sextans.com Open in urlscan Pro
70.32.109.209  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://etronics4u.com/laboringsl.php?utm_source=5bbf0db\u0026utm_con\ Page URL
2. https://sextans.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	laboringsl.php etronics4u.com/	311 B 738 B	816ms 659ms	Document text/html	107.180.119.198 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://etronics4u.com/laboringsl.php?utm_source=5bbf0db\u0026utm_con\ Protocol HTTP/1.1 Server 107.180.119.198 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-119-198.ip.secureserver.net Software Apache / PHP/5.4.45 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Wed, 26 Jan 2022 15:21:17 GMT Server Apache X-Powered-By PHP/5.4.45 Expires Wed, 26 Jan 2022 14:51:18 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Pragma no-cache Content-Encoding gzip Vary Accept-Encoding Upgrade h2,h2c Connection Upgrade, Keep-Alive Last-Modified Wed, 26 Jan 2022 14:21:18 GMT Keep-Alive timeout=5 Transfer-Encoding chunked Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	Primary Request / Show response sextans.com/	83 KB 26 KB	765ms 499ms	Document text/html	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Full URL https://sextans.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PleskLin Resource Hash 592a6425b4e531934bd313ae52211e18a9ca0687c6186b1da8929fade84f693b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://etronics4u.com/ Response headers Server nginx Date Wed, 26 Jan 2022 15:21:19 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Access-Control-Max-Age 3600 Cache-Control public,max-age=3600 Expires Wed, 26 Jan 2022 16:21:18 GMT Pragma public Vary User-Agent,Accept-Encoding X-Frame-Options sameorigin X-Content-Type-Options nosniff Content-Encoding gzip X-Powered-By PleskLin
GET H2	200	css fonts.googleapis.com/	13 KB 1 KB	87ms 34ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Playfair+Display:400,400i,700|Overpass:100,400,700,900 Requested by Host: sextans.com URL: https://sextans.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 73f700e828a5d327fd95e9d2c2fe6094f4f45da0df2110e623c70e8e8aca83fb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 26 Jan 2022 15:21:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 26 Jan 2022 15:21:19 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 26 Jan 2022 15:21:19 GMT
GET H/1.1	200 OK	style.css sextans.com/assets/	328 KB 57 KB	159ms 159ms	Stylesheet text/css	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Full URL https://sextans.com/assets/style.css?4474b4c1 Requested by Host: sextans.com URL: https://sextans.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PleskLin Resource Hash 618dc8018b6e606bd825ea91a148ea2d3eba1d06e1a3ad904329d2a0eb941228 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 26 Jan 2022 15:21:19 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 15 Jan 2021 19:16:10 GMT Server nginx X-Powered-By PleskLin X-Frame-Options sameorigin Content-Type text/css Connection keep-alive Accept-Ranges bytes Vary Accept-Encoding,User-Agent Content-Length 58091 ETag "168708-520cb-5b8f5347c77c1"
GET H/1.1	200 OK	1cominar3.jpg sextans.com/assets/images/projects/	275 KB 275 KB	243ms 117ms	Image image/jpg	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://sextans.com/assets/images/projects/1cominar3.jpg?width=1500&height=1000 Requested by Host: sextans.com URL: https://sextans.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PHP/7.3.25, PleskLin Resource Hash 5a825dcd9fc973ac39113a44d8d119e9a78ca9af42e114bd93c1a4087e1bba8d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma public Date Wed, 26 Jan 2022 15:21:19 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options sameorigin X-Powered-By PHP/7.3.25, PleskLin Vary User-Agent Content-Type image/jpg Access-Control-Max-Age 216000 Cache-Control public,max-age=216000 Connection keep-alive Content-Length 281357 Expires Sat, 29 Jan 2022 03:21:19 GMT
GET H/1.1	200 OK	altexpoArtboard_12.jpg sextans.com/assets/images/projects/	458 KB 458 KB	303ms 114ms	Image image/jpg	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://sextans.com/assets/images/projects/altexpoArtboard_12.jpg?width=1500&height=1000 Requested by Host: sextans.com URL: https://sextans.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PHP/7.3.25, PleskLin Resource Hash 9d2b7f9f4012919c62c625902b9976e983b500bf694aacba7df9ad296b722032 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma public Date Wed, 26 Jan 2022 15:21:19 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options sameorigin X-Powered-By PHP/7.3.25, PleskLin Vary User-Agent Content-Type image/jpg Access-Control-Max-Age 216000 Cache-Control public,max-age=216000 Connection keep-alive Content-Length 468992 Expires Sat, 29 Jan 2022 03:21:19 GMT
