www.saxychick.net Open in urlscan Pro
2a05:d018:244:5200::ab Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&...
Effective URL:
https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=12...
Submission: On August 10 via api (August 10th 2021, 12:25:57 am UTC) from BE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 40 HTTP transactions. The main IP is 2a05:d018:244:5200::ab, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.saxychick.net.
TLS certificate: Issued by R3 on July 27th 2021. Valid for: 3 months.

This is the only time www.saxychick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
4	91.218.244.48 91.218.244.48	50867 (HOSTKEY-R...) (HOSTKEY-RU-AS)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	18.198.80.68 18.198.80.68	16509 (AMAZON-02) (AMAZON-02)
2 2	213.227.134.194 213.227.134.194	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2a05:d018:244... 2a05:d018:244:5200::ab	16509 (AMAZON-02) (AMAZON-02)
14	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
40	14

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

zitalin-tk.translate.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.218.244.48 (Russian Federation)

ASN50867 (HOSTKEY-RU-AS, NL)

olarexi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.80.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-80-68.eu-central-1.compute.amazonaws.com

trk.epsilonlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.ultrabetas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.194 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

track.advertpull.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.213 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

track.cpanda.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:244:5200::ab (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

wemwxk.teens4love.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.saxychick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.16.186.80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

cdn-bimi.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	akamaized.net cdn-bimi.akamaized.net	255 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	141 KB
4	olarexi.com olarexi.com	16 KB
4	googleapis.com translate.googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
4	google.com translate.google.com	27 KB
2	cpanda.me 2 redirects track.cpanda.me	725 B
2	advertpull.com track.advertpull.com Failed	436 B
2	translate.goog 1 redirects zitalin-tk.translate.goog	2 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	saxychick.net www.saxychick.net	2 KB
1	teens4love.com 1 redirects wemwxk.teens4love.com	572 B
1	ultrabetas.com trk.ultrabetas.com Failed	759 B
1	epsilonlink.com trk.epsilonlink.com	2 KB
40	13

	Domain	Requested by
14	cdn-bimi.akamaized.net	www.saxychick.net
4	olarexi.com	zitalin-tk.translate.goog olarexi.com ajax.googleapis.com
4	translate.google.com	zitalin-tk.translate.goog
4	www.gstatic.com	zitalin-tk.translate.goog translate.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	track.cpanda.me	2 redirects
2	track.advertpull.com
2	translate.googleapis.com
2	zitalin-tk.translate.goog	1 redirects
1	www.googletagmanager.com	www.saxychick.net
1	fonts.googleapis.com	cdn-bimi.akamaized.net
1	www.saxychick.net	trk.ultrabetas.com
1	wemwxk.teens4love.com	1 redirects
1	trk.ultrabetas.com	trk.epsilonlink.com
1	trk.epsilonlink.com	olarexi.com
1	ajax.googleapis.com	olarexi.com
40	16

This site contains no links.

Subject Issuer	Validity	Valid
*.googleusercontent.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
trk.epsilonlink.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
trk.ultrabetas.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.saxychick.net R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Frame ID: 26921CA0474C1227138341216C28F003
Requests: 39 HTTP requests in this frame

Frame: https://translate.google.com/translate_un?sl=ru&tl=en&u=http://zitalin.tk/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive&usg=ALkJrhhp6DTI3rE0q7-kpif1VDaHlSIkCQ
Frame ID: 2EB913A777E6FB568EE430B2ABB6C1AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_s... HTTP 301
https://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_s... Page URL
http://olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?p=t Page URL
https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={2059}&email={email}&CampaignID=... Page URL
https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OT... Page URL
https://track.advertpull.com/click?pid=9930&offer_id=6705&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248 HTTP 302
https://track.advertpull.com/click?pid=9930&offer_id=6936&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248&sub3=&s... HTTP 302
http://track.cpanda.me/sl?id=5c47226bce365a58ba6548d3&pid=9930&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1... HTTP 302
http://track.cpanda.me/click?pid=9930&offer_id=2375&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248&sub3=&s... HTTP 302
https://wemwxk.teens4love.com/c/1e3a4e532f1c7040?s1=120341&s2=1255332&s3=9930&s5=1248&click_id=6111c772cce... HTTP 302
https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&l... Page URL

