xiaomistore.pt
Total score
0.33
/ 1.00
Web hosting
0.0Non-EU-controlled provider (US, CLOUDFLARENET)
- Hostname
- xiaomistore.pt
- IP address
- 104.26.0.60
- Country
- United States
- ASN
- CLOUDFLARENET
- Server software
- cloudflare (CDN: Cloudflare)
Show raw HTTP headers ↓
Date: Thu, 04 Jun 2026 16:54:48 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Location: https://www.xiaomistore.pt/
CF-Ray: a0687627493803f8-FRA
CF-Cache-Status: DYNAMIC
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: -1
Server: cloudflare
Set-Cookie: PHPSESSID=c8tsqov9tah5sas4da3jo9s84a; expires=Thu, 04-Jun-2026 17:54:48 GMT; Max-Age=3600; path=/; domain=www.xiaomistore.pt; secure; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
Pragma: no-cache
content-security-policy: font-src *.klarnacdn.net *.fontawesome.com *.gstatic.com 'self' data: *.swogo.net *.tiktok.com *.jotform.com *.hotjar.com wss://*.hotjar.com *.hotjar.io *.sequracdn.com *.servelec.pt/ *.cetelem.pt/ *.bnpparibas-pf.pt/ *.jsdelivr.net/ *.xiaomistore.pt/ *.svea.com *.jotfor.ms data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com *.facebook.com https://connect.facebook.net/ *.cookiefirst.com *.tiktok.com *.jotform.com *.hotjar.com wss://*.hotjar.com *.hotjar.io *.sequracdn.com *.servelec.pt/ *.cetelem.pt/ *.bnpparibas-pf.pt/ *.xiaomistore.pt/ *.svea.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ egoi.page *.klarnaservices.com https://www.googletagmanager.com/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com www.googletagmanager.com *.google.com *.facebook.com https://connect.facebook.net/ *.cookiefirst.com *.doubleclick.net *.tiktok.com *.jotform.com *.hotjar.com wss://*.hotjar.com *.hotjar.io *.sequracdn.com *.servelec.pt/ *.cetelem.pt/ *.bnpparibas-pf.pt/ *.xiaomistore.pt/ *.userway.org/ *.svea.com *.jotform.io 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io egoimmerce.e-goi.com *.klarna.com *.klarnaevt.com *.klarnacdn.net http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ https://www.google.com/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com 'self' data: https://connect.facebook.net/ https://www.facebook.com/ https://www.google.pt/ https://www.kuantokusta.pt/ https://ib.adnxs.com/ https://eu-assets.klarnaservices.com/ osm.klarnaservices.com/ *.cookiefirst.com *.swogo.net *.tiktok.com *.jotform.com *.hotjar.com wss://*.hotjar.com *.hotjar.io *.sequracdn.com *.servelec.pt/ *.cetelem.pt/ *.bnpparibas-pf.pt/ *.xiaomistore.pt https://xiaomistore.pt *.xiaomistore.pt/ *.userway.org/ https://analytics-ipv6.tiktokw.us/ *.svea.com *.reddit.com/ data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ ecommerce.cetelem.pt e-goi.com cdn-te.e-goi.com egoi.site *.klarna.com *.klarnacdn.net *.klarnaservices.com http://www.googletagmanager.com/ https://www.googletagmanager.com/ s7.addthis.com *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com *.google.com *.gstatic.com https://www.gstatic.com/ https://js-agent.newrelic.