urlscan.io logo urlscan.io
SecurityTrails logo

www.saxychick.net Open in urlscan Pro
2a05:d018:244:5200::ab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped
Effective URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=12...
Submission: On August 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 29 HTTP transactions. The main IP is 2a05:d018:244:5200::ab, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.saxychick.net.
TLS certificate: Issued by R3 on July 27th 2021. Valid for: 3 months.
This is the only time www.saxychick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 46.150.13.31 47513 (SKYLINE-U...)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.198.80.68 16509 (AMAZON-02)
2 2 213.227.135.213 60781 (LEASEWEB-...)
2 2 213.227.134.194 60781 (LEASEWEB-...)
1 2 2a05:d018:244... 16509 (AMAZON-02)
14 2.16.186.80 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
29 9
4    46.150.13.31 (Kharkiv, Ukraine)

ASN47513 (SKYLINE-UA-AS ISP Skyline, UA)
PTR: 46-150-13-31.protservers.com
lithel.gq
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    18.198.80.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-80-68.eu-central-1.compute.amazonaws.com
trk.epsilonlink.com
trk.ultrabetas.com
2    213.227.135.213 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
track.advertpull.com
2    213.227.134.194 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
track.cpanda.me
2    2a05:d018:244:5200::ab (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
wemwxk.teens4love.com
www.saxychick.net
14    2.16.186.80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com
cdn-bimi.akamaized.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
14 cdn-bimi.akamaized.net www.saxychick.net
4 lithel.gq lithel.gq
ajax.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
2 track.cpanda.me 2 redirects
2 track.advertpull.com
1 www.googletagmanager.com www.saxychick.net
1 fonts.googleapis.com cdn-bimi.akamaized.net
1 www.saxychick.net trk.ultrabetas.com
1 wemwxk.teens4love.com 1 redirects
1 trk.ultrabetas.com trk.epsilonlink.com
1 trk.epsilonlink.com lithel.gq
1 ajax.googleapis.com lithel.gq
29 12

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
trk.epsilonlink.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
trk.ultrabetas.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
*.saxychick.net
R3		 2021-07-27 -
2021-10-25		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Frame ID: 0279D17CCE4154D921EB6BFFD83D2EF5
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped Page URL
  2. https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={1606}&email={email}&CampaignID=... Page URL
  3. https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OT... Page URL
  4. https://track.advertpull.com/click?pid=9930&offer_id=6705&sub1=w39an3fa6km6k3m920678a9q&sub2=1248 HTTP 302
    https://track.advertpull.com/click?pid=9930&offer_id=6936&sub1=w39an3fa6km6k3m920678a9q&sub2=1248&sub3=&s... HTTP 302
    http://track.cpanda.me/sl?id=5c47226bce365a58ba6548d3&pid=9930&sub1=w39an3fa6km6k3m920678a9q&sub2=1... HTTP 302
    http://track.cpanda.me/click?pid=9930&offer_id=2375&sub1=w39an3fa6km6k3m920678a9q&sub2=1248&sub3=&s... HTTP 302
    https://wemwxk.teens4love.com/c/1e3a4e532f1c7040?s1=120341&s2=1255332&s3=9930&s5=1248&click_id=611343bb9a0... HTTP 302
    https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&l... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