Page Statistics

40
Requests

83 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

14
IPs

4
Countries

513 kB
Transfer

2251 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem HTTP 301
https://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem Page URL
http://olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?p=t Page URL
https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={2059}&email={email}&CampaignID={CampaignID}&S1=1248&aff_id=100205&flow_id={flow_id} Page URL
https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9d3ZtOWpsZjJ1bmZndThsOTI1bmJ0MDhpJnN1YjI9MTI0OA&ts=1628555121824&hash=5wR8CVhaKmcrjn8-iRcbTt-Wj-403XHHynVE4yc6JIs&rm=DJ Page URL
https://track.advertpull.com/click?pid=9930&offer_id=6705&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248 HTTP 302
https://track.advertpull.com/click?pid=9930&offer_id=6936&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248&sub3=&sub4=&sub5=6705 HTTP 302
http://track.cpanda.me/sl?id=5c47226bce365a58ba6548d3&pid=9930&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248&sub3=&sub4=&sub5=6936 HTTP 302
http://track.cpanda.me/click?pid=9930&offer_id=2375&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248&sub3=&sub6=GLOBAL_TB_0&sub5=0 HTTP 302
https://wemwxk.teens4love.com/c/1e3a4e532f1c7040?s1=120341&s2=1255332&s3=9930&s5=1248&click_id=6111c772cce7910001b54ab5&j1=1&j3=1&j8=1 HTTP 302
https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem HTTP 301
https://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

compositive Show response
zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/
Redirect Chain

http://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem
https://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem

1 KB
1019 B

247ms
227ms

Document
text/html

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

211f18b4f80c81dafd007359e3a283085b239651afda0b365878cfb438cab0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: zitalin-tk.translate.goog
:scheme: https
:path: /calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-robots-tag: none
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
date: Tue, 10 Aug 2021 00:25:20 GMT
server: ESF
cache-control: private
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 10 Aug 2021 00:25:20 GMT
Location: https://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

GET
H2 200 m=website Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.dtDKZLFLu6g.O/d=1/rs=AN8SPfq0SR2bTfpzTLlsMw6joB7d7J9Wig/ 69 KB
24 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.dtDKZLFLu6g.O/d=1/rs=AN8SPfq0SR2bTfpzTLlsMw6joB7d7J9Wig/m=website

Requested by

Host: zitalin-tk.translate.goog
URL: https://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

432bb969bfb5c8adfee3ec7de8e7afcb818314109fc41978e998682f44680ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zitalin-tk.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24066
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 19:14:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 21:55:46 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 81 KB
26 KB 88ms
68ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=gtElInit&client=wt&hl=uk&te=pod

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b551a849d1bce08b2b45c2b95be5d5524d54abecd06cb8c1f80152749c71f0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 00:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_un Show response
translate.google.com/ Frame 2EB9 321 B
740 B 19ms
15ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_un?sl=ru&tl=en&u=http://zitalin.tk/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive&usg=ALkJrhhp6DTI3rE0q7-kpif1VDaHlSIkCQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

81e478e7ec1b80a2e6337818b3c3b70f2a0e457c34b629942f99c33eed9be09d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: translate.google.com
:scheme: https
:path: /translate_un?sl=ru&tl=en&u=http://zitalin.tk/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive&usg=ALkJrhhp6DTI3rE0q7-kpif1VDaHlSIkCQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:25:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-language: en
x-content-type-options: nosniff
content-encoding: gzip
server: HTTP server (unknown)
content-length: 246
x-xss-protection: 0
set-cookie: CONSENT=PENDING+389; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.uk.N1STbh2rVwc.O/d=1/rs=AN8SPfqsMUVuyG-MY4HyX7dzvvKuoJiyxw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 23:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Aug 2021 00:39:49 GMT

