landing.xuontiacompany.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://runsolinco.shop/blogs/rntvdcqrze
Effective URL:
https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0...
Submission Tags: @phish_report
Submission: On March 29 via api (March 29th 2024, 8:40:40 am UTC) from FI — Scanned from FI

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 14 domains to perform 54 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is landing.xuontiacompany.com.
TLS certificate: Issued by GTS CA 1P5 on March 18th 2024. Valid for: 3 months.

This is the only time landing.xuontiacompany.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.214.138 172.67.214.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	104.20.67.115 104.20.67.115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	149.56.240.31 149.56.240.31	16276 (OVH) (OVH)
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
36	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.74 142.250.186.74	() ()
54	8

1 172.67.214.138 (United States)

ASN13335 (CLOUDFLARENET, US)

runsolinco.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.67.115 (None, )

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.13 (Ashburn, United States) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

agitationfourthplug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

track.extension-install.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

landing.xuontiacompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.74 (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	xuontiacompany.com landing.xuontiacompany.com	251 KB
3	agitationfourthplug.com 1 redirects agitationfourthplug.com — Cisco Umbrella Rank: 994253	5 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 15493 s4.histats.com — Cisco Umbrella Rank: 15484	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	196 KB
1	extension-install.com 1 redirects track.extension-install.com	428 B
1	runsolinco.shop runsolinco.shop	1 KB
0	google-analytics.com Failed region1.google-analytics.com Failed
0	gstatic.com Failed fonts.gstatic.com Failed
0	clarity.ms Failed www.clarity.ms Failed
0	proftrafficcounter.com Failed proftrafficcounter.com Failed
0	google.fi Failed www.google.fi Failed
0	doubleclick.net Failed stats.g.doubleclick.net Failed
0	google.com Failed region1.analytics.google.com Failed
54	14

	Domain	Requested by
36	landing.xuontiacompany.com	landing.xuontiacompany.com
3	agitationfourthplug.com	1 redirects runsolinco.shop
2	fonts.googleapis.com	landing.xuontiacompany.com
2	www.googletagmanager.com	runsolinco.shop landing.xuontiacompany.com
1	track.extension-install.com	1 redirects
1	s4.histats.com	s10.histats.com
1	s10.histats.com	runsolinco.shop
1	runsolinco.shop
0	region1.google-analytics.com Failed	www.googletagmanager.com
0	fonts.gstatic.com Failed	fonts.googleapis.com
0	www.clarity.ms Failed	landing.xuontiacompany.com
0	proftrafficcounter.com Failed	agitationfourthplug.com
0	www.google.fi Failed
0	stats.g.doubleclick.net Failed	www.googletagmanager.com
0	region1.analytics.google.com Failed	www.googletagmanager.com
54	15

This site contains no links.

Subject Issuer	Validity	Valid
runsolinco.shop GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
agitationfourthplug.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
histats.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
xuontiacompany.com GTS CA 1P5	`2024-03-18` - `2024-06-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
Frame ID: F9E5DAFEED1C78162259F04A7C366C3A
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://runsolinco.shop/blogs/rntvdcqrze Page URL
https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2... Page URL
https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2... HTTP 302
https://track.extension-install.com/click?key=7f02eb1c8ef2efa42fc2&visitor_id=FxECclBDW0dkfFggWEV3U18ASGEUTUhPbG... HTTP 307
https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

54
Requests

83 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

8
IPs

5
Countries

458 kB
Transfer

1118 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://runsolinco.shop/blogs/rntvdcqrze Page URL
https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZQ== Page URL
https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZSZwc3Q9MTcxMTcwMTY5NiZyZWZlcj1odHRwcyUzQSUyRiUyRnJ1bnNvbGluY28uc2hvcCUyRiZybXRjPXQmc2h1PWQ0NzJjZWY4MmEyMjE1N2EwYTViMzYyZjg1MmQ1NGNjNzEzNTBmYTllNTNiZjVjMzA1YWFmNTNkMjRmOGZiMzMzYTI2OGQ5ODc2ZjQ4NTEzZTczOGFjODUyODEzNzViMjAyY2Y3NGUyYzg2OTk1OGFiZGFkNjNiY2Q1Y2Q5ZWE5ZTQ3MjNiMzUwMzU1MGJlZTI5ZDU5ZjIyMWVkOTYyMDE1ZGY1NDEwMzU0OTE3OTI0M2I5NGJiNzliYzAx&uuid=&pii=&in=false HTTP 302
https://track.extension-install.com/click?key=7f02eb1c8ef2efa42fc2&visitor_id=FxECclBDW0dkfFggWEV3U18ASGEUTUhPbGFWZAxSb1tOBFchE0lSFGJ9HH8OVmBVDwdQbkpOUhF4Nh91WAIrB10GACBGW0ZXM2ZYfEhWdVhbB1xyQ1tGVzNnWHxYVH5WQBECe1BDXUdlYlZkDF5vW1gfRiVDSUhPdzMZdFxSf1daHgYgRx1HQTRiQmsIAStSQQcCcUAYXEwwM0x-DkVhQwoCVWFIS0ZXM2FIZFBTYUMKAldhSEtGVzNhTmRQU2FDCgJRYUhPWUN5chx3XEV3VlofRiVDTkhPbWVJakgBfFhOCVV3R1VIE2diWHxZGg&zoneid=18974811&campaignid=2337&CreativeID=7202&siteid=73ba08a7-f9d1-4c44-878d-fe32eff15dc4&domain=18974811&keywords=adult%2520social&placement_id=18974811&banner_id=7202 HTTP 307
https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 rntvdcqrze Show response
runsolinco.shop/blogs/ 2 KB
1 KB 684ms
180ms Document
text/html 172.67.214.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://runsolinco.shop/blogs/rntvdcqrze

