2efa42fc2&visitor_id=FxECclBDW0dkfFggWEV3U18ASGEUTUhPbGFWZAxSb1tOAF1ySklSR2x9H3APVmBVXgICbktPWEZ4NRl2WAJ4WFoLAXZGW0ZXM2ZYfEhVfVJaC1Z0QltGVzN...
https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7...

15 KB
3 KB

212ms
100ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05dda93023f32a8359320b32e9cc38bb29000ec93baf0e318f4896c80207f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: fi-FI,fi;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86bdb29dcbba3503-WAW
content-encoding: br
content-type: text/html
date: Fri, 29 Mar 2024 06:10:35 GMT
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L32tnJ5YdFxJYyOSpXUj46%2FYPBnJMtCOARHW%2B%2Fwzanq8RWI14SL3gdWK7fRrVQQEDoN06L8P2yDk8Px82hEJOwxwvZzVX1ueJ8naZ4S1cUBeVaRkQ0p0dmyT2ZMG3Q5A1scUZsGeE606NXZeysoRo4sAn%2FGHKdmPQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

content-length: 0
date: Fri, 29 Mar 2024 06:10:35 GMT
location: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB (Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
server: Caddy
x-request-id: 9cb72135-d4e7-40f9-a496-e4ac6c3d194e

GET
H3 200 style.css
landing.xuontiacompany.com/t39a/ 15 KB
4 KB 77ms
77ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c62d3a70e31c32abd6e63eb1b47a484778bd60d71861daa62b655a1246be2478

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 314693
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-3c67"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9ptahW7i%2F2w6ESeDs6qtEQ3iQO3Rid%2FxeQJAuFNu48s8FYxJl4qYtItlT2QXXeNfNMSg3Z2uOQ3%2FAj0H6RxHoJ0OMwo4MUQsdk0Kx94hDL5%2BW%2BnVVqwqcbdsqFYGOIUedb1ISMaNuOt3P7fTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86bdb29e8fe35b2b-VIE
expires: Tue, 25 Mar 2025 14:45:42 GMT

GET
H3 200 shared.css
landing.xuontiacompany.com/styles/ 25 KB
7 KB 79ms
79ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

028742888440e1d1d15e11e84518771a205b45bfd51c8ebbef169ac7533b96e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-62ee"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgYUYBiR3HDgifndSXBOyRa20BWchgIs4Zh%2FcIDtazQruvh13gEIWVLq8zj9FCYtHA1obvdhKNPHASQ6PSlfSR6JXm81R%2FnbrKfIf620bSbhF7jQs5nf0HoA2CHz0MjLQ8B%2F1l6FUtmZu9znGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e8fe55b2b-VIE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
91 KB 206ms
79ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5c0d9109c004672147938c384a8b21308519fe7c8bc08d6d7d1561a819bd7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:10:36 GMT

GET
H3 200 EN.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 2 KB
1 KB 78ms
78ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/EN.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd2061a7b11b9e3b2e56b8f53a7ea2547fc6b465d13bf5441c81be6d28daa9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-6d2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p6pY1jSqpWRTOqLsiSEwlQ441S4L9rl9TOQOUkX4L1wsdF3PI8xaOtiYQ0nibD2cJa7cTYcHxNQXs51yUpJBGs5sciQs%2FBoQEXRTrl%2B3hZqREjLWdyygwq%2B9OF1Z9j%2FUeGXoCb2y9t5mAqfQXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e8fe65b2b-VIE

GET
H3 200 arrow_drop_down.svg
landing.xuontiacompany.com/images/promo-images/t39/ 228 B
733 B 76ms
76ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/arrow_drop_down.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f45562c1bf1f621a1a24111f9ffd9b89c9eb806a116beff4079c9b0830d746

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-e4"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FNWFYJmjpPVIwGy7ny4Ry%2BlsARceNqwRsLGwOHPyQ5MivxUjP1OstAOLy2Okcis2RoaiYEgFgff2ZrE%2BivdbXT20ZUvQJ32qFwoVjFBHH20xyeToZ4MZ6qCYuFGnT7eFLzBjNcOX0Q1y04b0pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 86bdb29e8fe75b2b-VIE

GET
H3 200 DE.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 453 B
787 B 134ms
133ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/DE.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b40f2a19d1427470258e3c1114cfb1353d891819585f391d7b473813fbfc2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1c5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HszpSwYbflJACLZhpazHtFrZS0W40ooHMmF9WLuyUxgaO9%2B2QfkhGgaEPPmG4QtMSJqIRfzzcg89XGkizhn3GhpN2GTB1l3oRDLiW9Prw0CzIdYkxaRvy7has9Km3vBN0qtmj8E5VwNddRyOEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9fef5b2b-VIE