GET
H3-29 200 m=el_main Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.uk.N1STbh2rVwc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqsMUVuyG-MY4HyX7dzvvKuoJiyxw/ 221 KB
76 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.uk.N1STbh2rVwc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqsMUVuyG-MY4HyX7dzvvKuoJiyxw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.uk.N1STbh2rVwc.O/d=1/rs=AN8SPfqsMUVuyG-MY4HyX7dzvvKuoJiyxw/m=el_conf

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b56637870f572d48678730895f99ce517fcc8c7278c4c133e21c7d8571a67635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 22:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77320
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 19:14:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 22:10:03 GMT

GET
H3-29 204 gen204
translate.google.com/ 0
18 B 29ms
15ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20210808

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 00:25:20 GMT
x-content-type-options: nosniff
server: HTTP server (unknown)
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
847 B 7ms
6ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 22:31:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 6858
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Tue, 09 Aug 2022 22:31:02 GMT

GET
H3-29 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:22:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 189
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Wed, 10 Aug 2022 00:22:11 GMT

POST
H3-29 200 t Show response
translate.googleapis.com/translate_a/ 17 B
58 B 30ms
17ms XHR
application/json 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20210808&sl=ru&tl=en&tc=1&sr=1&tk=118293.469261&mode=1

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.uk.N1STbh2rVwc.O/d=1/rs=AN8SPfqsMUVuyG-MY4HyX7dzvvKuoJiyxw/m=el_conf

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

4ba5d012086b047a8480a382cd74952b49f64c938f025d1df0bf5af77607845d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Aug 2021 00:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37
x-xss-protection: 0
expires: Tue, 10 Aug 2021 00:25:20 GMT

GET
H3-29 204 gen204
translate.google.com/ 0
18 B 15ms
15ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.google.com/gen204?sl=ru&tl=en&textlen=17&ttt=53&ttl=40&sr=1&nca=te_time&client=wt_lib&logld=vTE_20210808

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 00:25:21 GMT
x-content-type-options: nosniff
server: HTTP server (unknown)
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK compositive Show response
olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/ 1 KB
947 B 215ms
195ms Document
text/html 91.218.244.48
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?p=t
Requested by: Host: zitalin-tk.translate.goog
URL: https://zitalin-tk.translate.goog/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk&_x_tr_pto=elem
Protocol: HTTP/1.1
Server: 91.218.244.48 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9aa655dbe076f489be9d4143f4e9a98d00baa1534d5e45400a3e45c964675565

Request headers

Host: olarexi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 10 Aug 2021 00:25:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: olarexi.com
URL: http://olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?p=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:11:40 GMT

GET
H/1.1 200
OK 758042671.3657164289.2133881245.505444900
olarexi.com/ 14 KB
15 KB 148ms
148ms Image
image/gif 91.218.244.48
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://olarexi.com/758042671.3657164289.2133881245.505444900
Requested by: Host: olarexi.com
URL: http://olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?p=t
Protocol: HTTP/1.1
Server: 91.218.244.48 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: olarexi.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 00:26:00 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 14742
Expires: 0