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.214.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b43f56645c08f6316aad77e5440c21ee35f39c5505e145f3f33ed8804d1871e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: fi-FI,fi;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86be8e551c748f55-CPH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Mar 2024 08:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B58EKSnEHdYcR0fPYlTyuEY2exgKNTKGQsVY8k0gi2q%2BG7z7CwOMuOYvKJb9gN%2Bnmrufbca%2BJFZM7UYkFZ8L%2BjSlbNbvZ64JkDDLdIKpax6b3ECGPct6fUNF%2FYKi5lfj8cE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 js
www.googletagmanager.com/gtag/ 319 KB
105 KB 942ms
143ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6V5201028T

Requested by

Host: runsolinco.shop
URL: https://runsolinco.shop/blogs/rntvdcqrze

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://runsolinco.shop/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 08:40:36 GMT

GET
H2 200 js15_as.js
s10.histats.com/ 11 KB
5 KB 529ms
60ms Script
text/javascript 104.20.67.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: runsolinco.shop
URL: https://runsolinco.shop/blogs/rntvdcqrze
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.67.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://runsolinco.shop/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 59323
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 86be8e591a8d8d67-HEL
content-length: 4547

GET
H/1.1 200
OK users
agitationfourthplug.com/api/ 3 KB
3 KB 1012ms
295ms Document
text/html 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZQ==

Requested by

Host: runsolinco.shop
URL: https://runsolinco.shop/blogs/rntvdcqrze

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://runsolinco.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: fi-FI,fi;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 29 Mar 2024 08:40:36 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.19.5
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
X-Request-ID: 80ddedf026de554caff9597a2fc49bd1

GET
H/1.1 200
OK 0.php
s4.histats.com/stats/ 52 B
186 B 512ms
160ms Script
text/html 149.56.240.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4764170&@f16&@g1&@h1&@i1&@j1711701636055&@k0&@l1&@mrunsolinco.shop%20-%20We%20apologize%20for%20the%20inconvenience%2C%20but%20we%27re%20performing%20some%20maintenance.&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u800&@b1:-63883695&@b3:1711701636&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Frunsolinco.shop%2Fblogs%2Frntvdcqrze&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534110.ip-149-56-240.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://runsolinco.shop/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 29 Mar 2024 08:40:34 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

POST collect
region1.analytics.google.com/g/ 0
0

POST collect
stats.g.doubleclick.net/g/ 0
0

GET ga-audiences
www.google.fi/ads/ 0
0

GET stats
proftrafficcounter.com/ 0
0

GET
H/1.1 200
OK favicon.ico
agitationfourthplug.com/ 0
319 B 156ms
156ms Other
image/x-icon 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://agitationfourthplug.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-full-version: "123.0.6312.86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT05Y2E2MDFhOWY0N2M3MzVkZjc2ZDVjYTQ2ZmEyNmE2NiZzdWJtZXRyaWM9MTg5NzQ4MTE
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.86", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.86"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 29 Mar 2024 08:40:36 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Content-Type: image/x-icon
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: c202a80afd9751b338cf23a307b44f1e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

Primary Request t39a Show response
landing.xuontiacompany.com/
Redirect Chain

https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZSZwc3Q9MTcxMTcwMTY5NiZyZWZlcj1odHRwcyUzQSUyRiUyRnJ1bnNvbGluY28uc2hvcCUyRiZybXRjPXQmc2h1P...
https://track.extension-install.com/click?key=7f02eb1c8ef2efa42fc2&visitor_id=FxECclBDW0dkfFggWEV3U18ASGEUTUhPbGFWZAxSb1tOBFchE0lSFGJ9HH8OVmBVDwdQbkpOUhF4Nh91WAIrB10GACBGW0ZXM2ZYfEhWdVhbB1xyQ1tGVzN...
https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7...

15 KB
3 KB

666ms
112ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05dda93023f32a8359320b32e9cc38bb29000ec93baf0e318f4896c80207f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://agitationfourthplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: fi-FI,fi;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-full-version: "123.0.6312.86"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.86", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.86"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86be8e6b9a4992c2-CPH
content-encoding: br
content-type: text/html
date: Fri, 29 Mar 2024 08:40:39 GMT
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKCmXj8xZZdvCbV6dLIyWuAWWnq%2FVmJYCOS%2BrJ4vpqpKOaitzGZvPJbKBwv7np21oTCCkdUZ44jtB2gX2SQIl1LF9UWLyHr6nzaP5fG%2FqvkO2pqKsyVLDhr3HSb7UfVha2Iw2TjztAc2NNktAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

content-length: 0
date: Fri, 29 Mar 2024 08:40:38 GMT
location: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB (Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
server: Caddy
x-request-id: b83ba135-f95e-46de-a1f4-07e0871c1dcc

GET
H2 200 style.css
landing.xuontiacompany.com/t39a/ 15 KB
4 KB 97ms
90ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c62d3a70e31c32abd6e63eb1b47a484778bd60d71861daa62b655a1246be2478