29
Requests

76 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

9
IPs

4
Countries

380 kB
Transfer

1875 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped Page URL
  2. https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={1606}&email={email}&CampaignID={CampaignID}&S1=1248&aff_id=100205&flow_id={flow_id} Page URL
  3. https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9dzM5YW4zZmE2a202azNtOTIwNjc4YTlxJnN1YjI9MTI0OA&ts=1628652474903&hash=fY1vYog25g5z1qQWhyV6AFMmOgb2Wmn4_WIaDED1HSg&rm=DJ Page URL
  4. https://track.advertpull.com/click?pid=9930&offer_id=6705&sub1=w39an3fa6km6k3m920678a9q&sub2=1248 HTTP 302
    https://track.advertpull.com/click?pid=9930&offer_id=6936&sub1=w39an3fa6km6k3m920678a9q&sub2=1248&sub3=&sub4=&sub5=6705 HTTP 302
    http://track.cpanda.me/sl?id=5c47226bce365a58ba6548d3&pid=9930&sub1=w39an3fa6km6k3m920678a9q&sub2=1248&sub3=&sub4=&sub5=6936 HTTP 302
    http://track.cpanda.me/click?pid=9930&offer_id=2375&sub1=w39an3fa6km6k3m920678a9q&sub2=1248&sub3=&sub6=GLOBAL_TB_0&sub5=0 HTTP 302
    https://wemwxk.teens4love.com/c/1e3a4e532f1c7040?s1=120341&s2=1255332&s3=9930&s5=1248&click_id=611343bb9a08b70001160b1a&j1=1&j3=1&j8=1 HTTP 302
    https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
vamped
lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped
Protocol
HTTP/1.1
Server
46.150.13.31 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
46-150-13-31.protservers.com
Software
nginx /
Resource Hash
045434e47c9dafa1ab8ea67064ca365621f4b8dff0f27bebeb9ff055edab2ae5

Request headers

Host
lithel.gq
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Wed, 11 Aug 2021 03:27:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: lithel.gq
URL: http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 03:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Aug 2022 03:09:44 GMT
789875340.2837065345.2155233389.526666680
lithel.gq/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lithel.gq/789875340.2837065345.2155233389.526666680
Requested by
Host: lithel.gq
URL: http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped
Protocol
HTTP/1.1
Server
46.150.13.31 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
46-150-13-31.protservers.com
Software
nginx /
Resource Hash
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lithel.gq
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 03:27:49 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
14742
Expires
0
vamped&p=a
lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/ 		156 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped&p=a
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Server
46.150.13.31 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
46-150-13-31.protservers.com
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://lithel.gq
Accept-Encoding
gzip, deflate
Host
lithel.gq
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Content-Length
0
Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 03:27:49 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
E4YlhWMD0=
lithel.gq/M1k4em1MSCs1dE1Y/OWk4ZFc5/VUh/5Vy8yS3NxNmgxMDU1/N09vdG/ 		0
191 B 		Script
General
Check archive.org
Download Go to
Full URL
http://lithel.gq/M1k4em1MSCs1dE1Y/OWk4ZFc5/VUh/5Vy8yS3NxNmgxMDU1/N09vdG/E4YlhWMD0=
Requested by
Host: lithel.gq
URL: http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped
Protocol
HTTP/1.1
Server
46.150.13.31 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
46-150-13-31.protservers.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lithel.gq
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 03:27:49 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cookie set f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f
trk.epsilonlink.com/ 		802 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={1606}&email={email}&CampaignID={CampaignID}&S1=1248&aff_id=100205&flow_id={flow_id}
Requested by
Host: lithel.gq
URL: http://lithel.gq/cephalalgic/2310481785/beggarism/1628649829/strategist/vamped
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.198.80.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-68.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
trk.epsilonlink.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Wed, 11 Aug 2021 03:27:54 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
802
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f-v4=f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f; Max-Age=86400; Expires=Thu, 12-Aug-2021 03:27:54 GMT; Domain=trk.epsilonlink.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=dQpWzE0uF3snCCvw7xbcLtScxefROEZLS48Q2nvU1iuZ7QI6UDBfDYizILloFterLUe11Ygw%2BuqHsJQGza1%2Fs4jyuBj65KXIck7Bk60%2B7LB8Dukyig7sfEADyWuNpyxXVJBWGBZogC1%2BpsYEBUWFqQ%3D%3D; Max-Age=31536000; Expires=Thu, 11-Aug-2022 03:27:54 GMT; Domain=trk.epsilonlink.com; Path=/; Secure; HttpOnly;SameSite=None
redirect
trk.ultrabetas.com/ 		0
0
redirect
trk.ultrabetas.com/ 		486 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9dzM5YW4zZmE2a202azNtOTIwNjc4YTlxJnN1YjI9MTI0OA&ts=1628652474903&hash=fY1vYog25g5z1qQWhyV6AFMmOgb2Wmn4_WIaDED1HSg&rm=DJ
Requested by
Host: trk.epsilonlink.com
URL: https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={1606}&email={email}&CampaignID={CampaignID}&S1=1248&aff_id=100205&flow_id={flow_id}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.198.80.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-68.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fdc18129d3aae073cc95435e29f2be8c23bc3196c237a85aefff3271b0c06128