POST
H/1.1 200
OK compositive&p=a
olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/ 156 B
386 B 409ms
395ms XHR
text/html 91.218.244.48
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive&p=a
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: HTTP/1.1
Server: 91.218.244.48 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://olarexi.com
Accept-Encoding: gzip, deflate
Host: olarexi.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Content-Length: 0
Accept: */*
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:26:00 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK MDU1N09vdGE4YlhWMD0= Show response
olarexi.com/M1k4em1MSCs1dE1YOWk4ZFc5VUh5Vy8yS3NxNmg/x/ 0
257 B 190ms
177ms Script
text/html 91.218.244.48
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://olarexi.com/M1k4em1MSCs1dE1YOWk4ZFc5VUh5Vy8yS3NxNmg/x/MDU1N09vdGE4YlhWMD0=
Requested by: Host: olarexi.com
URL: http://olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?p=t
Protocol: HTTP/1.1
Server: 91.218.244.48 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: olarexi.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:26:00 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200 Cookie set f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f Show response
trk.epsilonlink.com/ 802 B
2 KB 148ms
24ms Document
text/html 18.198.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={2059}&email={email}&CampaignID={CampaignID}&S1=1248&aff_id=100205&flow_id={flow_id}
Requested by: Host: olarexi.com
URL: http://olarexi.com/calin/3151802509/covariant/beleaguered/sharer/1628519465/compositive?p=t
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.198.80.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-80-68.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c0b45a6925facd02442d24c15903cc25c9c8f06cbf2b75cb158ac8274ad82dc5

Request headers

Host: trk.epsilonlink.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 10 Aug 2021 00:25:21 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 802
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f-v4=f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f; Max-Age=86400; Expires=Wed, 11-Aug-2021 00:25:21 GMT; Domain=trk.epsilonlink.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=JNGjRf5%2BajheMRoadZgid6ZMd1%2BsaVywsYbgQZatR1xNzsta6d5WXT2PUVmpPaS7IbPo4%2Fd43UIa0wrN9FjpEa9nPEVfePEh5tKiG%2FoEfzXvCclXx2uVuMn9lmWVLQbSBe5K9vmbmac6eBgQL3sQRQ%3D%3D; Max-Age=31536000; Expires=Wed, 10-Aug-2022 00:25:21 GMT; Domain=trk.epsilonlink.com; Path=/; Secure; HttpOnly;SameSite=None

GET redirect
trk.ultrabetas.com/ 0
0

GET
H/1.1 200 redirect Show response
trk.ultrabetas.com/ 486 B
759 B 117ms
23ms Document
text/html 18.198.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9d3ZtOWpsZjJ1bmZndThsOTI1bmJ0MDhpJnN1YjI9MTI0OA&ts=1628555121824&hash=5wR8CVhaKmcrjn8-iRcbTt-Wj-403XHHynVE4yc6JIs&rm=DJ
Requested by: Host: trk.epsilonlink.com
URL: https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={2059}&email={email}&CampaignID={CampaignID}&S1=1248&aff_id=100205&flow_id={flow_id}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.198.80.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-80-68.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f3277272b28ee18cb9aea4fbf397d07ec4f684d98ef074f80ed827ee1aeab566

Request headers

Host: trk.ultrabetas.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://trk.epsilonlink.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://trk.epsilonlink.com/

Response headers

Server: nginx
Date: Tue, 10 Aug 2021 00:25:21 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 486
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

GET click
track.advertpull.com/ 0
0

GET
H2

200

Primary Request 4c8a669b83e6c2d3 Show response
www.saxychick.net/c/
Redirect Chain

https://track.advertpull.com/click?pid=9930&offer_id=6705&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248
https://track.advertpull.com/click?pid=9930&offer_id=6936&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248&sub3=&sub4=&sub5=6705
http://track.cpanda.me/sl?id=5c47226bce365a58ba6548d3&pid=9930&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248&sub3=&sub4=&sub5=6936
http://track.cpanda.me/click?pid=9930&offer_id=2375&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248&sub3=&sub6=GLOBAL_TB_0&sub5=0
https://wemwxk.teens4love.com/c/1e3a4e532f1c7040?s1=120341&s2=1255332&s3=9930&s5=1248&click_id=6111c772cce7910001b54ab5&j1=1&j3=1&j8=1
https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=