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323721
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-3c67"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpXajOYdHasM9bB1R%2BW7JS9FolzFqVlw1KTZ2E%2Bmrx9CHkPeC6mmmpK0DtezGD8BT5C9hXjiUeVmQtKNDcZA9iiEBMf8EquNbPLVwjRPm2xj6gpx7%2FsgvAT8i%2FGhkqeBkFlmaTpSKwG4YxD6vA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86be8e6c8cb292c2-CPH
expires: Tue, 25 Mar 2025 14:45:18 GMT

GET
H2 200 shared.css
landing.xuontiacompany.com/styles/ 25 KB
6 KB 105ms
101ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

028742888440e1d1d15e11e84518771a205b45bfd51c8ebbef169ac7533b96e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-62ee"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=krWqgkie9OHWkYm55SrWSz9fLTk4pebPvD10IUvQxUu9AkSbCyBhoz15d0Hxow%2B1s0h3Fw8Gd4ffbN%2FQKflm7%2F%2FkEN76kV0ml0rSdS2IqzvtvtV7AZ48Bc4Jtbh0jYNuvaiBXF73Wxzq2SVg5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6caceb92c2-CPH

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
91 KB 710ms
136ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4da58f4f326646f97926c58d6a93823ce29880f71950147f3bc2c23cb27747f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 08:40:39 GMT

GET
H2 200 EN.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 2 KB
907 B 108ms
105ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/EN.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd2061a7b11b9e3b2e56b8f53a7ea2547fc6b465d13bf5441c81be6d28daa9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-6d2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAEAMfmTFyrjrL4I49f7HkGklLdja2PVs8m9w3NhbkpH9em27RgU6gtc5nMC0kmZvmU7drjxpoWozHNYYbj%2B4LiiIrbmGn8KJdt%2Fc5TkWh0Y%2B4bx2OpttkbYWOmvwZsoQobqt4yrdyhfBFPNtg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6cacef92c2-CPH

GET
H2 200 arrow_drop_down.svg
landing.xuontiacompany.com/images/promo-images/t39/ 228 B
482 B 110ms
108ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/arrow_drop_down.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f45562c1bf1f621a1a24111f9ffd9b89c9eb806a116beff4079c9b0830d746

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-e4"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcUqwP4zP4%2B2BHq0FoqB%2BdLp51BbOoX0fdakrOGS9R8skvFoibD2NFrjoDuuPVhCC2amqRWatYOUGDcd4pEcIpWkW4csi1Jx7BTkFfKXHzRxlClTFQZOtoythD9mpJWiWanHYXwI%2BbdHD7LZ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 86be8e6cacf392c2-CPH

GET
H2 200 DE.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 453 B
582 B 91ms
85ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/DE.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b40f2a19d1427470258e3c1114cfb1353d891819585f391d7b473813fbfc2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1c5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wx9MBqY5%2Fd5AyEOXc49hJfzhM0SPXUiPG9Zx2o%2B5rgKqTC%2B4JYvhrNJZF%2B6FqK0toIQuUbrY%2FucKWLC%2BakCo8qUuMU9eVHpH%2FLEneKIs%2BTCsUCHwPOIeoZ0ML9MpMJZsgZp74UhD4lEbNLzLbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6ced7292c2-CPH

GET
H2 200 ES.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 1 KB
957 B 93ms
87ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/ES.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab945250b36efab1b3edeb16672ce19aebd882decfd58d5d04451193c895114f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-5c0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BleHtHX%2FhsPQA03CFpWjgCJvWqyehNjAzcOiTTQIJ%2FIhkDG6W1mQmpEOBk6Ilr7pFFOd1%2BkYi%2FDSNyeqrkI2nujI%2Fhgn3quS5lcPBylpfPu%2FTO72ZWO3nux1qdzyWFsMRU2vUU6Kg4B5nOn75A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6ced7392c2-CPH

GET
H2 200 FR.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 463 B
565 B 90ms
86ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/FR.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c1f8387eaf1669b6a0df9c04b336701b0a3a5bd9a20e3eea2e1668e7387983

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1cf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kv25%2BWW7ox4vt0vFVP87GBW%2FieC%2B28iH6gvQ6KpShccGUgUjRc4sC9K3YYEoY6t3vFlqaCqF9SN73me2UtHyx6Wm0Mo3QpLuOBdFkVxICZUPCPu0pfQH6tzPlzy1OJN5SaRp1lymy7%2Bn5kOIVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6ced7c92c2-CPH

GET
H2 200 IT.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 477 B
610 B 130ms
126ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/IT.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d66b497d02a7cd78cc054be46c366281311d8da297d10444b882160db14219

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1dd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoq1IBIhgAc%2F7uS0Npm7cxFfmkYPYUWW%2FeDe1OzaYKI1gkWJi8vNsl6DW7ZiqkyduAjXBgHYBpBxMjYpfBWZkKuYhSr1gReqz1zFoXszPIx605yT%2FzjLguSgSvH%2BvKol7Wd5HgOlzOgN1I4bJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e0592c2-CPH

GET
H2 200 NL.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 450 B
569 B 133ms
129ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/NL.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bbb643c2815a66a29683d9e538c3404f98fef3d0100113e0967ed6bc499988

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1c2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ak3p41JbXISMFhOgrFM4XevV7uBfDcTCM0J7nwUjkik34lInHpbk0ptvEZiAIuugIWfuARz0yn193BjTb5vrAgcFxQgfVEf%2FdxMLCDFeULu%2FXoHExFgedSLBlXvCPXeNPtvwZSowyDmuUgBTLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e0b92c2-CPH