Request headers

Host
trk.ultrabetas.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://trk.epsilonlink.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://trk.epsilonlink.com/

Response headers

Server
nginx
Date
Wed, 11 Aug 2021 03:27:55 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
486
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
click
track.advertpull.com/ 		0
0
Primary Request 4c8a669b83e6c2d3
www.saxychick.net/c/
Redirect Chain
  • https://track.advertpull.com/click?pid=9930&offer_id=6705&sub1=w39an3fa6km6k3m920678a9q&sub2=1248
  • https://track.advertpull.com/click?pid=9930&offer_id=6936&sub1=w39an3fa6km6k3m920678a9q&sub2=1248&sub3=&sub4=&sub5=6705
  • http://track.cpanda.me/sl?id=5c47226bce365a58ba6548d3&pid=9930&sub1=w39an3fa6km6k3m920678a9q&sub2=1248&sub3=&sub4=&sub5=6936
  • http://track.cpanda.me/click?pid=9930&offer_id=2375&sub1=w39an3fa6km6k3m920678a9q&sub2=1248&sub3=&sub6=GLOBAL_TB_0&sub5=0
  • https://wemwxk.teens4love.com/c/1e3a4e532f1c7040?s1=120341&s2=1255332&s3=9930&s5=1248&click_id=611343bb9a08b70001160b1a&j1=1&j3=1&j8=1
  • https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Requested by
Host: trk.ultrabetas.com
URL: https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9dzM5YW4zZmE2a202azNtOTIwNjc4YTlxJnN1YjI9MTI0OA&ts=1628652474903&hash=fY1vYog25g5z1qQWhyV6AFMmOgb2Wmn4_WIaDED1HSg&rm=DJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fce87465ad65262c993621133636c2425657259311a7ef1b5e94b43f493ed378

Request headers

:method
GET
:authority
www.saxychick.net
:scheme
https
:path
/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9dzM5YW4zZmE2a202azNtOTIwNjc4YTlxJnN1YjI9MTI0OA&ts=1628652474903&hash=fY1vYog25g5z1qQWhyV6AFMmOgb2Wmn4_WIaDED1HSg&rm=DJ

Response headers

server
nginx
date
Wed, 11 Aug 2021 03:27:55 GMT
content-type
text/html; charset=utf-8
set-cookie
unique_411736=unique_411736; Path=/; Expires=Sun, 10 Oct 2021 03:27:55 GMT; Secure; SameSite=None unique_id=60ae5ff20008f4d8; Path=/; Expires=Sun, 10 Oct 2021 03:27:55 GMT; Secure; SameSite=None unique_id2=60ae5ff20008f4d8; Path=/; Expires=Tue, 09 Nov 2021 03:27:55 GMT; Secure; SameSite=None impression=; Path=/; Expires=Wed, 11 Aug 2021 03:27:55 GMT; Secure; SameSite=None 60ae5ff20008f4d8_sl=[202250]; Path=/; Expires=Wed, 25 Aug 2021 03:27:55 GMT; Secure; SameSite=None
content-encoding
gzip