7 KB
2 KB

270ms
46ms

Document
text/html

2a05:d018:244:5200::ab
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Requested by: Host: trk.ultrabetas.com
URL: https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9d3ZtOWpsZjJ1bmZndThsOTI1bmJ0MDhpJnN1YjI9MTI0OA&ts=1628555121824&hash=5wR8CVhaKmcrjn8-iRcbTt-Wj-403XHHynVE4yc6JIs&rm=DJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f451191b0b30b755b9ee2d820e18e185ab9fe0687e3141d584a8bbff833bc958

Request headers

:method: GET
:authority: www.saxychick.net
:scheme: https
:path: /c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9d3ZtOWpsZjJ1bmZndThsOTI1bmJ0MDhpJnN1YjI9MTI0OA&ts=1628555121824&hash=5wR8CVhaKmcrjn8-iRcbTt-Wj-403XHHynVE4yc6JIs&rm=DJ

Response headers

server: nginx
date: Tue, 10 Aug 2021 00:25:22 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_411736=unique_411736; Path=/; Expires=Sat, 09 Oct 2021 00:25:22 GMT; Secure; SameSite=None unique_id=60ae5ff20008f4d8; Path=/; Expires=Sat, 09 Oct 2021 00:25:22 GMT; Secure; SameSite=None unique_id2=60ae5ff20008f4d8; Path=/; Expires=Mon, 08 Nov 2021 00:25:22 GMT; Secure; SameSite=None impression=; Path=/; Expires=Tue, 10 Aug 2021 00:25:22 GMT; Secure; SameSite=None 60ae5ff20008f4d8_sl=[202250]; Path=/; Expires=Tue, 24 Aug 2021 00:25:22 GMT; Secure; SameSite=None
content-encoding: gzip

Redirect headers

server: nginx
date: Tue, 10 Aug 2021 00:25:22 GMT
content-type: text/html; charset=utf-8
content-length: 202
location: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
set-cookie: unique_543988=unique_543988; Path=/; Expires=Sat, 09 Oct 2021 00:25:22 GMT; Secure; SameSite=None unique_id=6110bc06000e9e2a; Path=/; Expires=Sat, 09 Oct 2021 00:25:22 GMT; Secure; SameSite=None unique_id2=6110bc06000e9e2a; Path=/; Expires=Mon, 08 Nov 2021 00:25:22 GMT; Secure; SameSite=None impression=; Path=/; Expires=Tue, 10 Aug 2021 00:25:22 GMT; Secure; SameSite=None tid=jraoy6111c7720003962f; Path=/; Expires=Wed, 15 Jul 2026 00:25:22 GMT; Secure; SameSite=None

GET
H/1.1 200
OK main.css
cdn-bimi.akamaized.net/landings/202250/1619701318/css/ 6 KB
2 KB 72ms
23ms Stylesheet
text/css 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/css/main.css?1619701318
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0f1e388e0a95c88af6029b0cc8420122dc6014dacb48a49d27b6750044912b0a

Request headers

Referer: https://www.saxychick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:25:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 13:02:00 GMT
Server: AmazonS3
x-amz-request-id: VMBFS6N7SMZ5BBMG
ETag: "c65aa6a6430015f578046fa12f5cbed7"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1472
x-amz-id-2: Z4L/0YbJj60ZWTDW2lShfM8zgrIihLEbjXYo6HLMYUywHfLyNgQSnRaMa0CTD5ISnTDoN1EGowM=

GET
H/1.1 200
OK jquery.min.js Show response
cdn-bimi.akamaized.net/landings/202250/1619701318/js/ 84 KB
30 KB 89ms
40ms Script
text/javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/js/jquery.min.js?1619701318
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://www.saxychick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:25:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 13:02:00 GMT
Server: AmazonS3
x-amz-request-id: 76490RRB6Y52X7NM
ETag: "2f6b11a7e914718e0290410e85366fe9"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 29855
x-amz-id-2: Bi7VOxGl36d7hzrM9GKtfEIq0vF54n0PRNc6yUjwFBmxkz9/lgPIJz+2MpzXQSksQfZP2OOf7xM=