GET
H2 200 PT.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 975 B
769 B 138ms
134ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/PT.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41dd81ecf0fdcf6065d7fba2ea5fcb2529529c981fc6066d70d8d98b778f9b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-3cf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mABpmt7eWOdDhVnmUukziUnAzQ8geJ1lV5Sn9DgSkPfQPBw6I1nCYlNGgavIY50zKuarV5q7w167XezKUIs7pxt6D5wSEM%2Fq3t3%2B%2B4dk1aAYqVp7T0QsrvteegtG8u%2FFLgVBkWDjBqkBZDvC5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e0d92c2-CPH

GET
H2 200 feature_banner-1.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 18 KB
6 KB 139ms
135ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_banner-1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922be72b779d865d3c4b03de3d2b134406ddc1c44700b69d57b3c84e3b60a733

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-4874"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lu3rdWDNQH8WD72WOp3UIA%2BTkpyKMut0kXHneH%2BHo1OVeKmdsB%2Biku8h3YWv5CraJSt3J2ixzKXkyOH%2F8pV2IY1V%2Fw%2F6bXdAjpch2hdHhJW4jE2IopaSLXG1VKHK4XrFrM6IeUNoRhpENPMtfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e1092c2-CPH

GET
H2 200 feature_logo_1.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 509 B
830 B 135ms
131ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_logo_1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b226474e5f0bad40d1d89eb2ea0b7dc0baba05a0834fdb02173ea0d89894cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-1fd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1x%2FiYLXvuiGEO1N3vDXaQFGtmC60qnwJYpVCXBHwZICeUTLvShuu5plazcM76mKfLHAny9NeCKtfPyn4U4hqbrV2GVls1iR39cxpwpl1YKRK2RSeH2FtrZq1w4fORoK5jpDC3p7jw3Bk2gdiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e1292c2-CPH

GET
H2 200 feature_banner-2.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 10 KB
3 KB 133ms
130ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_banner-2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f868a345a189b37840aee4d6942b2962a1742765cbfd97b9a04f0c7760eae03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-2612"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F0F5ZDMWf7s0bvITXdOSTiJsSGBYIhu6rqgLWalencYlPfAl3bE%2FUC8mdS%2B0G0x2vfgIwghsHYv0jhLWpaVwKjeC6BlYTWEqWy%2Fc43mqLZvlE2uosdfV6JyjXiGRXT6G3baTi%2BricL4ianb8tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e1592c2-CPH

GET
H2 200 feature_logo_2.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 1 KB
825 B 130ms
127ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_logo_2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1a1fe492a8a08985a54167a852913066ad44e90162aa79386945861666f8fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-447"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzmQBNsk37Ny0psV8DrHBM9C96CPhV0bfys%2BeYHwJZOx8ZFkvMZe3ENClv7Un0ysfraGBJZLH2r9fvQ5HfLrKEnyK33WDOFp2vqnfrMnMIpwiQl2av8E%2BRDtaqGMZudtVtwzeC%2BNEbPBjj7BpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e1692c2-CPH

GET
H2 200 feature_banner-3.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 11 KB
4 KB 129ms
127ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_banner-3.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622f8aeff490fce880850d1b8bd9d52f20aef04123a8417bbc44c9349cf9fac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-2db7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9rhUDm34rw92%2Fos5OF9u9Uz2Y%2Br8rXIEmX4ME6AgEeFJk%2FgHHNL34xpjD2%2BbwjdOnvLIJQR0pi%2BaOF2HUjo%2FP6D6fntRMW9gtdjZh%2FaHZJcTil0KLc1ywUJSJTQa2KRlPSjBgU2vpb3Kewm5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e1792c2-CPH

GET
H2 200 feature_logo_3.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 4 KB
1 KB 133ms
130ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_logo_3.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b040d4e4c5a91e7bc8740c778fa738c8470dfac0588c5294ad2d90d899ede36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-e53"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5fLS1LCu203lYGI4WefG4J9lYvgH8RUAzdVEHA9cPL8%2Fb%2FwPgTwRjljCJGrFC4%2Fq5IREe23zuAZ%2B9D4dqQQyXbFsXeWVYxfdKguxHjU4mEwt7EF6DgYb6i8CRL7LrXlaVS%2FXTAziAT1YGIBLHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e1b92c2-CPH

GET
H2 200 feature_banner-4.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 15 KB
5 KB 139ms
137ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_banner-4.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efd24949b583aee5301aeb16d27000b8bd5744343dbe55a3a02b17c6b10f10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-3c89"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5JkgauD0VxXyu7AXAcp9Mun4O86MP%2FmvfL9sF9R3WvgFpmNObaTEU%2FdZs2GM%2FBmO7udqxQCHxEcs1XhoihJ1LYV4rlVJFrY657C%2BtzUXPiKAQqiwu74o2lYU9zpkbJucfpawoHse0AowwjRRtA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e1d92c2-CPH

GET
H2 200 feature_logo_4.svg
landing.xuontiacompany.com/images/promo-images/t39/features/ 1 KB
840 B 130ms
128ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/features/feature_logo_4.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fecd384266d355fe0d06767f5a866265809ab89150c27dea64e205a986d28b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-414"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FeVXkiWMUzSSpslC6eUd4Su0jsJLLMi5ziI%2B53y9w6A%2F%2BX4CjcBoLBGgjaIstnCQ1gskSPHlS%2Bayz%2FRkst0%2FOUoHgHLMTEgmcoqp2hP%2F6TxBpBE%2F2xQam%2FHB8kLO6cCX4lRaksE6WU856vp6Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e1f92c2-CPH