GET H/1.1	200 OK	clem7.jpg sextans.com/assets/images/projects/	284 KB 284 KB	499ms 276ms	Image image/jpg	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://sextans.com/assets/images/projects/clem7.jpg?width=1500&height=1000 Requested by Host: sextans.com URL: https://sextans.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PHP/7.3.25, PleskLin Resource Hash 7dba49399e1a416a812d826f5fcd72bdcacc0c49dca14ba762ff2ce1cc813c44 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma public Date Wed, 26 Jan 2022 15:21:19 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options sameorigin X-Powered-By PHP/7.3.25, PleskLin Vary User-Agent Content-Type image/jpg Access-Control-Max-Age 216000 Cache-Control public,max-age=216000 Connection keep-alive Content-Length 290329 Expires Sat, 29 Jan 2022 03:21:19 GMT
GET H/1.1	200 OK	script.js Show response sextans.com/assets/	108 KB 27 KB	453ms 234ms	Script text/javascript	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Full URL https://sextans.com/assets/script.js?2a4f36c8 Requested by Host: sextans.com URL: https://sextans.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PleskLin Resource Hash 79f1f94b061f44a02c7f757b1d97b283bdb9c8103729b4fd1fe01ac1496cb1ab Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 26 Jan 2022 15:21:19 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 15 Jan 2021 19:16:12 GMT Server nginx X-Powered-By PleskLin X-Frame-Options sameorigin Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Vary Accept-Encoding,User-Agent Content-Length 27708 ETag "168776-1b1fe-5b8f5349d55c4"
GET H/1.1	200 OK	home.js Show response sextans.com/assets/	99 KB 30 KB	130ms 129ms	Script text/javascript	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Full URL https://sextans.com/assets/home.js?2a4f36c8 Requested by Host: sextans.com URL: https://sextans.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PleskLin Resource Hash b27e323ccd5f175dfc596f62b33365dbbb50ba882845d309d82c9faa559861d7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 26 Jan 2022 15:21:19 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 15 Jan 2021 19:16:12 GMT Server nginx X-Powered-By PleskLin X-Frame-Options sameorigin Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Vary Accept-Encoding,User-Agent Content-Length 30574 ETag "1684f4-18b53-5b8f5349d2acc"
GET H2	200	gtm.js Show response www.googletagmanager.com/	140 KB 52 KB	101ms 48ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K8VZBR Requested by Host: sextans.com URL: https://sextans.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ca11cc376e5322a8016e7ebab1ff544b547dd111d5e53012a50109987b3f2d7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 15:21:19 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52646 x-xss-protection 0 last-modified Wed, 26 Jan 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 26 Jan 2022 15:21:19 GMT
GET H/1.1	200 OK	splash-arrow.svg sextans.com/assets/icons/	205 B 569 B	344ms 116ms	Image image/svg+xml	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://sextans.com/assets/icons/splash-arrow.svg Requested by Host: sextans.com URL: https://sextans.com/assets/style.css?4474b4c1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PleskLin Resource Hash 9a2a1b30ef76dfc11af3890cc8d9ae0a48667643887a90e133fb2861ea0e7f9e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/assets/style.css?4474b4c1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 26 Jan 2022 15:21:19 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 15 Jan 2021 19:16:38 GMT Server nginx X-Powered-By PleskLin X-Frame-Options sameorigin Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Vary Accept-Encoding,User-Agent Content-Length 179 ETag "160290-cd-5b8f53621ddfd"
GET H2	200	qFdH35WCmI96Ajtm81GlU9s.woff2 fonts.gstatic.com/s/overpass/v7/	38 KB 38 KB	80ms 32ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/overpass/v7/qFdH35WCmI96Ajtm81GlU9s.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Playfair+Display:400,400i,700|Overpass:100,400,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://sextans.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 20 Jan 2022 09:56:19 GMT x-content-type-options nosniff age 537900 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38496 x-xss-protection 0 last-modified Wed, 10 Nov 2021 18:13:56 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 20 Jan 2023 09:56:19 GMT