GET
H3 200 ES.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 1 KB
1 KB 134ms
133ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/ES.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab945250b36efab1b3edeb16672ce19aebd882decfd58d5d04451193c895114f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-5c0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8h1wVYe5J9ySAQWmdykwRITjtzYJlXGsSKNKsD73TkHvSjzSshEF4d4JCTcxboMkwJPUKjIom7HOwvXQeuJEbYEglYVke0v%2B8xshCBJshXvnsGH2s5L7P2Tyldmm0SgVWymaHau2Y9X4rqA6NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff05b2b-VIE

GET
H3 200 FR.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 463 B
777 B 203ms
201ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/FR.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c1f8387eaf1669b6a0df9c04b336701b0a3a5bd9a20e3eea2e1668e7387983

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1cf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rdHbvEbxkgCBvMl70dw79dRA%2BL6VekTB9NnbL1Lj1Z1wIzKBi1VrcerY7RdKxJtx0aWVTy71mBvZnokWqYxZYIbe1zJKh25koW84kE3cIHjQQ7sZLbitHfqiFM2ImemuLDYflz72pC1jq5B0sA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff25b2b-VIE

GET
H3 200 IT.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 477 B
813 B 204ms
202ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/IT.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d66b497d02a7cd78cc054be46c366281311d8da297d10444b882160db14219

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1dd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ViJzlR%2B21sqZ93Afo8Pxy63%2FPaJSTOhJjBE74WqYQ4%2BnLpNXDwj0rhZ6cE8N3LqAUXApLLfhDoP3UVirY5CNKF55oaKjNOyxrLWs6fyqlBUiz2NXjaM2KfjWYxXmocfkpF4x%2FXLoNm0gZBQZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff35b2b-VIE

GET
H3 200 NL.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 450 B
794 B 205ms
203ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/NL.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bbb643c2815a66a29683d9e538c3404f98fef3d0100113e0967ed6bc499988

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1c2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jl6qd4%2Ffllka%2BdhFZWokYHZu15dVCFAWn3d7szhpz4PZ14Pjps1BGdW9e7rG9%2FhNirpC31EW%2BrSu8WKb7WJ4WtgOIZbR8Z%2FahD8wmVQ4Zj52dk1IGXp%2FbCA9nC9WnX%2BLJ%2B1Bv2%2Bo4ZcaZa146g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff45b2b-VIE

GET
H3 200 PT.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 975 B
969 B 206ms
204ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/PT.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41dd81ecf0fdcf6065d7fba2ea5fcb2529529c981fc6066d70d8d98b778f9b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-3cf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otnshl0BWyObRbXs9Q7xkwk6Ab9pb2JHRTFYTdHXYE%2FLCbyMY1JjELu2BKva6%2FOkSwwVZ6MDeuXRB89UB93zAchbMwgjUD604gCykgd3jUmvVgqg4Q6uEcfDMrDTH6LqD3Dza5n2eAKD1Cfaxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff65b2b-VIE

GET
H3 200 feature_banner-1.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 18 KB
6 KB 206ms
205ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_banner-1.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922be72b779d865d3c4b03de3d2b134406ddc1c44700b69d57b3c84e3b60a733

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-4874"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LL170vFT9I88x1Klyss%2FhJp2b6pxB2fvYl0mveruktfoxNk4yhOmb9LFv%2BuPFEv4piA22nTt2EL7SzdnrGoZ7KIe6UXkvuSCmvr2BLDRD4tHS7jcwR5EV0jqGCPcuMksf4rYa5SUGFpb8B0yew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff75b2b-VIE

GET
H3 200 feature_logo_1.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 509 B
834 B 207ms
206ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_logo_1.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b226474e5f0bad40d1d89eb2ea0b7dc0baba05a0834fdb02173ea0d89894cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1fd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kuDfimzg%2Bkvfp8G41W0R1XpToOXFr2VgUpQlC3ctvjuQMsIUYAPOkGL4vsEkmkeWvG6I98fI4U%2BKy2Ayb99%2BM1GOWGpPxluSX2TqkmiW1XvbsZ5E91fTvzHISSGUgdHPPxYzi8hq%2F7IB9Mis4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff85b2b-VIE

GET
H3 200 feature_banner-2.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 10 KB
4 KB 208ms
207ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_banner-2.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f868a345a189b37840aee4d6942b2962a1742765cbfd97b9a04f0c7760eae03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6896
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-2612"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9wt3t4zESYikOsQ6inNGG8eK6o5XH2YBD%2BSCR7LslPRJnQEzPCsvtEmGpkRG21hsZJVWuRlONx%2B7ISmLNkXMwQvaYDnvS1%2BXSTJUZnvOWSp%2FieaIH3CARJpS2EAOEPHoh%2BcJ0kN58q%2FVac2iw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff95b2b-VIE