GET
H2 200 Rate.svg
landing.xuontiacompany.com/images/promo-images/t39/ 309 B
527 B 138ms
136ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/Rate.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b6db83b2a1d77281219272959d3622392487eda0ce2ab2eead1c0891d3fe04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-135"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yW6Mv9G43MMYfP6GU9Dwxh%2FkbAMgfj%2F5zD44nDaKpqUT8tu7JB92RORzuq4m0EY%2FSVRBI9sCPoVx67lI5beJVhJDkQytaNB9yemjxr4jo8n5beUC2%2B6UaqupI9MrSBobwtw%2FNmbKYqNTPoStCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e2292c2-CPH

GET
H2 200 instruction.webp
landing.xuontiacompany.com/images/promo-images/t39/ 67 KB
67 KB 140ms
138ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/instruction.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
alt-svc: h3=":443"; ma=86400
content-length: 68124
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: "66018b7b-10a1c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7lwgJJbd6Shx%2BD2kmToaro40ikGItr7xXwdQqvcWWWwd5%2BSEacItYfAbT%2Bqzzbz8vPdjqtEfNw0KkrANxRigtlIKfXJK5NIGY55LiPP4zGO0qVI5CTaiaFWFnJobaJylvgunkdPHYd6sm5QOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86be8e6d3e2692c2-CPH

GET
H2 200 cursor-finger.webp
landing.xuontiacompany.com/images/promo-images/t39/ 580 B
896 B 150ms
148ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/cursor-finger.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a818289b7887c0da0b8def330e0a6b14d94e0cfb11bd45a8262d644d6f1c41e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
alt-svc: h3=":443"; ma=86400
content-length: 580
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: "66018b7b-244"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HyqJbbHsTx90YdbHssF6rEyfGmmm8li03tbl7c8WgB9hNlIoTXWjxSdAmg9qViN1bwF0%2FUhQJTMzl3Kk4%2FRGxpEMLCteIg8Wze%2B3VFMDXvLyaTGqyXCKQcarJCgCC0ZOZ1s4rersqN4A2NlszQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86be8e6d3e2792c2-CPH

GET
H2 200 compatability-banner.svg
landing.xuontiacompany.com/images/promo-images/t39/ 27 KB
10 KB 133ms
132ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/compatability-banner.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b37bf1274aca6936234156f537127881a4e4ff565c458068366a87365ea9c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-6d32"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOMvqXUt%2FXJ1t1fi3fh1TuDDBnM3n%2FfIFsj8xApmRusflbxP1O46FycU7vlfiuW4H29It5QIErzYikvbFtKvmOiA%2FgQ62uY3UjGm0w2Nvs7kwGF11gIFcV7tBoSoIhMDF8Ny8RpviPrK8Yib%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6d3e2992c2-CPH

GET
H2 200 index.js Show response
landing.xuontiacompany.com/js/ 175 KB
41 KB 93ms
88ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/js/index.js?6f698578617efb5cd94aa49062c27274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eb719e33187bb05bb663864b85636b6a7fb3420b26cfeeb3fef7f95c1881aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-2bc2e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3SeD%2FV5%2Ftx6dn2r0cfRno4qRt4ZBD82D2Hq9pezbSF0uqE2CDJYzllQs5sFzgAb6DKLXD0QHBEll4J4wWDkBCaTPUBvWFGJpSit2rfm6rY6ONaPEjxc6aE23Zz%2BKSCHTqYsFJJgvg6DS8YikyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e6ced7592c2-CPH

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1019 B 671ms
117ms Stylesheet
text/css 142.250.186.74

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500&display=swap

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

2d1f8156fd08b1a0d08a77105ccb7d62ddab490ca320dd609bb7da52e82234de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 08:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 07:03:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 08:40:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
923 B 669ms
124ms Stylesheet
text/css 142.250.186.74

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 08:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 07:22:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 08:40:39 GMT

GET jfl2pu6cif
www.clarity.ms/tag/ 0
0

GET
H2 200 banner-background.svg
landing.xuontiacompany.com/images/promo-images/t39/ 168 B
453 B 85ms
83ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/banner-background.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb0d0c5ee5d39d7dc1d7193638e693fc3da791189be9794efbaa2aa38466097c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-a8"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5FTjToNTx7gCECjss1ZAlFsFuWIeS9KSJMJQWMgLWxn%2FzmZmcqQMKe0s4oyTE3u5PLeo%2Fum66VyRCfElHoAzXSBnQPaHGx4vVpC61KZg3UCHo7YcRqS5G8sy4I6MuO%2FN1BsnAbA6mNSYM%2Fu0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 86be8e715e8392c2-CPH

GET
H2 200 arrow_forward.svg
landing.xuontiacompany.com/images/promo-images/t39/ 249 B
698 B 84ms
82ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/arrow_forward.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87fda4f3a69241a941110f26d4837a768bf0a864e58aa79cf8d414fc9a0136c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-f9"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7SSEYS8HW1dd%2BY5RiIyohJDS%2FkFOXeVGeY5KgfTudPntx%2BbOyNG99MXNuNzQVl8%2BS%2BTGtotrUSTiB6Bsn1oXDjjm6qsq97lbVxiKiU4D9JoFJ%2FVXtZlwQ5awwT23n8E%2FTP9NJy8BxXtsgd51UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 86be8e715e8592c2-CPH