GET
H/1.1 200
OK function.js Show response
cdn-bimi.akamaized.net/landings/202250/1619701318/js/ 753 B
1 KB 71ms
22ms Script
text/javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/js/function.js?1619701318
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 308cb4391cda1dbf6f9de8815bfbc8aa7ef960ea8980f73e5f06021432ab963e

Request headers

Referer: https://www.saxychick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:25:22 GMT
Last-Modified: Thu, 29 Apr 2021 13:02:00 GMT
Server: AmazonS3
x-amz-request-id: VMB8PHMG9TTVCN49
ETag: "6f0bd0e0b7bd55dea2a2a6ab43c8d9d5"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 753
x-amz-id-2: H92RqpBdV18g4VDOmw/p7Of+mDSmgIuIR37wDvdikF1aWmlWw0OlYs3UxkACOLMrNaNQiSfxkX0=

GET
H/1.1 200
OK video.js Show response
cdn-bimi.akamaized.net/landings/202250/1619701318/js/ 12 KB
4 KB 77ms
26ms Script
text/javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/js/video.js?1619701318
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: feb225f463db295abcfaed6a1b6f9188de5e6f528ee3c1133fd6c0ebaba3afbc

Request headers

Referer: https://www.saxychick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:25:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 13:02:00 GMT
Server: AmazonS3
x-amz-request-id: 7648PQGAHJ50XF64
ETag: "97307c7800fbe9135b69e00de49104e6"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 3495
x-amz-id-2: VOGhRSdbH3n1RUPpP16T56F5eaesIjz5PfwQ2H1Rs6sr9IDL58MTLRw+HWe8X3mZ3x0w64YZ4Ko=

GET
H/1.1 200
OK translates.js Show response
cdn-bimi.akamaized.net/landings/202250/1619701318/js/ 19 KB
8 KB 92ms
32ms Script
text/javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/js/translates.js?1619701318
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 79557d5c05f2802c3e0faccfa624589ddb5f915a3f122a80329e34df6410187d

Request headers

Referer: https://www.saxychick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 00:25:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 13:02:01 GMT
Server: AmazonS3
x-amz-request-id: 7644EX43PVGJWQZS
ETag: "00f026284018ababf5006ba26b5b683a"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 7998
x-amz-id-2: YCQ2V6oijupbFX9pu8Btq3afatQ9jSo5fBfpiUzt/+6rbucNjihf6kFCSPf3PJe87q2XqygUmR4=

GET
H3-Q050 200 girl1.jpg
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 193 KB
193 KB 51ms
26ms Image
image/jpeg 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/girl1.jpg
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cab62655a8a12508097f723e002755677779cc075e4cef2aba29c33611e83932

Request headers

Referer: https://www.saxychick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:25:22 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 7643TDAGKPSN7GPR
etag: "0a7cf3eed86992aa4032063cf3417900"
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 197398
x-amz-id-2: no93qGsIcjU30f4kR0ASfHwU7T4O0qb3f/vZ+uYzq0RXiJunFMYBYNCMypb6BxK07VuZymMwekI=
quic-version: Q050

GET
H2 200 css
fonts.googleapis.com/ 5 KB
711 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700

Requested by

Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/css/main.css?1619701318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae045d41d3f513234448e196d52758ac1753478df25006faf8ec492ac0f34d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn-bimi.akamaized.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 23:15:49 GMT
server: ESF
date: Tue, 10 Aug 2021 00:25:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Aug 2021 00:25:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
34 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL

Requested by

Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

079925694dc745e55cb13fae6b00073eda2b6489fe262d39bc497e70751e3b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.saxychick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:25:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35187
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Aug 2021 00:25:22 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.saxychick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:05:24 GMT
x-content-type-options: nosniff
age: 289198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:51:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:05:24 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.saxychick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:05:24 GMT
x-content-type-options: nosniff
age: 289198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:50:06 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:05:24 GMT