GET
H3 200 feature_logo_2.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 1 KB
1 KB 209ms
207ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_logo_2.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1a1fe492a8a08985a54167a852913066ad44e90162aa79386945861666f8fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6896
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-447"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfoUrY837DVsYZjZ8jyLW5bm23ZsiNbELIUZQVSneGeOxaVzcrGvPIfb6sCfjz3VXc5eAOTsKucGOcMR%2FvUn5KZF3qrWfrf7EOA4%2BUjYtkoGNzJGnxTKnd%2FVTd2dFQdKpifNAV2xCLKcgZvsXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ffa5b2b-VIE

GET
H3 200 feature_banner-3.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 11 KB
4 KB 209ms
208ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_banner-3.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622f8aeff490fce880850d1b8bd9d52f20aef04123a8417bbc44c9349cf9fac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6896
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-2db7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVgyAAkKynC%2FnZ%2FbBo3qaCQ8le6cCO3nToZOLblKciWRKZU2VWw7hBNFo1Y2EuWiDCFisWMQohgOR04HtOhxCzvutUWO5QPXfBeucnsB4xdOnjgz0%2FetaOpXSmuw0ENje6bNgj2wdR3iLma9XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ffb5b2b-VIE

GET
H3 200 feature_logo_3.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 4 KB
2 KB 210ms
209ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_logo_3.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b040d4e4c5a91e7bc8740c778fa738c8470dfac0588c5294ad2d90d899ede36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6896
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-e53"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81nRx%2BLmNeix1PjgcdsX%2BOuJOl60WbXs%2B50HSngTAtJG3lo3%2B2wdffIM3klBEXVwr0cvmWlL4Zg4J4GP6kAXG0YxAgvjh5TY7oHCk7vukdiT4YJTgii4QHXZzPLHwsnmqSXIqX7sXaffUMevtA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ffc5b2b-VIE

GET
H3 200 feature_banner-4.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 15 KB
5 KB 211ms
210ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_banner-4.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efd24949b583aee5301aeb16d27000b8bd5744343dbe55a3a02b17c6b10f10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6896
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-3c89"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6HgLJZRjKdC0AMSY2qXX1YY7qhFyL4RSpW8%2FjA964Nfy0IpNOWqMWH0quouKa%2Fq9AnxIRg3pkYeH%2B3gYclKKY1Ue0KlamGzLRmJcgX8LpNGA8eaBxRJxdL%2Fyebrq4L0nR%2BbmWLZwr9R%2F7sqSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ffd5b2b-VIE

GET
H3 200 feature_logo_4.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 1 KB
1 KB 268ms
267ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_logo_4.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fecd384266d355fe0d06767f5a866265809ab89150c27dea64e205a986d28b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-414"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xnCW%2BTQUseKxAvAOzCO%2FTTEiRrak30%2BSdPwT9diNUrjB2iVvr6PAlPh3uwQGpMAXM8PpUOorf6zCFCZBup1rzbEZCJCT%2Be%2FlE9Qtok1bSP3Q5AtB1smTXRyfF6iVfKqBz7N9y7IQ3Pkw5dimw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e98005b2b-VIE

GET
H3 200 Rate.svg
landing.xuontiacompany.com/images/promo-images/t39/ 309 B
738 B 269ms
268ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/Rate.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b6db83b2a1d77281219272959d3622392487eda0ce2ab2eead1c0891d3fe04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-135"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5P7rr1QtIcdE5UkW6J8zdXwYw7kwwcN4slWVPcRSebRqyYSKXsfwEEYmYXmpOKHJqSIXLIOt8vf3pLfZ3XGdPl4LlB6GH1G00YpvlgtFZclenbXO2Oeg78EDdaB6Nd8Tg1XAnQEBKWczwRMXGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e98025b2b-VIE

GET
H3 200 instruction.webp
landing.xuontiacompany.com/images/promo-images/t39/ 67 KB
67 KB 270ms
269ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/instruction.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
alt-svc: h3=":443"; ma=86400
content-length: 68124
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: "66018b7b-10a1c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPUIHVyq7kqTKtjVbXzhcahKkBxO1dpXWN9cNSUpYf160f9dgEmu3hxGKRlGO%2Fz5GVEEm0Z3aSSBZJx6ze9XJSc5ocravx0VxSA8nKX%2BfSy6O3qYe4%2B6lnASZIcbk6jgWwoslMwGWZNNrNxPQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bdb29e98035b2b-VIE