GET
H2 200 done_outline.svg
landing.xuontiacompany.com/images/promo-images/t39/ 259 B
507 B 105ms
104ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/done_outline.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b797c4abdedec3e173cdf21250305b33a5fbdf54466912ce75cc9f271da2c44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-103"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhB4mGBHznyM3cyyho0NhZvl%2Bq%2FXFFXfn7pQjxZ7ZybSVNL852nyed7rilS0D37mFteCHJjTcPZ6GqtudrK47VpNf4qO2zxVwwOVELveXktKyoX1hKUOCZPeiuzROi2xayBtYB%2FWmSA16vaMMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e719efb92c2-CPH

GET
H2 200 makbook.svg
landing.xuontiacompany.com/images/promo-images/t39/ 11 KB
4 KB 109ms
108ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/makbook.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5735522be0fd6c5949744d53ec36ad657d676d33a8504b90c4fad119e718972

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3060
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-2d40"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LJcPVQWdX505zC%2Fr9kcODV9lrepIl9hj2tKGPepSltf7umCsSJhJqjy4WLcO%2FbK8ZRZvBDZ2nwg7sQvQqYSu4B6D6oMi8WSBLsvX3RzW7bBaYg6cVn%2FqQOYdKjvuYNyG2OcYGOVlS2iViS48Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e719efe92c2-CPH

GET
H2 200 geh.svg
landing.xuontiacompany.com/images/promo-images/t39/ 170 B
436 B 115ms
115ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/geh.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85e87c59be8a86993d61b2f5c0977b9a9ea899c14322757933e07da416a80d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-aa"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgTWzTB2HrWgJDixzQ5HRa7OBuzKtzlM10TUEtKsrCjIqMi2tC3Qs2uaYmhB1nzhOA4V0TxToY2UtKiEmqpqAbh6ZlsW%2BmAFZkdbP1KWqFu%2F14pUg8N1pms31YnSumE6r0Fxnjnj8ZkDNglqFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 86be8e719f0192c2-CPH

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 0
0

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 0
0

GET KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 0
0

GET
H2 200 5301.a5b789b0d9ff1142296e.js Show response
landing.xuontiacompany.com/js/ 3 KB
2 KB 86ms
86ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.xuontiacompany.com/js/5301.a5b789b0d9ff1142296e.js

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/js/index.js?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00072d46a005f453f0af4a155718a04202a7a8bc7d3805535b10ca78fce890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-a13"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2W7dAEC3itkp392Oj7%2F%2FcJSvkJlGxp0X9DJ15hLlVBMFXvX5rjF34Tj8%2F%2B1wV1iswncim43eJU52fkbg2lZf0d9FcgSGSxvqD16NFztNAQR4sZgRTepYcbfqrea0s03CgN9uss1UHSwnsdXzbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e719f0492c2-CPH

POST collect
region1.google-analytics.com/g/ 0
0

GET
H2 200 US.svg
landing.xuontiacompany.com/images/promo-images/t39/locales/ 3 KB
1 KB 128ms
128ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/locales/US.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ebc5aaa8d469faabe54a6823e4101f324485b83e4600f9d8e7b9a7809f624d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-a2e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1E%2BWI8LkaWvh%2FOVjyk0vqeJeBKveuZhQvaYJHKZNmyXvy8oUmo%2FhakM8tmvCxyTje5Gv8W8OZi1GHYRCosY0qJyCbCqWTDdV3csgR4PMH9n8cTiYLyxGiAEjwMdf%2FwzWS5WKXlauhmZq1BikA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e7278b592c2-CPH

GET
H2 200 instruction-en.webp
landing.xuontiacompany.com/images/promo-images/t39/instruction/ 67 KB
67 KB 137ms
137ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/instruction/instruction-en.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a?clk_domain=track.extension-install.com&flow=binom&campaignId=30024&cid=co37t1j2r96s73b8cpr0&source=PandaRTB%20(Adsterra-Adult)&lpkey=171175daff9eefa7a5b82ca7edcdaccf29ee101938&isV2=true
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
alt-svc: h3=":443"; ma=86400
content-length: 68124
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: "66018b7b-10a1c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcvLODlDihotZLRQI%2B6UyIh0%2BoN0oy%2F0i%2FNTk%2Frp44tFW3DM6ytUjafBmRKgrg3X7xsV%2Fu%2B4Sh9Rb5S4chm9LqMHlTMVljHkKmTY30%2B8TGlW7OfbpNnXO3aZjSFMHtofH6QisWq5B58hbtYmgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86be8e72d97592c2-CPH

GET
H2 200 logo-full.svg
landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/ 28 KB
11 KB 144ms
142ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/logo-full.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90597e5f5b82b89af25836180dcd0181fbc6f6d32a07408802529db0a69b2148

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-71a9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdilkRp2MZ5Wzy%2FqUeBCcm7ohzrSFa8cSpKQ%2Bdcv7GhNj55Q0mM3osSMcfo1XRBvY7eTTXshxaL0nK1%2B9kZscu%2BAz0jOmmPFiccf8avOiryB7qlxrLIdxUTgjWcjhrUOig31DmMZ5u8jcgwHBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e72d97992c2-CPH

GET
H2 200 chrome-icon.svg
landing.xuontiacompany.com/images/promo-images/t39/ 6 KB
2 KB 133ms
132ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/promo-images/t39/chrome-icon.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c9974fc6f862743b88b99a74aecc083e75668bcbf2e24c45c590de7ba197ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/t39a/style.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-19ff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMzJHHlrAmtII0e9%2FER0%2FqgQmQVZlAh84CzKae0xJ5pRDD8OHvEffIHY5GKmJv0qLxbixZB52e3gC9kp8rukQznlIMskMDaaV0hG3460oR7Zfck3A545LuMV0cIrcFeIpFHEkEo7JmLm4XDv2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e72d97c92c2-CPH

