urlscan.io logo urlscan.io
SecurityTrails logo

bustygirls4u.com Open in urlscan Pro
18.185.46.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kikdatex.fun/
Effective URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaig...
Submission: On December 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 18.185.46.83, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is bustygirls4u.com.
TLS certificate: Issued by Amazon on April 23rd 2021. Valid for: a year.
This is the only time bustygirls4u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.130.41.13 198610 (BEGET-AS)
1 4 18.185.46.83 16509 (AMAZON-02)
6 2600:9000:220... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.29.4.100 16509 (AMAZON-02)
7 52.28.215.89 16509 (AMAZON-02)
22 7
1    45.130.41.13 (Russian Federation)

ASN198610 (BEGET-AS, RU)
kikdatex.fun
4    18.185.46.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-46-83.eu-central-1.compute.amazonaws.com
bustygirls4u.com
6    2600:9000:2204:c600:6:74ba:b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.cdn2reference.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.29.4.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-4-100.eu-central-1.compute.amazonaws.com
retarget2core.com
7    52.28.215.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-215-89.eu-central-1.compute.amazonaws.com
pt-xb.xyz
Domain Requested by
7 pt-xb.xyz retarget2core.com
pt-xb.xyz
6 www.cdn2reference.com bustygirls4u.com
4 bustygirls4u.com 1 redirects kikdatex.fun
retarget2core.com
bustygirls4u.com
2 retarget2core.com www.cdn2reference.com
bustygirls4u.com
2 fonts.googleapis.com www.cdn2reference.com
1 www.googletagmanager.com bustygirls4u.com
1 kikdatex.fun
22 7

This site contains no links.

Subject Issuer Validity Valid
bustygirls4u.com
Amazon		 2021-04-23 -
2022-05-22		 a year crt.sh
cdn2reference.com
Amazon		 2021-11-10 -
2022-12-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
retarget2core.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
pt-xb.xyz
Amazon		 2021-08-27 -
2022-09-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Frame ID: 09017B9933D8D88CF38E29C6B1551141
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kikdatex.fun/ Page URL
  2. https://bustygirls4u.com/tds/ae?tdsId=s4220tka_r&tds_campaign=s4220tka&utm_sub=opnfnl&s1=ps&utm_sourc... HTTP 302
    https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygir... Page URL

Page Statistics

22
Requests

95 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1899 kB
Transfer

1988 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kikdatex.fun/ Page URL
  2. https://bustygirls4u.com/tds/ae?tdsId=s4220tka_r&tds_campaign=s4220tka&utm_sub=opnfnl&s1=ps&utm_source=int&affid=89db62bd&subid={subid}&clickid={clickid}&subid2={subid2} HTTP 302
    https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kikdatex.fun/ 		962 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
http://kikdatex.fun/
Protocol
HTTP/1.1
Server
45.130.41.13 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash
cebab1d34025785330913b59213a9392b209b141cd68edae0edf68f005abf7c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx-reuseport/1.21.1
Date
Fri, 03 Dec 2021 23:28:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=30
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
Content-Encoding
gzip
Primary Request jump
bustygirls4u.com/
Redirect Chain
  • https://bustygirls4u.com/tds/ae?tdsId=s4220tka_r&tds_campaign=s4220tka&utm_sub=opnfnl&s1=ps&utm_source=int&affid=89db62bd&subid={subid}&clickid={clickid}&subid2={subid2}
  • https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Requested by
Host: kikdatex.fun
URL: http://kikdatex.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.46.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-46-83.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fa91b44e553a1f938217c0b4141595bb9561ab93fac92220947c1d413e50a8ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://kikdatex.fun/

Response headers

date
Fri, 03 Dec 2021 23:28:45 GMT
content-type
text/html; charset=UTF-8
content-length
3481
server
nginx