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ *.nr-data.net/ https://connect.facebook.net/ https://static.cloudflareinsights.com/ *.cloudflare.com *.egoiapp.com *.piwik.org https://acdn.adnxs.com/ stats.g.doubleclick.net tpc.googlesyndication.com *.cookiefirst.com *.swogo.net https://cdn.jsdelivr.net/npm/swiper@9/swiper-bundle.min.js https://cdn.jsdelivr.net/npm/swiper@9/swiper-bundle.esm.browser.min.js *.tiktok.com *.jotform.com *.hotjar.com wss://*.hotjar.com *.hotjar.io *.sequracdn.com *.servelec.pt/ *.cetelem.pt/ *.bnpparibas-pf.pt/ *.xiaomistore.pt/ *.userway.org/ *.svea.com *.jotfor.ms https://www.redditstatic.com/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com egoiapp2.com *.klarnacdn.net *.fontawesome.com unsafe-inline *.googleapis.com *.gstatic.com *.cookiefirst.com *.jsdelivr.net/ *.tiktok.com *.jotform.com *.hotjar.com wss://*.hotjar.com *.hotjar.io *.sequracdn.com *.servelec.pt/ *.cetelem.pt/ *.bnpparibas-pf.pt/ *.xiaomistore.pt/ *.userway.org/ *.svea.com *.jotfor.ms 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ https://xiaomistore.pt/ *.sequracdn.com *.servelec.pt/ *.cetelem.pt/ *.bnpparibas-pf.pt/ *.xiaomistore.pt/ *.svea.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.bnpparibas-pf.pt *.klarnaevt.com *.klarnacdn.net *.klarna.com *.klarnaservices.com http://stats.g.doubleclick.net/ https://stats.g.doubleclick.net/ http://www.google-analytics.com/ https://www.google-analytics.com/ ekr.zdassets.com/ https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com t.elasticsuite.io *.google-analytics.com https://www.googletagmanager.com/ https://www.googleadservices.com/ https://ampcid.google.com *.google.com/ *.nr-data.net/ https://edw-3.egoiapp.com/ *.facebook.com https://connect.facebook.net/ *.cookiefirst.com *.swogo.net *.google.pt https://www.google.pt/ *.tiktok.com *.jotform.com *.adnxs.com *.doubleclick.net *.hotjar.com wss://*.hotjar.com *.hotjar.io *.sequracdn.com *.svea.com *.servelec.pt/ *.cetelem.pt/ *.bnpparibas-pf.pt/ *.xiaomistore.pt/ *.userway.org/ https://analytics-ipv6.tiktokw.us/ *.jotfor.ms https://script.google.com/ https://script.googleusercontent.com/ *.reddit.com/ 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=K8DzQGpWk8KunY3ezBp1NITxMOIJHA%2BHVHDZ3djYsL2cDo3iRJoKpXva3vWUUA65gx%2FSAeZBmUlbGvojHy8n1mevDX%2BPKEavOhGW3tv9B8k63SEXZTbIOZY0qaHnjKwySGlZ%2FW9Q%2BTGPb4%2Bi"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Verify independently
- Look up this IP on bgp.he.net (104.26.0.60) ↗
- Search this ASN on bgp.he.net ↗
- Run a DNS lookup on this host (xiaomistore.pt) ↗
Last scanned:
Mail hosting
1.0Hosted in the EU by an EU provider (Hetzner Online GmbH)
- MX hostname
- mail.xiaomistore.pt
- IP address
- 136.243.224.227
- Country
- Germany
- ASN
- Hetzner Online GmbH
Verify independently
- Look up this IP on bgp.he.net (136.243.224.227) ↗
- Search this ASN on bgp.he.net ↗
- Run a DNS lookup on this host (mail.xiaomistore.pt) ↗
Last scanned:
DNS
0.0DNS is managed by a non-EU provider: Cloudflare
- Primary nameserver
- jobs.ns.cloudflare.com
- Country
- US
- ASN
- CLOUDFLARENET
Verify independently
- Search this ASN on bgp.he.net ↗
- Run a DNS lookup on this host (jobs.ns.cloudflare.com) ↗
- To verify yourself, run: dig +short jobs.ns.cloudflare.com, then look up the IP on bgp.he.net.
Last scanned:
Score values: 1.0 = sovereign (EU-hosted, EU provider). 0.0 = non-sovereign (outside the EU, or on a non-EU-controlled provider — US, UK, etc. — regardless of where the datacenter sits). N/A = the sub-score couldn't be measured (no MX record, unresolvable host, etc.) and is excluded from the total.