GET
H2 200 chrome_store_icon.svg
landing.xuontiacompany.com/images/browser-icons/ 2 KB
1 KB 158ms
157ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/browser-icons/chrome_store_icon.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-853"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAvdsG1R1zXjOHFu4XZXmssFOweM4loyOlC%2BJRRk10bZtJmJ7uqCerxfN8syESecimgRciMp40qdY8Ax1OvYzFIAypmmPQbbvvMEhdQhLgI5cL1sXRr%2BIB6YNWhkMsN4Kkg9qviQ%2FmiBZZrBlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e72d97f92c2-CPH

GET
H2 200 logo.svg
landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/ 3 KB
1 KB 157ms
156ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.xuontiacompany.com/images/extension-icons/adblocker_and_privacy/logo.svg

Requested by

Host: landing.xuontiacompany.com
URL: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a4cd38860b44bc04c63b1ed77464018947977ef14a0fcee06305c385131f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://landing.xuontiacompany.com/styles/shared.css?6f698578617efb5cd94aa49062c27274
accept-language: fi-FI,fi;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:40:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1334
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 14:34:35 GMT
server: cloudflare
etag: W/"66018b7b-a0b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzreW3Avn2r38HFycQKugh1cM3D8rM4Lef6kV6wkotmBrh00luItHayxBFSkLGaE%2F1lR2jp7izX%2FblUlnd%2FBKNQ%2F5%2FqaH%2B5lb14JENZMmiHEDgH6TXwB1h2%2Fl7IryWGwzLXbDXA1od8BF4Jluw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86be8e72d98392c2-CPH

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6V5201028T&gtm=45je43r0v9116683289za200&_p=1711701635523&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=626548610.1711701637&ecid=694402473&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=a&_s=1&sid=1711701636&sct=1&seg=0&dl=https%3A%2F%2Frunsolinco.shop%2Fblogs%2Frntvdcqrze&dt=runsolinco.shop%20-%20We%20apologize%20for%20the%20inconvenience%2C%20but%20we%27re%20performing%20some%20maintenance.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1780

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6V5201028T&cid=626548610.1711701637&gtm=45je43r0v9116683289za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1

Domain: www.google.fi
URL: https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6V5201028T&cid=626548610.1711701637&gtm=45je43r0v9116683289za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=294360635

Domain: proftrafficcounter.com
URL: https://proftrafficcounter.com/stats

Domain: www.clarity.ms
URL: https://www.clarity.ms/tag/jfl2pu6cif

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WV373MWWXX&gtm=45je43r0v9138627631za200&_p=1711701639887&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=268737304.1711701640&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711701639&sct=1&seg=0&dl=https%3A%2F%2Flanding.xuontiacompany.com%2Ft39a%3Fclk_domain%3Dtrack.extension-install.com%26flow%3Dbinom%26campaignId%3D30024%26cid%3Dco37t1j2r96s73b8cpr0%26source%3DPandaRTB%2520(Adsterra-Adult)%26lpkey%3D171175daff9eefa7a5b82ca7edcdaccf29ee101938%26isV2%3Dtrue&dr=https%3A%2F%2Fagitationfourthplug.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3266