Redirect headers

server
nginx
date
Wed, 11 Aug 2021 03:27:55 GMT
content-type
text/html; charset=utf-8
content-length
202
location
https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
set-cookie
unique_543988=unique_543988; Path=/; Expires=Sun, 10 Oct 2021 03:27:55 GMT; Secure; SameSite=None unique_id=6110bc06000e9e2a; Path=/; Expires=Sun, 10 Oct 2021 03:27:55 GMT; Secure; SameSite=None unique_id2=6110bc06000e9e2a; Path=/; Expires=Tue, 09 Nov 2021 03:27:55 GMT; Secure; SameSite=None impression=; Path=/; Expires=Wed, 11 Aug 2021 03:27:55 GMT; Secure; SameSite=None tid=tknwd611343bb0002569e; Path=/; Expires=Thu, 16 Jul 2026 03:27:55 GMT; Secure; SameSite=None
main.css
cdn-bimi.akamaized.net/landings/202250/1619701318/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/css/main.css?1619701318
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0f1e388e0a95c88af6029b0cc8420122dc6014dacb48a49d27b6750044912b0a

Request headers

Referer
https://www.saxychick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 03:27:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 13:02:00 GMT
Server
AmazonS3
x-amz-request-id
VMBFS6N7SMZ5BBMG
ETag
"c65aa6a6430015f578046fa12f5cbed7"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1472
x-amz-id-2
Z4L/0YbJj60ZWTDW2lShfM8zgrIihLEbjXYo6HLMYUywHfLyNgQSnRaMa0CTD5ISnTDoN1EGowM=
jquery.min.js
cdn-bimi.akamaized.net/landings/202250/1619701318/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/js/jquery.min.js?1619701318
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://www.saxychick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 03:27:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 13:02:00 GMT
Server
AmazonS3
x-amz-request-id
76490RRB6Y52X7NM
ETag
"2f6b11a7e914718e0290410e85366fe9"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
29855
x-amz-id-2
Bi7VOxGl36d7hzrM9GKtfEIq0vF54n0PRNc6yUjwFBmxkz9/lgPIJz+2MpzXQSksQfZP2OOf7xM=
function.js
cdn-bimi.akamaized.net/landings/202250/1619701318/js/ 		753 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/js/function.js?1619701318
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
308cb4391cda1dbf6f9de8815bfbc8aa7ef960ea8980f73e5f06021432ab963e

Request headers

Referer
https://www.saxychick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 03:27:55 GMT
Last-Modified
Thu, 29 Apr 2021 13:02:00 GMT
Server
AmazonS3
x-amz-request-id
VMB8PHMG9TTVCN49
ETag
"6f0bd0e0b7bd55dea2a2a6ab43c8d9d5"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
753
x-amz-id-2
H92RqpBdV18g4VDOmw/p7Of+mDSmgIuIR37wDvdikF1aWmlWw0OlYs3UxkACOLMrNaNQiSfxkX0=
video.js
cdn-bimi.akamaized.net/landings/202250/1619701318/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/js/video.js?1619701318
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
feb225f463db295abcfaed6a1b6f9188de5e6f528ee3c1133fd6c0ebaba3afbc

Request headers

Referer
https://www.saxychick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 03:27:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 13:02:00 GMT
Server
AmazonS3
x-amz-request-id
7648PQGAHJ50XF64
ETag
"97307c7800fbe9135b69e00de49104e6"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
3495
x-amz-id-2
VOGhRSdbH3n1RUPpP16T56F5eaesIjz5PfwQ2H1Rs6sr9IDL58MTLRw+HWe8X3mZ3x0w64YZ4Ko=
translates.js
cdn-bimi.akamaized.net/landings/202250/1619701318/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/js/translates.js?1619701318
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
79557d5c05f2802c3e0faccfa624589ddb5f915a3f122a80329e34df6410187d

Request headers

Referer
https://www.saxychick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 03:27:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 13:02:01 GMT
Server
AmazonS3
x-amz-request-id
7644EX43PVGJWQZS
ETag
"00f026284018ababf5006ba26b5b683a"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
7998
x-amz-id-2
YCQ2V6oijupbFX9pu8Btq3afatQ9jSo5fBfpiUzt/+6rbucNjihf6kFCSPf3PJe87q2XqygUmR4=
girl1.jpg
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/girl1.jpg
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cab62655a8a12508097f723e002755677779cc075e4cef2aba29c33611e83932