GET
H3-Q050 200 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 13 KB
13 KB 23ms
23ms Image
video/mp4 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.saxychick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:25:22 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 76448NFJ8FPQYK6A
etag: "45d4d1a835a000d1edd2d2875b25671a"
content-type: video/mp4
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1183655
x-amz-id-2: 9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version: Q050

GET
H3-Q050 206 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 44 KB
0 25ms
25ms Media
video/mp4 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.saxychick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 10 Aug 2021 00:25:22 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 76448NFJ8FPQYK6A
etag: "45d4d1a835a000d1edd2d2875b25671a"
content-type: video/mp4
Content-Range: bytes 0-1183654/1183655
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1183655
x-amz-id-2: 9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version: Q050

GET
H3-Q050 206 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 4 KB
4 KB 24ms
22ms Media
video/mp4 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d3a416a08f97860d4476a33aef0bfec290e58bf128b4fdb6be80541bd725cc46

Request headers

Referer: https://www.saxychick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1179648-

Response headers

date: Tue, 10 Aug 2021 00:25:22 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 76448NFJ8FPQYK6A
etag: "45d4d1a835a000d1edd2d2875b25671a"
content-type: video/mp4
Content-Range: bytes 1179648-1183654/1183655
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 4007
x-amz-id-2: 9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version: Q050

GET 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 0
0

GET
H3-Q050 206 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 52 KB
0 23ms
23ms Media
video/mp4 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by: Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=jraoy6111c7720003962f&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.saxychick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=589824-

Response headers

date: Tue, 10 Aug 2021 00:25:22 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 76448NFJ8FPQYK6A
etag: "45d4d1a835a000d1edd2d2875b25671a"
content-type: video/mp4
Content-Range: bytes 589824-1183654/1183655
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 593831
x-amz-id-2: 9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version: Q050

GET
H3-Q050 206 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 91 KB
0 23ms
22ms Media
video/mp4 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.saxychick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=884736-

Response headers

date: Tue, 10 Aug 2021 00:25:22 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 76448NFJ8FPQYK6A
etag: "45d4d1a835a000d1edd2d2875b25671a"
content-type: video/mp4
Content-Range: bytes 884736-1183654/1183655
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 298919
x-amz-id-2: 9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version: Q050

GET
H3-Q050 206 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 576 KB
0 23ms
22ms Media
video/mp4 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.saxychick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=32768-

Response headers

date: Tue, 10 Aug 2021 00:25:23 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 76448NFJ8FPQYK6A
etag: "45d4d1a835a000d1edd2d2875b25671a"
content-type: video/mp4
Content-Range: bytes 32768-1183654/1183655
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1150887
x-amz-id-2: 9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version: Q050

GET
H3-Q050 206 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 300 KB
0 24ms
23ms Media
video/mp4 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.saxychick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=622592-

Response headers

date: Tue, 10 Aug 2021 00:25:23 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 76448NFJ8FPQYK6A
etag: "45d4d1a835a000d1edd2d2875b25671a"
content-type: video/mp4
Content-Range: bytes 622592-1183654/1183655
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 561063
x-amz-id-2: 9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version: Q050

GET
H3-Q050 206 1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 225 KB
0 24ms
23ms Media
video/mp4 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.saxychick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=950272-

Response headers

date: Tue, 10 Aug 2021 00:25:23 GMT
last-modified: Thu, 29 Apr 2021 13:02:00 GMT
server: AmazonS3
x-amz-request-id: 76448NFJ8FPQYK6A
etag: "45d4d1a835a000d1edd2d2875b25671a"
content-type: video/mp4
Content-Range: bytes 950272-1183654/1183655
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 233383
x-amz-id-2: 9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version: Q050