GET
H3 200 cursor-finger.webp
landing.xuontiacompany.com/images/promo-images/t39/ 580 B
1 KB 271ms
270ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/cursor-finger.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a818289b7887c0da0b8def330e0a6b14d94e0cfb11bd45a8262d644d6f1c41e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3293
alt-svc: h3=":443"; ma=86400
content-length: 580
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: "66018b7b-244"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XC7KBrykbCqUpINbFLUhwgl41QtsCYgpDAJSNYaRhsqk%2FNUY0g%2BIhoflNDgcpYN5HciT5zfHNt7NNlPLe%2BFLidXLth9GubGLVoFfkP30TFFmhU2Jn%2Fh2jaibZOYWQLSi%2FJmA3ej3stczKCogcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bdb29e98045b2b-VIE

GET
H3 200 compatability-banner.svg
landing.xuontiacompany.com/images/promo-images/t39/ 27 KB
10 KB 272ms
271ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/compatability-banner.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b37bf1274aca6936234156f537127881a4e4ff565c458068366a87365ea9c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6896
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-6d32"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oktDcW1XAVGr%2FqTUuIkgK7jA9eKINAR6dUA5guhjyFN6wKuzhbmYT3Y9IDhtEdzd4PesgdjC%2FmtOJL2S0CQWdlbg%2B74rcXK4ytC3G8%2FBdAhJI4VU0%2F5gsVwA3xl3%2BhYWQX3VURjdc%2BeNUZ1lGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e98055b2b-VIE

GET
H3 200 index.js Show response
landing.xuontiacompany.com/js/ 175 KB
41 KB 135ms
133ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/js/index.js?6f698578617efb5cd94aa49062c27274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eb719e33187bb05bb663864b85636b6a7fb3420b26cfeeb3fef7f95c1881aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-2bc2e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iwa0YMyjJfaWvNtUo0RBPsApOF1fMQczUnK1iuVktc%2FCVe5LFTovRr1lKJPREEtTbPPOUydL%2Fu8lMDQutw7lU%2F5eRrzkS0AZIGzQviYTBtoVgT81OE2sGN5vLgqofXZmrqYpyS6RljSgkkl36A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb29e9ff15b2b-VIE

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1019 B 194ms
69ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500&display=swap

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d1f8156fd08b1a0d08a77105ccb7d62ddab490ca320dd609bb7da52e82234de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 06:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 05:23:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 06:10:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
814 B 131ms
70ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 06:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 05:18:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 06:10:36 GMT

GET
H2 200 jfl2pu6cif Show response
www.clarity.ms/tag/ 650 B
1013 B 346ms
152ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jfl2pu6cif
Requested by: Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/js/index.js?6f698578617efb5cd94aa49062c27274
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 40caa355d9322a7bcf396031b383bea536cb1b55d06964a9aa994351de97503d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 29 Mar 2024 06:10:36 GMT
x-azure-ref: 20240329T061036Z-r07b1hg60t2e37rxee7eppht100000000czg000000009svw
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 banner-background.svg
landing.xuontiacompany.com/images/promo-images/t39/ 168 B
654 B 82ms
79ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/banner-background.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb0d0c5ee5d39d7dc1d7193638e693fc3da791189be9794efbaa2aa38466097c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-a8"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhYtnsd7EqTar%2FSDghWil9yjaiJGWry6yP93AljeltiUmoSHrGnGuz7C3nJXeKbAhcu5Ho01qWMqpADXMbu9xZbnItV%2BwD5zmi%2BRpdM37QhAaf0nQvLMKci3JqwDdMWWBLQU%2FAQ5r5iIi%2BX3bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 86bdb2a0497e5b2b-VIE

GET
H3 200 arrow_forward.svg
landing.xuontiacompany.com/images/promo-images/t39/ 249 B
702 B 83ms
81ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/arrow_forward.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87fda4f3a69241a941110f26d4837a768bf0a864e58aa79cf8d414fc9a0136c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-f9"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StZlxlP1EQX1N%2BRHxL%2Ba2xwjMBRRuPCoqbpci5q9k9YVOVwpH3HM0a56MnzX0P5ga481NaVgVOcBDItgO23DW0gbprFDaM%2Fq8R6%2FI5j%2Bi0%2BxfckswSKspmSoZKT6FW0LKSVIgTtqSRKjWwejIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 86bdb2a0497f5b2b-VIE