GET H2	200	nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2 fonts.gstatic.com/s/playfairdisplay/v25/	19 KB 20 KB	71ms 23ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/playfairdisplay/v25/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Playfair+Display:400,400i,700|Overpass:100,400,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15ab2ac571d4f4d6053452253252cc8412177b83a8d22de0bbe95a9e1cc69a37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://sextans.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 02:46:49 GMT x-content-type-options nosniff age 45270 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19780 x-xss-protection 0 last-modified Wed, 10 Nov 2021 18:11:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 02:46:49 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	69ms 17ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8VZBR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6385 date Wed, 26 Jan 2022 13:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 26 Jan 2022 15:34:54 GMT
GET H2	200	hotjar-1553371.js Show response static.hotjar.com/c/	5 KB 2 KB	96ms 49ms	Script application/javascript	18.66.97.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1553371.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8VZBR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-37.fra56.r.cloudfront.net Software / Resource Hash fc60937af94e1de1b9de8c166cba79898c1ab5d8e51452117768877f8b678767 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 15:21:19 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop FRA56-P2 etag W/970754df9ce7f8018edae67a1544796c vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id IMy4x_J4iwbZzePXFHacH9Wf6eQn8oktywWxkcuTlrCJ6bkPg0EHHA== via 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
GET H/1.1	200 OK	particles.json Show response sextans.com/assets/	2 KB 2 KB	132ms 115ms	XHR application/json	70.32.109.209 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Full URL https://sextans.com/assets/particles.json Requested by Host: sextans.com URL: https://sextans.com/assets/script.js?2a4f36c8 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.32.109.209 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US), Reverse DNS rtb5-shyh.accessdomain.com Software nginx / PleskLin Resource Hash 1b3a7e5ffd7dcaaaa5469a3ca7fa1a22b6571beed90c998fd885f31a9a099ef2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 26 Jan 2022 15:21:19 GMT X-Content-Type-Options nosniff Last-Modified Wed, 18 Sep 2019 20:44:46 GMT Server nginx X-Powered-By PleskLin X-Frame-Options sameorigin Content-Type application/json Connection keep-alive Accept-Ranges bytes Vary User-Agent Content-Length 1978 ETag "168773-7ba-592d9e8546613"
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 204 B	27ms 25ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1473462325&t=pageview&_s=1&dl=https%3A%2F%2Fsextans.com%2F&dr=http%3A%2F%2Fetronics4u.com%2F&ul=en-us&de=UTF-8&dt=Sextans%20%7C%C2%A0Agence%20de%20Design%20%26%20Branding%20Num%C3%A9rique%20%C3%A0%20Montr%C3%A9al&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=973845512&gjid=1945845307&cid=726779198.1643210480&tid=UA-336229-1&_gid=1718431444.1643210480&_r=1&gtm=2wg1o0K8VZBR&z=1745622397 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://sextans.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 26 Jan 2022 15:21:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://sextans.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.a389f57d0ad3cbd8094d.js Show response script.hotjar.com/	230 KB 61 KB	155ms 73ms	Script application/javascript	18.66.2.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.a389f57d0ad3cbd8094d.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1553371.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-48.txl50.r.cloudfront.net Software / Resource Hash c9af4a6f50315626992164b4a9af6226cecdd6ef5d125843eca426304f3fedfa Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 14:27:06 GMT content-encoding br x-content-type-options nosniff age 3254 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 61698 access-control-allow-origin * last-modified Wed, 26 Jan 2022 14:26:35 GMT etag "924fdfe3dc65e55ee74f0fd0e4d06766" vary Accept-Encoding content-type application/javascript via 1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop TXL50-P1 accept-ranges bytes x-robots-tag none x-amz-cf-id gUoEyW6GkCRChg0GhE_1oH1SO7waS4QIGG-xtD3XhY7LQTNIN3zRbg==
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 436 B	178ms 38ms	XHR text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-336229-1&cid=726779198.1643210480&jid=973845512&gjid=1945845307&_gid=1718431444.1643210480&_u=YEBAAEAAAAAAAC~&z=1390506293 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://sextans.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 26 Jan 2022 15:21:20 GMT content-type text/plain access-control-allow-origin https://sextans.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	box-ad575b5823df97fc9725e14a57070642.html Show response vars.hotjar.com/ Frame E058	2 KB 1 KB	148ms 35ms	Document text/html	18.66.139.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1553371.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-40.fra60.r.cloudfront.net Software / Resource Hash f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sextans.com/ Response headers content-type text/html content-length 1050 date Tue, 16 Nov 2021 11:16:06 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin etag "a123045c9cc95cfe44d6b5d126b9f1a7" last-modified Tue, 16 Nov 2021 11:15:47 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 x-amz-cf-id spDrfzvMVHtcS_fZDAXIGmp4KokxbBaczPsa3DC2gCprasvmLavqqg== age 6149114