Request headers

Referer
https://www.saxychick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 03:27:55 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
7643TDAGKPSN7GPR
etag
"0a7cf3eed86992aa4032063cf3417900"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
197398
x-amz-id-2
no93qGsIcjU30f4kR0ASfHwU7T4O0qb3f/vZ+uYzq0RXiJunFMYBYNCMypb6BxK07VuZymMwekI=
quic-version
Q050
css
fonts.googleapis.com/ 		5 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,700
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/202250/1619701318/css/main.css?1619701318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8259f9ff374f5c6e5b4f554f284e27d62d094e777a650dee2fef89ce55b1c055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-bimi.akamaized.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 02:14:56 GMT
server
ESF
date
Wed, 11 Aug 2021 03:27:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Aug 2021 03:27:55 GMT
gtm.js
www.googletagmanager.com/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
977f21b3a6189ee98e51027a5d50bfd19f2b3e04d3f19b60a1fb01b76ad8f728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.saxychick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 03:27:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35305
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 03:27:55 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.saxychick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:31:26 GMT
x-content-type-options
nosniff
age
96989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:31:26 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.saxychick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:32:15 GMT
x-content-type-options
nosniff
age
96940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:32:15 GMT
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saxychick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 03:27:55 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
76448NFJ8FPQYK6A
etag
"45d4d1a835a000d1edd2d2875b25671a"
content-type
video/mp4
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1183655
x-amz-id-2
9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version
Q050
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		40 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.saxychick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 03:27:55 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
76448NFJ8FPQYK6A
etag
"45d4d1a835a000d1edd2d2875b25671a"
content-type
video/mp4
Content-Range
bytes 0-1183654/1183655
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1183655
x-amz-id-2
9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version
Q050
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d3a416a08f97860d4476a33aef0bfec290e58bf128b4fdb6be80541bd725cc46

Request headers

Referer
https://www.saxychick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1179648-

Response headers

date
Wed, 11 Aug 2021 03:27:55 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
76448NFJ8FPQYK6A
etag
"45d4d1a835a000d1edd2d2875b25671a"
content-type
video/mp4
Content-Range
bytes 1179648-1183654/1183655
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
4007
x-amz-id-2
9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version
Q050
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		0
0
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		72 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.saxychick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=589824-

Response headers

date
Wed, 11 Aug 2021 03:27:55 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
76448NFJ8FPQYK6A
etag
"45d4d1a835a000d1edd2d2875b25671a"
content-type
video/mp4
Content-Range
bytes 589824-1183654/1183655
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
593831
x-amz-id-2
9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version
Q050
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		220 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.saxychick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=884736-

Response headers

date
Wed, 11 Aug 2021 03:27:56 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
76448NFJ8FPQYK6A
etag
"45d4d1a835a000d1edd2d2875b25671a"
content-type
video/mp4
Content-Range
bytes 884736-1183654/1183655
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
298919
x-amz-id-2
9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version
Q050
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		576 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.saxychick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=32768-

Response headers

date
Wed, 11 Aug 2021 03:27:56 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
76448NFJ8FPQYK6A
etag
"45d4d1a835a000d1edd2d2875b25671a"
content-type
video/mp4
Content-Range
bytes 32768-1183654/1183655
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1150887
x-amz-id-2
9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version
Q050
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		296 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Requested by
Host: www.saxychick.net
URL: https://www.saxychick.net/c/4c8a669b83e6c2d3?click_id=tknwd611343bb0002569e&j4=&j5=&j6=%3Cj6%3E&j8=1&lp=MJ&s1=120341&s2=1255332&s3=backuser&s5=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.saxychick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=622592-

Response headers

date
Wed, 11 Aug 2021 03:27:56 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
76448NFJ8FPQYK6A
etag
"45d4d1a835a000d1edd2d2875b25671a"
content-type
video/mp4
Content-Range
bytes 622592-1183654/1183655
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
561063
x-amz-id-2
9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version
Q050
1.mp4
cdn-bimi.akamaized.net/landings/202250/1619701318/images/ 		100 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.saxychick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1081344-