GET
H3 200 done_outline.svg
landing.xuontiacompany.com/images/promo-images/t39/ 259 B
712 B 79ms
77ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/done_outline.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b797c4abdedec3e173cdf21250305b33a5fbdf54466912ce75cc9f271da2c44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-103"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECiwST%2B4J%2BKSPHOT04cmDjMHemQza0osF3Pfd8tNpshuJzfjokpTV07Lwhnr%2B7qjbqCpmYipgrxiVkSL2%2FnLEe34EcrlmzjZGU2jWmNQY5ecuu8kl0ErRbI2WbAdl8jAdEbSuiwKxUJrw6Qg9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a049805b2b-VIE

GET
H3 200 makbook.svg
landing.xuontiacompany.com/images/promo-images/t39/ 11 KB
4 KB 82ms
79ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/makbook.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5735522be0fd6c5949744d53ec36ad657d676d33a8504b90c4fad119e718972

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-2d40"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6I3EMuLMbQVhtJY8m76NywMkQjw%2FaXTbXc4F7xNMrELowBOFQZl6K7G4yRS6Bta3G7B9BPI5Byf4KqEI%2BEy1jQZA%2BVRdkkM3UVp3CYIOYSbuCTO8QSBPDRWYp%2FmsdndUZdQwqfO9ydKp3Zpxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a049815b2b-VIE

GET
H3 200 geh.svg
landing.xuontiacompany.com/images/promo-images/t39/ 170 B
658 B 83ms
81ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/geh.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85e87c59be8a86993d61b2f5c0977b9a9ea899c14322757933e07da416a80d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-aa"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCa4mwFlKmN1MDqACLU3mu%2BeIoLDPq7K7dyQcKpc8nvAb32Xsn5RDIOQt3NT8uKKnuwLO%2BTZrZxzxYGV1BsURsWOr4ZRv6WyYrSk1%2B4mxnAuooeCzIW0L7DwxVT1DORuuzn8KDFHUkPjI8et%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 86bdb2a049825b2b-VIE

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 256ms
126ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://landing.xuontiacompany.com
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 301228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Mar 2025 18:30:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 203ms
74ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://landing.xuontiacompany.com
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:16:13 GMT
x-content-type-options: nosniff
age: 294863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Mar 2025 20:16:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 188ms
59ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://landing.xuontiacompany.com
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:44:23 GMT
x-content-type-options: nosniff
age: 253573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 07:44:23 GMT

GET
H3 200 5301.a5b789b0d9ff1142296e.js Show response
landing.xuontiacompany.com/js/ 3 KB
2 KB 104ms
104ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/js/5301.a5b789b0d9ff1142296e.js

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/js/index.js?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00072d46a005f453f0af4a155718a04202a7a8bc7d3805535b10ca78fce890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-a13"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=knGxzjCeHGnAVy3myOmugHI7aUOnSiHoICiArxFYrfnFEkVaCFgBHDtJglCgyqY7beZ75hNI8cuqNRFK%2FQ2E%2F5amklgIvZJJOBKA%2FRMm1uq1PG%2FXukmcQi4YzXnqOpo0JbXCG0ix0iJTXvUZqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a069935b2b-VIE

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 105ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WV373MWWXX&gtm=45je43r0v9138627631za200&_p=1711692636188&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1591470762.1711692636&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711692636&sct=1&seg=0&dl=https%3A%2F%2Flanding.xuontiacompany.com%2Ft39a%3Fclk_domain%3Dtrack.extension-install.com%26flow%3Dbinom%26campaignId%3D30024%26cid%3Dco35mmr2r96s73b6dh2g%26source%3DPandaRTB%2520(Adsterra-Adult)%26lpkey%3D171165daff9eefa7a5b82ca7edcdaccf29ee192935%26isV2%3Dtrue&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=772
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:10:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://landing.xuontiacompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 US.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 3 KB
1 KB 103ms
103ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/US.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ebc5aaa8d469faabe54a6823e4101f324485b83e4600f9d8e7b9a7809f624d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-a2e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpZnuR7kxFra0PHarJrUk3or8e3cizi9U1WUFPRZJmC4b2zQ8Fc7dcGQvxSV%2B0SHZ8sa9oJnaA9P979Ig%2BoelOwRBWtnFDOBqTq%2B6mVCtUZESczmgGHLO%2B%2FNkX029L42QfVj1NclxAnH%2FCSMBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a11a215b2b-VIE

GET
H3 200 instruction-en.webp
landing.xuontiacompany.com/images/promo-images/t39/instruction/ 67 KB
67 KB 106ms
106ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/instruction/instruction-en.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 68124
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: "66018b7b-10a1c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Gg%2FM8sODjPCuMkOwT9tI42Xl6NVLO9M6%2FVhXB5UQXloWng72alvWWaIm9Uy70FJSPjKBTADIWz9KY%2B3Zi9otw%2B4w1aA0xvdlR%2Fbv1VlopefcRRsyTbcAjvg7QLzXQsSEGYNV%2FMsPTRCo4B%2BYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bdb2a11a235b2b-VIE