Redirect headers

date
Fri, 03 Dec 2021 23:28:45 GMT
location
https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
server
nginx
accept-ch
UA, Platform, Model, Mobile, Arch
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
access-control-allow-origin
*
webPushMotivationPopupSmall.css
www.cdn2reference.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/css/webPushMotivationPopupSmall.css?v=2
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:c600:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:52:59 GMT
content-encoding
gzip
last-modified
Wed, 31 Oct 2018 08:29:51 GMT
server
nginx
age
23746
etag
W/"1340-579821b240313"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
8j-sJda9u4jTKhg3k-x2QEm2C4qtyJJd-Cu02S_Og4SFkWFyUQxGKQ==
399890d3b7a2afa077e549c2db994981.css
www.cdn2reference.com/landings/24839/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/landings/24839/css/399890d3b7a2afa077e549c2db994981.css
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:c600:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
63bde8a70255cd688b32b4e84f4b1369f99e3229d8a1825898f5760019894360

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 17:01:29 GMT
content-encoding
gzip
last-modified
Fri, 24 Sep 2021 14:13:34 GMT
server
nginx
age
23236
etag
W/"5fe-5ccbe5a46df80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
Rycp20cGigBtWeuI1RTjTqRIhKl_mpcLbFDlG6T8ShIKCHq-g0HQhA==
logo.png
www.cdn2reference.com/landings/24839/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/24839/images/logo.png
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:c600:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4fccb49ed61f6ea7bccf9bd494c2cce0246fff4dc9ad61133c0a292044c3047c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 03:06:25 GMT
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
last-modified
Fri, 17 Jul 2020 12:35:45 GMT
server
nginx
age
73340
etag
"281a-5aaa265544a40"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
10266
x-amz-cf-id
W1WWa47nWRrgKymeBtDkWm7dBfmACOeXki7wDA_r_Z7QkTEh4fTJEw==
1.gif
www.cdn2reference.com/landings/24839/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/24839/images/1.gif
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:c600:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
389819318a47c849b2dd91b01762ba6b693aa03a6726f9fb26c818c925d37427

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 05:13:49 GMT
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
last-modified
Fri, 17 Jul 2020 12:35:45 GMT
server
nginx
age
65696
etag
"1c6715-5aaa265544a40"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
1861397
x-amz-cf-id
FG8C7XYO4DxteapJFKoErYKp6J3ReMY5rNXn9f3fouGkUtw1ArvRGQ==
webPushMotivationPopupSmall.js
www.cdn2reference.com/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/js/webPushMotivationPopupSmall.js?v=8
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:c600:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:53:04 GMT
content-encoding
gzip
last-modified
Wed, 31 Oct 2018 08:31:29 GMT
server
nginx
age
23741
etag
W/"22c1-5798220f7ced0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
Z888ik3ek3RfvwLFhvv-Iij0hk0HxO_9GDc2VKaFeNJ-Dmeppfus6g==
dc_img.js
www.cdn2reference.com/js/ 		488 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/js/dc_img.js?v=8
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:c600:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 20:08:18 GMT
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
last-modified
Thu, 29 Oct 2020 09:22:15 GMT
server
nginx
age
12027
etag
"1e8-5b2cbd0d9620d"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
488
x-amz-cf-id
HtkhcTuNnOpfAYqw8oHgAKERUkla8-6zXYGzK3cnV63mwv1M9jdqpg==
css
fonts.googleapis.com/ 		1008 B
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Assistant
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/css/webPushMotivationPopupSmall.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a7e89545d76648565b32f99c4275de332fd9bb8d1ec0f16e2b2b5a6d5212479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cdn2reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 22:12:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Dec 2021 23:28:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Dec 2021 23:28:46 GMT
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/24839/css/399890d3b7a2afa077e549c2db994981.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d62cd75e614f457b86a7d8b62c6756559378d8c01a3141af92f7be57c08e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cdn2reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 23:14:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Dec 2021 23:28:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Dec 2021 23:28:46 GMT
gtm.js
www.googletagmanager.com/ 		111 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de4b6c855fc7a651c3672a2471125b69899135b0d20af54eb3159f3edfbd82a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42538
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Dec 2021 23:28:46 GMT
fp_ec.js
retarget2core.com/fp/ 		1 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://retarget2core.com/fp/fp_ec.js
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/js/dc_img.js?v=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.4.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-4-100.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
39f6585c09ef00d1ba4c49c049b9d359404d78ab5814d76cf4e482bdec00b6e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 16:09:15 GMT
server
nginx
etag
W/"50b-17d7be833f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=6
accept-ranges
bytes
x-robots-tag
noindex
main.js
pt-xb.xyz/c_js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/main.js?
Requested by
Host: retarget2core.com
URL: https://retarget2core.com/fp/fp_ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.215.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-215-89.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
d77e70de074e7aa92432f20bf0fda242f72b6c1f4f6915061e94bbc39a149569