Response headers

date
Wed, 11 Aug 2021 03:27:56 GMT
last-modified
Thu, 29 Apr 2021 13:02:00 GMT
server
AmazonS3
x-amz-request-id
76448NFJ8FPQYK6A
etag
"45d4d1a835a000d1edd2d2875b25671a"
content-type
video/mp4
Content-Range
bytes 1081344-1183654/1183655
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
102311
x-amz-id-2
9eSYZ+k4203b2x4tLNU8w72U0O78nDnf3gFNlgNAlflK/Ou4+ajsF5/+8ryeySpguWecajwfpKs=
quic-version
Q050

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trk.ultrabetas.com
URL
https://trk.ultrabetas.com/redirect?target=BASE64aHR0cHM6Ly90cmFjay5hZHZlcnRwdWxsLmNvbS9jbGljaz9waWQ9OTkzMCZvZmZlcl9pZD02NzA1JnN1YjE9dzM5YW4zZmE2a202azNtOTIwNjc4YTlxJnN1YjI9MTI0OA&ts=1628652474903&hash=fY1vYog25g5z1qQWhyV6AFMmOgb2Wmn4_WIaDED1HSg&rm=DJ
Domain
track.advertpull.com
URL
https://track.advertpull.com/click?pid=9930&offer_id=6705&sub1=w39an3fa6km6k3m920678a9q&sub2=1248
Domain
cdn-bimi.akamaized.net
URL
https://cdn-bimi.akamaized.net/landings/202250/1619701318/images/1.mp4

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _rup function| $ function| jQuery object| dataLayer object| google_tag_manager number| th_bridge_jump_step

4 Cookies

Domain/Path Name / Value
www.saxychick.net/ Name: 60ae5ff20008f4d8_sl
Value: [202250]
www.saxychick.net/ Name: unique_id2
Value: 60ae5ff20008f4d8
www.saxychick.net/ Name: unique_id
Value: 60ae5ff20008f4d8
www.saxychick.net/ Name: unique_411736
Value: unique_411736

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-bimi.akamaized.net
fonts.googleapis.com
fonts.gstatic.com
lithel.gq
track.advertpull.com
track.cpanda.me
trk.epsilonlink.com
trk.ultrabetas.com
wemwxk.teens4love.com
www.googletagmanager.com
www.saxychick.net
cdn-bimi.akamaized.net
track.advertpull.com
trk.ultrabetas.com
18.198.80.68
2.16.186.80
213.227.134.194
213.227.135.213
2a00:1450:4001:801::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::200a
2a05:d018:244:5200::ab
46.150.13.31
045434e47c9dafa1ab8ea67064ca365621f4b8dff0f27bebeb9ff055edab2ae5
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0f1e388e0a95c88af6029b0cc8420122dc6014dacb48a49d27b6750044912b0a
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
308cb4391cda1dbf6f9de8815bfbc8aa7ef960ea8980f73e5f06021432ab963e
79557d5c05f2802c3e0faccfa624589ddb5f915a3f122a80329e34df6410187d
8259f9ff374f5c6e5b4f554f284e27d62d094e777a650dee2fef89ce55b1c055
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6
977f21b3a6189ee98e51027a5d50bfd19f2b3e04d3f19b60a1fb01b76ad8f728
cab62655a8a12508097f723e002755677779cc075e4cef2aba29c33611e83932
d3a416a08f97860d4476a33aef0bfec290e58bf128b4fdb6be80541bd725cc46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
fce87465ad65262c993621133636c2425657259311a7ef1b5e94b43f493ed378
fdc18129d3aae073cc95435e29f2be8c23bc3196c237a85aefff3271b0c06128
feb225f463db295abcfaed6a1b6f9188de5e6f528ee3c1133fd6c0ebaba3afbc