GET
H3 200 logo-full.svg
landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/ 28 KB
11 KB 77ms
77ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/logo-full.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90597e5f5b82b89af25836180dcd0181fbc6f6d32a07408802529db0a69b2148

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2008
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-71a9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2rYwWO3uBK8nabbM5xsvq%2BUnat7kE7q9wkKegrr6YoEW6SOxHzDX1jTIBD99yFOR9Pwew2WxJKGQAcuAL9MbeU8hCZPz3VdRdZ%2ByxEhMqt8Mi7tIPNPxIpT1qSIC9O%2FTw%2B7ktIVa2rqT6V24g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a11a245b2b-VIE

GET
H3 200 chrome-icon.svg
landing.xuontiacompany.com/images/promo-images/t39/ 6 KB
2 KB 76ms
75ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/chrome-icon.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c9974fc6f862743b88b99a74aecc083e75668bcbf2e24c45c590de7ba197ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-19ff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7feFdHNCu%2Fg2GqXUEk2hHN14hod1%2Fq4R8IcwZi%2Bdn27UcHVz1X19pae9QVI8CKOGTqadPQ83gBWPgfk4YBY%2B5NCoUT1NY%2FTKRLmsVfxb%2FAd%2BvYHXEeIXKZ68RtTh36gBFKcpEJpdk79YF9Ftsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a11a265b2b-VIE

GET
H3 200 chrome_store_icon.svg
landing.xuontiacompany.com/images/browser-icons/ 2 KB
1 KB 78ms
78ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/browser-icons/chrome_store_icon.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-853"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2Bx%2FFZwmFp849Tej25YpFPeHWpgWcQ6ECULiiBTTqn57DUctdQMgde32GSnYdoLuPHa9wcf6tL2JmPn87YCzHHK%2BrZi2Suc2jsjsiTI3%2FzQ9xEg2cGAmL92mj5m%2FhhV6ApwjY7eGacdSbkjuJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a11a275b2b-VIE

GET
H3 200 logo.svg
landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/ 3 KB
2 KB 80ms
80ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/logo.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a4cd38860b44bc04c63b1ed77464018947977ef14a0fcee06305c385131f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-a0b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7mxQyD8sKrNQRoUJmRu3G7RZM1JXG%2FV2GVjqJk5Gthrpg7vwIiuQllHdL9dNQ2pKs8XDJSn5YwhknKPSs3k3becPEYFBWc0iS8%2FpPNZcbmHltcd6wzGgqEOtyRmo4%2Fc%2FCh8jXdIzWKBvWjTBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a11a285b2b-VIE

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.26/ 60 KB
25 KB 119ms
119ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.26/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jfl2pu6cif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
content-encoding: br
last-modified: Wed, 27 Mar 2024 19:34:44 GMT
etag: W/"0x8DC4E94F45C2BE5"
vary: Accept-Encoding
x-azure-ref: 20240329T061036Z-r07b1hg60t2e37rxee7eppht100000000czg000000009svz
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d1339745-401e-0078-7c9a-808d23000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET click
track.extension-install.com/ 0
0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=98FA3A6356564DA99853EBF7F1393D9E&RedC=c.clarity.ms&MXFR=06B9831639E46DBD335697473DE46387
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=98FA3A6356564DA99853EBF7F1393D9E&MUID=2E62BB5A97BB69FE18F2AF0B966968A3

42 B
442 B

71ms
71ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=98FA3A6356564DA99853EBF7F1393D9E&MUID=2E62BB5A97BB69FE18F2AF0B966968A3
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://landing.xuontiacompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:10:36 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:10:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CDB9D26DA5FD474B9452B85947310306 Ref B: FRAEDGE1207 Ref C: 2024-03-29T06:10:37Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=98FA3A6356564DA99853EBF7F1393D9E&MUID=2E62BB5A97BB69FE18F2AF0B966968A3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 favicon.ico
landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/ 15 KB
3 KB 78ms
78ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c47638737af0b83274c4cae018c7cb494bb8618bacdf867e84cb122230247e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:10:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5338
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-3aee"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uY4WKIJdzCKvrfaFzvK9NHn9%2F8hmGdw4bogKYdEh9wHzo7s0FSjDJJJcpt7fCXsbbUx8f%2BM0rwZQDMePEG0UD1fZHN2bH8Ych6W8E9k4c39QogAAUTCoW4qoxlybBCUpZOxR%2BPVNJIbCZzA9Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86bdb2a34bcd5b2b-VIE