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
content-encoding
gzip
etag
W/"205b-GNgMi/kyzVwKpiSHoYvA6/H4fww"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
mtu-integration-bridge.js
bustygirls4u.com/ 		739 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bustygirls4u.com/mtu-integration-bridge.js?
Requested by
Host: retarget2core.com
URL: https://retarget2core.com/fp/fp_ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.46.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-46-83.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a554bc01c16e43dc6dd258c927b93cba7cd06f82e1b0cbe177232bdf955c0246

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
last-modified
Thu, 02 Dec 2021 16:09:15 GMT
server
nginx
etag
W/"2e3-17d7be833f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=6
accept-ranges
bytes
x-robots-tag
noindex
content-length
739
ac3fc68831981c704535980c826941a5
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ 		35 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&j_type=open&jump=24839&jump_name=
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.4.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-4-100.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Dec 2021 23:28:46 GMT
access-control-allow-credentials
true
accept-ch
UA, Platform, Model, Mobile, Arch
content-type
image/gif
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
mtu-integration.js
bustygirls4u.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bustygirls4u.com/mtu-integration.js
Requested by
Host: bustygirls4u.com
URL: https://bustygirls4u.com/mtu-integration-bridge.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.46.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-46-83.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d4f032371c512aea083e8f0542955c8f78bb86385cce8af5a61cd9c9b174c6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 16:09:15 GMT
server
nginx
etag
W/"edc-17d7be833f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=6
accept-ranges
bytes
x-robots-tag
noindex
rtr.js
pt-xb.xyz/c_js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/rtr.js?placement=default&referer=http%3A%2F%2Fkikdatex.fun%2F&doc_location=https%253A%252F%252Fbustygirls4u.com%252Fjump%253Fid%253D24839%2526dci%253Dba85c52c49c0d15e74ee2f05a67a935880b3aafd%2526tds_host%253Dbustygirls4u.com%2526tds_campaign%253Db1853pet%2526s1%253Dps%2526utm_source%253Dint%2526tds_cid%253D17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7%2526utm_campaign%253D89db62bd%2526utm_content%253D%25257Bsubid%25257D%2526data2%253D%25257Bclickid%25257D%2526s3%253D%25257Bsubid2%25257D%2526tds_id%253Db1853pet_jump_c_1637136345987%2526tds_oid%253D24839%2526tds_ac_id%253Ds4220tka%2526_tgUrl%253DaHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.215.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-215-89.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
a41f46c3e0c92864ce768e08662acc1be538b8789d2b9d92dc66d36dd3174214

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
content-encoding
gzip
etag
W/"791-koA14hPYzbKKQWosWwFPb2NY+o0"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
webpush.js
pt-xb.xyz/c_js/ 		108 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/webpush.js?placement=default&referer=http%3A%2F%2Fkikdatex.fun%2F&doc_location=https%253A%252F%252Fbustygirls4u.com%252Fjump%253Fid%253D24839%2526dci%253Dba85c52c49c0d15e74ee2f05a67a935880b3aafd%2526tds_host%253Dbustygirls4u.com%2526tds_campaign%253Db1853pet%2526s1%253Dps%2526utm_source%253Dint%2526tds_cid%253D17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7%2526utm_campaign%253D89db62bd%2526utm_content%253D%25257Bsubid%25257D%2526data2%253D%25257Bclickid%25257D%2526s3%253D%25257Bsubid2%25257D%2526tds_id%253Db1853pet_jump_c_1637136345987%2526tds_oid%253D24839%2526tds_ac_id%253Ds4220tka%2526_tgUrl%253DaHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.215.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-215-89.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
7d61977a9fd9b646c9c8485466381ae9cd6df037e9fc15214c5768ed2d44a961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
etag
W/"6c-uTmxtL0KXXoFbyj3PYIFlFW3ym0"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
108
ipp.js
pt-xb.xyz/c_js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/ipp.js?placement=default&referer=http%3A%2F%2Fkikdatex.fun%2F&doc_location=https%253A%252F%252Fbustygirls4u.com%252Fjump%253Fid%253D24839%2526dci%253Dba85c52c49c0d15e74ee2f05a67a935880b3aafd%2526tds_host%253Dbustygirls4u.com%2526tds_campaign%253Db1853pet%2526s1%253Dps%2526utm_source%253Dint%2526tds_cid%253D17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7%2526utm_campaign%253D89db62bd%2526utm_content%253D%25257Bsubid%25257D%2526data2%253D%25257Bclickid%25257D%2526s3%253D%25257Bsubid2%25257D%2526tds_id%253Db1853pet_jump_c_1637136345987%2526tds_oid%253D24839%2526tds_ac_id%253Ds4220tka%2526_tgUrl%253DaHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.215.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-215-89.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
0fcb6b6617efffc346b770a10b82e3c9e28337050a4f676d9e7b2eb72d390759