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1553371/	146 B 321 B	141ms 45ms	XHR application/json	18.202.160.2 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1553371/visit-data?sv=7 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.a389f57d0ad3cbd8094d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.160.2 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-160-2.eu-west-1.compute.amazonaws.com Software / Resource Hash 30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e Request headers Referer https://sextans.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Wed, 26 Jan 2022 15:21:20 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
POST H/1.1	200 OK	content Show response ws4.hotjar.com/api/v2/sites/1553371/recordings/	66 B 396 B	343ms 149ms	XHR application/json	52.48.181.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws4.hotjar.com/api/v2/sites/1553371/recordings/content Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.a389f57d0ad3cbd8094d.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.181.63 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-48-181-63.eu-west-1.compute.amazonaws.com Software / Resource Hash e87d29a34f9620425118b1ca162541c523d06662fd06e54a918d1f090f2ff970 Request headers Referer https://sextans.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers Date Wed, 26 Jan 2022 15:21:20 GMT Content-Encoding br Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin * Access-Control-Max-Age 86400 Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Transfer-Encoding chunked

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| fp_utils function| fp_parallaxExtension function| IScroll object| fp_scrolloverflow object| fp_easings object| fullpage_api object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sextans.com/	1969-12-31 23:59:59	Name: PSID Value: b1ieiils6ltf1g0l36r21ppkhr
			.sextans.com/	1970-01-20 17:58:02	Name: _ga Value: GA1.2.726779198.1643210480
			.sextans.com/	1970-01-20 00:28:16	Name: _gid Value: GA1.2.1718431444.1643210480
			.sextans.com/	1970-01-20 00:26:50	Name: _gat_UA-336229-1 Value: 1
			.sextans.com/	1970-01-20 09:12:26	Name: _hjSessionUser_1553371 Value: eyJpZCI6ImU4YTIyMjQ3LTk0YTYtNTIyNC04NjY1LTUwZTcwZjNiNDE1MyIsImNyZWF0ZWQiOjE2NDMyMTA0ODAxODAsImV4aXN0aW5nIjpmYWxzZX0=
			.sextans.com/	1970-01-20 00:26:52	Name: _hjFirstSeen Value: 1
			sextans.com/	1970-01-20 00:26:50	Name: _hjIncludedInSessionSample Value: 1
			.sextans.com/	1970-01-20 00:26:52	Name: _hjSession_1553371 Value: eyJpZCI6IjAzZTY2ZDhlLTdiZDgtNDY5OC1iMjgyLTFlMWRiNzEzNWY1ZSIsImNyZWF0ZWQiOjE2NDMyMTA0ODAzMjksImluU2FtcGxlIjp0cnVlfQ==
			sextans.com/	1970-01-20 00:26:50	Name: _hjIncludedInPageviewSample Value: 1
			.sextans.com/	1970-01-20 00:26:52	Name: _hjAbsoluteSessionInProgress Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

etronics4u.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
script.hotjar.com
sextans.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
ws4.hotjar.com
www.google-analytics.com
www.googletagmanager.com
107.180.119.198
18.202.160.2
18.66.139.40
18.66.2.48
18.66.97.37
2a00:1450:4001:809::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9d
52.48.181.63
70.32.109.209
15ab2ac571d4f4d6053452253252cc8412177b83a8d22de0bbe95a9e1cc69a37
1b3a7e5ffd7dcaaaa5469a3ca7fa1a22b6571beed90c998fd885f31a9a099ef2
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
592a6425b4e531934bd313ae52211e18a9ca0687c6186b1da8929fade84f693b
5a825dcd9fc973ac39113a44d8d119e9a78ca9af42e114bd93c1a4087e1bba8d
618dc8018b6e606bd825ea91a148ea2d3eba1d06e1a3ad904329d2a0eb941228
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73f700e828a5d327fd95e9d2c2fe6094f4f45da0df2110e623c70e8e8aca83fb
79f1f94b061f44a02c7f757b1d97b283bdb9c8103729b4fd1fe01ac1496cb1ab
7dba49399e1a416a812d826f5fcd72bdcacc0c49dca14ba762ff2ce1cc813c44
995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f
9a2a1b30ef76dfc11af3890cc8d9ae0a48667643887a90e133fb2861ea0e7f9e
9d2b7f9f4012919c62c625902b9976e983b500bf694aacba7df9ad296b722032
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b27e323ccd5f175dfc596f62b33365dbbb50ba882845d309d82c9faa559861d7
c9af4a6f50315626992164b4a9af6226cecdd6ef5d125843eca426304f3fedfa
ca11cc376e5322a8016e7ebab1ff544b547dd111d5e53012a50109987b3f2d7e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e87d29a34f9620425118b1ca162541c523d06662fd06e54a918d1f090f2ff970
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
fc60937af94e1de1b9de8c166cba79898c1ab5d8e51452117768877f8b678767