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trk.ultrabetas.com
URL: https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9d3ZtOWpsZjJ1bmZndThsOTI1bmJ0MDhpJnN1YjI9MTI0OA&ts=1628555121824&hash=5wR8CVhaKmcrjn8-iRcbTt-Wj-403XHHynVE4yc6JIs&rm=DJ

Domain: track.advertpull.com
URL: https://track.advertpull.com/click?pid=9930&offer_id=6705&sub1=wvm9jlf2unfgu8l925nbt08i&sub2=1248

Domain: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.saxychick.net/	1970-01-19 20:42:44	Name: 60ae5ff20008f4d8_sl Value: [202250]
www.saxychick.net/	1970-01-19 22:32:11	Name: unique_id2 Value: 60ae5ff20008f4d8
www.saxychick.net/	1970-01-19 21:48:59	Name: unique_id Value: 60ae5ff20008f4d8
www.saxychick.net/	1970-01-19 21:48:59	Name: unique_411736 Value: unique_411736

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-bimi.akamaized.net
fonts.googleapis.com
fonts.gstatic.com
olarexi.com
track.advertpull.com
track.cpanda.me
translate.google.com
translate.googleapis.com
trk.epsilonlink.com
trk.ultrabetas.com
wemwxk.teens4love.com
www.googletagmanager.com
www.gstatic.com
www.saxychick.net
zitalin-tk.translate.goog
cdn-bimi.akamaized.net
track.advertpull.com
trk.ultrabetas.com
18.198.80.68
2.16.186.80
213.227.134.194
213.227.135.213
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:831::200e
2a05:d018:244:5200::ab
91.218.244.48
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
079925694dc745e55cb13fae6b00073eda2b6489fe262d39bc497e70751e3b4d
0f1e388e0a95c88af6029b0cc8420122dc6014dacb48a49d27b6750044912b0a
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
211f18b4f80c81dafd007359e3a283085b239651afda0b365878cfb438cab0d1
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
308cb4391cda1dbf6f9de8815bfbc8aa7ef960ea8980f73e5f06021432ab963e
432bb969bfb5c8adfee3ec7de8e7afcb818314109fc41978e998682f44680ea4
4ba5d012086b047a8480a382cd74952b49f64c938f025d1df0bf5af77607845d
5ae045d41d3f513234448e196d52758ac1753478df25006faf8ec492ac0f34d2
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
79557d5c05f2802c3e0faccfa624589ddb5f915a3f122a80329e34df6410187d
81e478e7ec1b80a2e6337818b3c3b70f2a0e457c34b629942f99c33eed9be09d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6
9aa655dbe076f489be9d4143f4e9a98d00baa1534d5e45400a3e45c964675565
b551a849d1bce08b2b45c2b95be5d5524d54abecd06cb8c1f80152749c71f0d8
b56637870f572d48678730895f99ce517fcc8c7278c4c133e21c7d8571a67635
c0b45a6925facd02442d24c15903cc25c9c8f06cbf2b75cb158ac8274ad82dc5
cab62655a8a12508097f723e002755677779cc075e4cef2aba29c33611e83932
d3a416a08f97860d4476a33aef0bfec290e58bf128b4fdb6be80541bd725cc46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f3277272b28ee18cb9aea4fbf397d07ec4f684d98ef074f80ed827ee1aeab566
f451191b0b30b755b9ee2d820e18e185ab9fe0687e3141d584a8bbff833bc958
feb225f463db295abcfaed6a1b6f9188de5e6f528ee3c1133fd6c0ebaba3afbc

www.saxychick.net Open in urlscan Pro 2a05:d018:244:5200::ab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

40 Requests

83 %HTTPS

67 %IPv6

13 Domains

16 Subdomains

14 IPs

4 Countries

513 kBTransfer

2251 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.saxychick.net Open in urlscan Pro
2a05:d018:244:5200::ab Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

83 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

14
IPs

4
Countries

513 kB
Transfer

2251 kB
Size

4
Cookies

40 HTTP transactions
0 data transactions