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
content-encoding
gzip
etag
W/"1f71-4jC6uVyhAmWofecdFVnv11GBf10"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
recaptcha.js
pt-xb.xyz/c_js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/recaptcha.js?placement=default&referer=http%3A%2F%2Fkikdatex.fun%2F&doc_location=https%253A%252F%252Fbustygirls4u.com%252Fjump%253Fid%253D24839%2526dci%253Dba85c52c49c0d15e74ee2f05a67a935880b3aafd%2526tds_host%253Dbustygirls4u.com%2526tds_campaign%253Db1853pet%2526s1%253Dps%2526utm_source%253Dint%2526tds_cid%253D17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7%2526utm_campaign%253D89db62bd%2526utm_content%253D%25257Bsubid%25257D%2526data2%253D%25257Bclickid%25257D%2526s3%253D%25257Bsubid2%25257D%2526tds_id%253Db1853pet_jump_c_1637136345987%2526tds_oid%253D24839%2526tds_ac_id%253Ds4220tka%2526_tgUrl%253DaHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw%2526tds_rt%253D%2526tds_ao%253D1&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.215.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-215-89.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
d2ab4dd3396b11a42dcdc9728c08166485369531a0eb8ea1f71aec3999d47b6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
content-encoding
gzip
etag
W/"5db-mrlP2f2+/W/TItCtX1h36x9R1vI"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rtr
pt-xb.xyz/ 		10 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/rtr?referer=https%3A%2F%2Fbustygirls4u.com%2Fjump%3Fid%3D24839%26dci%3Dba85c52c49c0d15e74ee2f05a67a935880b3aafd%26tds_host%3Dbustygirls4u.com%26tds_campaign%3Db1853pet%26s1%3Dps%26utm_source%3Dint%26tds_cid%3D17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7%26utm_campaign%3D89db62bd%26utm_content%3D%257Bsubid%257D%26data2%3D%257Bclickid%257D%26s3%3D%257Bsubid2%257D%26tds_id%3Db1853pet_jump_c_1637136345987%26tds_oid%3D24839%26tds_ac_id%3Ds4220tka%26_tgUrl%3DaHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw%26tds_rt%3D%26tds_ao%3D1
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.215.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-215-89.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
etag
W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
10
bustygirls4u.com
pt-xb.xyz/v1/recaptcha/inject/ 		98 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/v1/recaptcha/inject/bustygirls4u.com?placement=default&referer=http%3A%2F%2Fkikdatex.fun%2F&doc_location=https%3A%2F%2Fbustygirls4u.com%2Fjump%3Fid%3D24839%26dci%3Dba85c52c49c0d15e74ee2f05a67a935880b3aafd%26tds_host%3Dbustygirls4u.com%26tds_campaign%3Db1853pet%26s1%3Dps%26utm_source%3Dint%26tds_cid%3D17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7%26utm_campaign%3D89db62bd%26utm_content%3D%257Bsubid%257D%26data2%3D%257Bclickid%257D%26s3%3D%257Bsubid2%257D%26tds_id%3Db1853pet_jump_c_1637136345987%26tds_oid%3D24839%26tds_ac_id%3Ds4220tka%26_tgUrl%3DaHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw%26tds_rt%3D%26tds_ao%3D1
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.215.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-215-89.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
6e7997fa6781c5636aa078e5b9fb7f30774d7cf54f126c2a82b56871a3e315ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bustygirls4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 23:28:46 GMT
etag
W/"62-yvlWBBkeR2xZAn6kr733sF6/lQA"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
98