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
306 B 426ms
141ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.26/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://landing.xuontiacompany.com
Date: Fri, 29 Mar 2024 06:10:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 36ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WV373MWWXX&gtm=45je43r0v9138627631za200&_p=1711692636188&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1591470762.1711692636&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1711692636&sct=1&seg=0&dl=https%3A%2F%2Flanding.xuontiacompany.com%2Ft39a%3Fclk_domain%3Dtrack.extension-install.com%26flow%3Dbinom%26campaignId%3D30024%26cid%3Dco35mmr2r96s73b6dh2g%26source%3DPandaRTB%2520(Adsterra-Adult)%26lpkey%3D171165daff9eefa7a5b82ca7edcdaccf29ee192935%26isV2%3Dtrue&dt=&en=promo_page_view&_ee=1&ep.landing_extensionName=AdBlocker%20%26%20Privacy%20Protector&ep.landing_browserName=Chrome&ep.landing_locale=en&ep.landing_linkForOfferBtn=https%3A%2F%2Ftrack.extension-install.com%2Fclick%3Flp%3D1&ep.landing_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&ep.landing_promo=t39a&ep.landing_clk_domain=track.extension-install.com&ep.landing_flow=binom&ep.landing_campaignId=30024&ep.landing_cid=co35mmr2r96s73b6dh2g&ep.landing_source=PandaRTB%20(Adsterra-Adult)&ep.landing_lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&ep.landing_isV2=true&ep.isStatic=true&_et=2&tfd=5775
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:10:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://landing.xuontiacompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.extension-install.com
URL: https://track.extension-install.com/click?upd_clickid=co35mmr2r96s73b6dh2g&add_event6=1

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
track.extension-install.com/	1970-01-21 04:13:48	Name: uclick Value: mumDwFxdMd813+qiOGCYtgAXhquy/OAsIEbvgCssOjhLQw8wmomAWkJlHRARBpJatV3ceCw=
track.extension-install.com/	1970-01-21 04:13:48	Name: bcid Value: co35mmr2r96s73b6dh2g
track.extension-install.com/	1970-01-21 04:13:48	Name: cid Value: co35mmr2r96s73b6dh2g
.xuontiacompany.com/	1970-01-21 05:04:12	Name: _ga Value: GA1.1.1591470762.1711692636
.xuontiacompany.com/	1970-01-21 05:04:12	Name: _ga_WV373MWWXX Value: GS1.1.1711692636.1.0.1711692636.0.0.0
.xuontiacompany.com/	1970-01-21 05:04:12	Name: clk_domain Value: track.extension-install.com
.xuontiacompany.com/	1970-01-21 05:04:12	Name: flow Value: binom
.xuontiacompany.com/	1970-01-21 05:04:12	Name: campaignId Value: 30024
.xuontiacompany.com/	1970-01-21 05:04:12	Name: cid Value: co35mmr2r96s73b6dh2g
.xuontiacompany.com/	1970-01-21 05:04:12	Name: source Value: PandaRTB (Adsterra-Adult)
.xuontiacompany.com/	1970-01-21 05:04:12	Name: lpkey Value: 171165daff9eefa7a5b82ca7edcdaccf29ee192935
.xuontiacompany.com/	1970-01-21 05:04:12	Name: isV2 Value: true
www.clarity.ms/	1970-01-21 04:13:48	Name: CLID Value: 37e9b438990f4f3cb8011335f5cfd2e9.20240329.20250329
.xuontiacompany.com/	1970-01-21 04:13:48	Name: _clck Value: 18i6oj3%7C2%7Cfkh%7C0%7C1549
.bing.com/	1970-01-21 04:49:48	Name: MUID Value: 2E62BB5A97BB69FE18F2AF0B966968A3
.c.bing.com/	1970-01-20 19:38:17	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:49:48	Name: SRM_B Value: 2E62BB5A97BB69FE18F2AF0B966968A3
.xuontiacompany.com/	1970-01-20 19:29:39	Name: _clsk Value: 2m5qoz%7C1711692637172%7C1%7C1%7Cn.clarity.ms%2Fcollect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:49:48	Name: MUID Value: 2E62BB5A97BB69FE18F2AF0B966968A3
.c.clarity.ms/	1970-01-20 19:38:17	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:28:13	Name: ANONCHK Value: 0