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
agitationfourthplug.com/api	1970-01-20 19:29:48	Name: u_pl Value: 18974811
agitationfourthplug.com/api	1970-01-20 19:28:21	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODk3NDgxMSwiayI6IjU1ZjE3YTlmZWU2OGVhMWI2ZjRjY2ZhMmQ5NmVjZjZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMzk3OTA2LCJwaWQiOjE2NDUzNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoiaWo2c2s3czEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjM0MTg5ODk4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTMyMDM5LCJibiI6IkNocm9tZSIsImJ2IjoiMTIzIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NzAsImMiOiJGSSIsIm4iOiJGaW5sYW5kIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiU3VvbWkgQ29tbXVuaWNhdGlvbnMgT3kifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3J1bnNvbGluY28uc2hvcC8iLCJhciI6W119fQ.woIZoQowqNQ39uwJ65dGNyNEZ4HyRb951_1VSCglqps
agitationfourthplug.com/api	1970-01-20 19:29:48	Name: pdhtkv Value: true
agitationfourthplug.com/api	1970-01-20 19:29:48	Name: uncs Value: 1
agitationfourthplug.com/api	1970-01-20 19:29:48	Name: pdhtkv28 Value: true
agitationfourthplug.com/api	1970-01-20 19:29:48	Name: uncs28 Value: 1
runsolinco.shop/	1970-01-21 04:13:57	Name: HstCfa4764170 Value: 1711701636055
runsolinco.shop/	1970-01-21 04:13:57	Name: HstCla4764170 Value: 1711701636055
runsolinco.shop/	1970-01-21 04:13:57	Name: HstCmu4764170 Value: 1711701636055
runsolinco.shop/	1970-01-21 04:13:57	Name: HstPn4764170 Value: 1
runsolinco.shop/	1970-01-21 04:13:57	Name: HstPt4764170 Value: 1
runsolinco.shop/	1970-01-21 04:13:57	Name: HstCnv4764170 Value: 1
runsolinco.shop/	1970-01-21 04:13:57	Name: HstCns4764170 Value: 1
.runsolinco.shop/	1969-12-31 23:59:59	Name: _ga Value: GA1.1.626548610.1711701637
.runsolinco.shop/	1969-12-31 23:59:59	Name: _ga_6V5201028T Value: GS1.1.1711701636.1.0.1711701636.60.0.694402473
agitationfourthplug.com/	1970-01-20 19:28:21	Name: cjs Value: t
track.extension-install.com/	1970-01-21 04:13:57	Name: uclick Value: yevbwAgNPo01guPwamCYtK2WSlznBVcCjUdtiJCeOENpVJY4byBfUk/KL5EqMbGYOUjLrDY=
track.extension-install.com/	1970-01-21 04:13:57	Name: bcid Value: co37t1j2r96s73b8cpr0
track.extension-install.com/	1970-01-21 04:13:57	Name: cid Value: co37t1j2r96s73b8cpr0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agitationfourthplug.com
fonts.googleapis.com
fonts.gstatic.com
landing.xuontiacompany.com
proftrafficcounter.com
region1.analytics.google.com
region1.google-analytics.com
runsolinco.shop
s10.histats.com
s4.histats.com
stats.g.doubleclick.net
track.extension-install.com
www.clarity.ms
www.google.fi
www.googletagmanager.com
fonts.gstatic.com
proftrafficcounter.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.clarity.ms
www.google.fi
104.20.67.115
142.250.186.104
142.250.186.74
149.56.240.31
172.67.214.138
188.114.96.3
192.243.59.13
52.58.28.63
028742888440e1d1d15e11e84518771a205b45bfd51c8ebbef169ac7533b96e2
0eb719e33187bb05bb663864b85636b6a7fb3420b26cfeeb3fef7f95c1881aa2
2d1f8156fd08b1a0d08a77105ccb7d62ddab490ca320dd609bb7da52e82234de
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
375a81cdbedffa6ecb4dc03eeb25637e1e370131f4dba3b1a75d1ee8a8748ea8
3b43f56645c08f6316aad77e5440c21ee35f39c5505e145f3f33ed8804d1871e
41dd81ecf0fdcf6065d7fba2ea5fcb2529529c981fc6066d70d8d98b778f9b2c
4da58f4f326646f97926c58d6a93823ce29880f71950147f3bc2c23cb27747f7
4f868a345a189b37840aee4d6942b2962a1742765cbfd97b9a04f0c7760eae03
4fecd384266d355fe0d06767f5a866265809ab89150c27dea64e205a986d28b5
53a4cd38860b44bc04c63b1ed77464018947977ef14a0fcee06305c385131f5f
55c1f8387eaf1669b6a0df9c04b336701b0a3a5bd9a20e3eea2e1668e7387983
5b226474e5f0bad40d1d89eb2ea0b7dc0baba05a0834fdb02173ea0d89894cb1
5cd2061a7b11b9e3b2e56b8f53a7ea2547fc6b465d13bf5441c81be6d28daa9c
622f8aeff490fce880850d1b8bd9d52f20aef04123a8417bbc44c9349cf9fac8
67c9974fc6f862743b88b99a74aecc083e75668bcbf2e24c45c590de7ba197ac
7b37bf1274aca6936234156f537127881a4e4ff565c458068366a87365ea9c59
7b40f2a19d1427470258e3c1114cfb1353d891819585f391d7b473813fbfc2dd
84ebc5aaa8d469faabe54a6823e4101f324485b83e4600f9d8e7b9a7809f624d
85e87c59be8a86993d61b2f5c0977b9a9ea899c14322757933e07da416a80d8a
87fda4f3a69241a941110f26d4837a768bf0a864e58aa79cf8d414fc9a0136c3
90597e5f5b82b89af25836180dcd0181fbc6f6d32a07408802529db0a69b2148
90b6db83b2a1d77281219272959d3622392487eda0ce2ab2eead1c0891d3fe04
922be72b779d865d3c4b03de3d2b134406ddc1c44700b69d57b3c84e3b60a733
9b040d4e4c5a91e7bc8740c778fa738c8470dfac0588c5294ad2d90d899ede36
9efd24949b583aee5301aeb16d27000b8bd5744343dbe55a3a02b17c6b10f10f
9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180
a6d66b497d02a7cd78cc054be46c366281311d8da297d10444b882160db14219
a818289b7887c0da0b8def330e0a6b14d94e0cfb11bd45a8262d644d6f1c41e9
ab945250b36efab1b3edeb16672ce19aebd882decfd58d5d04451193c895114f
b05dda93023f32a8359320b32e9cc38bb29000ec93baf0e318f4896c80207f79
b797c4abdedec3e173cdf21250305b33a5fbdf54466912ce75cc9f271da2c44f
b8bbb643c2815a66a29683d9e538c3404f98fef3d0100113e0967ed6bc499988
bb0d0c5ee5d39d7dc1d7193638e693fc3da791189be9794efbaa2aa38466097c
c5735522be0fd6c5949744d53ec36ad657d676d33a8504b90c4fad119e718972
c62d3a70e31c32abd6e63eb1b47a484778bd60d71861daa62b655a1246be2478
d00072d46a005f453f0af4a155718a04202a7a8bc7d3805535b10ca78fce890b
d9f45562c1bf1f621a1a24111f9ffd9b89c9eb806a116beff4079c9b0830d746
f1a1fe492a8a08985a54167a852913066ad44e90162aa79386945861666f8fd4

landing.xuontiacompany.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

83 %HTTPS

0 %IPv6

14 Domains

15 Subdomains

8 IPs

5 Countries

458 kBTransfer

1118 kBSize

19 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

landing.xuontiacompany.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

83 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

8
IPs

5
Countries

458 kB
Transfer

1118 kB
Size

19
Cookies

54 HTTP transactions
0 data transactions