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _ins_opt string| _pixel_url string| _pixel_scr object| adsLayer function| changeFirstStep object| DataCloudEC function| _dct object| WebPushMotivationPopup object| google_tag_manager string| MtuObject function| mi function| onRecaptchaLoadCallback object| ufApp function| beforeUnloadHandler object| _0x466c function| _0x51dc03 function| _0x2550

4 Cookies

Domain/Path Name / Value
.bustygirls4u.com/ Name: dci
Value: ba85c52c49c0d15e74ee2f05a67a935880b3aafd
bustygirls4u.com/ Name: dm
Value: fe450dd0d1dadc615429144d33241f42
.retarget2core.com/ Name: dci
Value: a5784745ed4203296e283d953892c47861ecf20b
pt-xb.xyz/ Name: visitor_id
Value: 61aaa82e33f9ee003715603c

1 Console Messages

Source Level URL
Text
rendering warning URL: https://bustygirls4u.com/jump?id=24839&dci=ba85c52c49c0d15e74ee2f05a67a935880b3aafd&tds_host=bustygirls4u.com&tds_campaign=b1853pet&s1=ps&utm_source=int&tds_cid=17d7c4620c4c11e18f1d2127b4a499ee2f8a3be7&utm_campaign=89db62bd&utm_content=%7Bsubid%7D&data2=%7Bclickid%7D&s3=%7Bsubid2%7D&tds_id=b1853pet_jump_c_1637136345987&tds_oid=24839&tds_ac_id=s4220tka&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzFkNmQyYjk1OTNiN2MzN2VhMTIyMGIzZjVlOWU4ZGQwP19fdD0xNjM4NTc0MTI1Njc3Jl9fbD0zNjAw&tds_rt=&tds_ao=1(Line 8)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bustygirls4u.com
fonts.googleapis.com
kikdatex.fun
pt-xb.xyz
retarget2core.com
www.cdn2reference.com
www.googletagmanager.com
18.185.46.83
2600:9000:2204:c600:6:74ba:b80:93a1
2a00:1450:4001:80e::2008
2a00:1450:4001:82f::200a
45.130.41.13
52.28.215.89
52.29.4.100
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
0fcb6b6617efffc346b770a10b82e3c9e28337050a4f676d9e7b2eb72d390759
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
389819318a47c849b2dd91b01762ba6b693aa03a6726f9fb26c818c925d37427
39f6585c09ef00d1ba4c49c049b9d359404d78ab5814d76cf4e482bdec00b6e3
4fccb49ed61f6ea7bccf9bd494c2cce0246fff4dc9ad61133c0a292044c3047c
63bde8a70255cd688b32b4e84f4b1369f99e3229d8a1825898f5760019894360
6a7e89545d76648565b32f99c4275de332fd9bb8d1ec0f16e2b2b5a6d5212479
6e7997fa6781c5636aa078e5b9fb7f30774d7cf54f126c2a82b56871a3e315ad
7d61977a9fd9b646c9c8485466381ae9cd6df037e9fc15214c5768ed2d44a961
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f
98d62cd75e614f457b86a7d8b62c6756559378d8c01a3141af92f7be57c08e9a
a41f46c3e0c92864ce768e08662acc1be538b8789d2b9d92dc66d36dd3174214
a554bc01c16e43dc6dd258c927b93cba7cd06f82e1b0cbe177232bdf955c0246
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53
cebab1d34025785330913b59213a9392b209b141cd68edae0edf68f005abf7c7
d2ab4dd3396b11a42dcdc9728c08166485369531a0eb8ea1f71aec3999d47b6b
d4f032371c512aea083e8f0542955c8f78bb86385cce8af5a61cd9c9b174c6a6
d77e70de074e7aa92432f20bf0fda242f72b6c1f4f6915061e94bbc39a149569
de4b6c855fc7a651c3672a2471125b69899135b0d20af54eb3159f3edfbd82a6
fa91b44e553a1f938217c0b4141595bb9561ab93fac92220947c1d413e50a8ec