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Access to XMLHttpRequest at 'https://track.extension-install.com/click?upd_clickid=co35mmr2r96s73b6dh2g&add_event6=1' from origin 'https://landing.xuontiacompany.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://track.extension-install.com/click?upd_clickid=co35mmr2r96s73b6dh2g&add_event6=1 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co35mmr2r96s73b6dh2g&source=PandaRTB%20(Adsterra-Adult)&lpkey=171165daff9eefa7a5b82ca7edcdaccf29ee192935&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
landing.xuontiacompany.com
n.clarity.ms
region1.google-analytics.com
track.extension-install.com
www.clarity.ms
www.googletagmanager.com
track.extension-install.com
188.114.97.3
2001:4860:4802:32::36
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2008
2a06:98c1:3121::3
52.184.204.244
52.58.28.63
68.219.88.97
028742888440e1d1d15e11e84518771a205b45bfd51c8ebbef169ac7533b96e2
0eb719e33187bb05bb663864b85636b6a7fb3420b26cfeeb3fef7f95c1881aa2
2d1f8156fd08b1a0d08a77105ccb7d62ddab490ca320dd609bb7da52e82234de
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8
40caa355d9322a7bcf396031b383bea536cb1b55d06964a9aa994351de97503d
41dd81ecf0fdcf6065d7fba2ea5fcb2529529c981fc6066d70d8d98b778f9b2c
4f868a345a189b37840aee4d6942b2962a1742765cbfd97b9a04f0c7760eae03
4fecd384266d355fe0d06767f5a866265809ab89150c27dea64e205a986d28b5
53a4cd38860b44bc04c63b1ed77464018947977ef14a0fcee06305c385131f5f
55c1f8387eaf1669b6a0df9c04b336701b0a3a5bd9a20e3eea2e1668e7387983
5b226474e5f0bad40d1d89eb2ea0b7dc0baba05a0834fdb02173ea0d89894cb1
5cd2061a7b11b9e3b2e56b8f53a7ea2547fc6b465d13bf5441c81be6d28daa9c
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d
622f8aeff490fce880850d1b8bd9d52f20aef04123a8417bbc44c9349cf9fac8
67c9974fc6f862743b88b99a74aecc083e75668bcbf2e24c45c590de7ba197ac
7b37bf1274aca6936234156f537127881a4e4ff565c458068366a87365ea9c59
7b40f2a19d1427470258e3c1114cfb1353d891819585f391d7b473813fbfc2dd
84ebc5aaa8d469faabe54a6823e4101f324485b83e4600f9d8e7b9a7809f624d
85e87c59be8a86993d61b2f5c0977b9a9ea899c14322757933e07da416a80d8a
87fda4f3a69241a941110f26d4837a768bf0a864e58aa79cf8d414fc9a0136c3
90597e5f5b82b89af25836180dcd0181fbc6f6d32a07408802529db0a69b2148
90b6db83b2a1d77281219272959d3622392487eda0ce2ab2eead1c0891d3fe04
922be72b779d865d3c4b03de3d2b134406ddc1c44700b69d57b3c84e3b60a733
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b040d4e4c5a91e7bc8740c778fa738c8470dfac0588c5294ad2d90d899ede36
9efd24949b583aee5301aeb16d27000b8bd5744343dbe55a3a02b17c6b10f10f
9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180
a6d66b497d02a7cd78cc054be46c366281311d8da297d10444b882160db14219
a818289b7887c0da0b8def330e0a6b14d94e0cfb11bd45a8262d644d6f1c41e9
ab945250b36efab1b3edeb16672ce19aebd882decfd58d5d04451193c895114f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b05dda93023f32a8359320b32e9cc38bb29000ec93baf0e318f4896c80207f79
b5c0d9109c004672147938c384a8b21308519fe7c8bc08d6d7d1561a819bd7e9
b797c4abdedec3e173cdf21250305b33a5fbdf54466912ce75cc9f271da2c44f
b8bbb643c2815a66a29683d9e538c3404f98fef3d0100113e0967ed6bc499988
bb0d0c5ee5d39d7dc1d7193638e693fc3da791189be9794efbaa2aa38466097c
c5735522be0fd6c5949744d53ec36ad657d676d33a8504b90c4fad119e718972
c62d3a70e31c32abd6e63eb1b47a484778bd60d71861daa62b655a1246be2478
d00072d46a005f453f0af4a155718a04202a7a8bc7d3805535b10ca78fce890b
d9f45562c1bf1f621a1a24111f9ffd9b89c9eb806a116beff4079c9b0830d746
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c47638737af0b83274c4cae018c7cb494bb8618bacdf867e84cb122230247e
f1a1fe492a8a08985a54167a852913066ad44e90162aa79386945861666f8fd4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

landing.xuontiacompany.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

64 %IPv6

8 Domains

10 Subdomains

10 IPs

4 Countries

427 kBTransfer

904 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

landing.xuontiacompany.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

64 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

427 kB
Transfer

904 kB
Size

22
Cookies

50 HTTP transactions
0 data transactions