URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Submission: On May 23 via api from US

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 17 HTTP transactions.
The main IP is 169.62.152.146, located in United States and belongs to SOFTLAYER, US. The main domain is www.youbemom.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on December 5th 2017. Valid for: 3 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 169.62.152.146 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
3 35.190.91.160 15169 (GOOGLE)
1 35.190.40.172 15169 (GOOGLE)
2 2 35.244.246.232 15169 (GOOGLE)
2 2 147.75.102.200 54825 (PACKET)
1 195.181.175.52 60068 (CDN77)
2 2 34.253.109.165 16509 (AMAZON-02)
17 9
Domain
Subdomains
Transfer
11 skimresources.com
32 KB
4 youbemom.com
14 KB
3 exelator.com
2 KB
2 crwdcntrl.net
1015 B
2 google-analytics.com
17 KB
1 consensu.org
635 B
1 ajax.googleapis.com
33 KB
17 7
Domain Requested by
4 www.youbemom.com www.youbemom.com
3 p.skimresources.com www.youbemom.com
2 sync.crwdcntrl.net 2 redirects
2 loadeu.exelator.com 2 redirects
2 x.skimresources.com 2 redirects
2 t.skimresources.com www.youbemom.com
s.skimresources.com
2 r.skimresources.com 1 redirects www.youbemom.com
2 ssl.google-analytics.com www.youbemom.com
2 s.skimresources.com www.youbemom.com
s.skimresources.com
1 load77.exelator.com www.youbemom.com
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 ajax.googleapis.com www.youbemom.com
17 12

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
www.youbemom.com
COMODO RSA Domain Validation Secure Server CA
2017-12-05 -
2020-12-14
3 years
upload.video.google.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months
*.skimresources.com
DigiCert SHA2 Secure Server CA
2018-09-13 -
2020-10-07
2 years
*.google-analytics.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months
api.skimlinks.mgr.consensu.org
DigiCert SHA2 Secure Server CA
2019-10-04 -
2021-10-07
2 years
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3
2020-03-31 -
2020-06-29
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set sempak-bolong
/forum/permalink/10296961
4 KB
2 KB
Document
General
Full URL
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.62.152.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.98.3ea9.ip4.static.sl-reverse.com
Software
Apache / PHP/5.5.38
Resource Hash
c035a7b88cd387ba34eb2f5355a2a98ea550bd3b957c0cbd2329cfd5f9636908

Request headers

Host
www.youbemom.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 06:26:32 GMT
Server
Apache
X-Powered-By
PHP/5.5.38
Set-Cookie
PHPSESSID=crupq0ioun6gbu5qngab40q667; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1670
Connection
close
Content-Type
text/html; charset=iso-8859-1
master.css
/min/f=css
12 KB
3 KB
Stylesheet
General
Full URL
https://www.youbemom.com/min/f=css/master.css
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.62.152.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.98.3ea9.ip4.static.sl-reverse.com
Software
Apache / PHP/5.5.38
Resource Hash
782e06a458b6c953e08a5dad782f9463ae5b2fb6abeef71b0a6a883ca400d26d

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 06:26:32 GMT
Content-Encoding
gzip
ETag
"pub1542840162;gz"
Last-Modified
Wed, 21 Nov 2018 22:42:42 GMT
Server
Apache
X-Powered-By
PHP/5.5.38
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=1800, public
Connection
close
Content-Length
3135
Expires
Sat, 23 May 2020 06:56:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 09:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507926
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 09:21:06 GMT
yb.js
/min/f=js
11 KB
3 KB
Script
General
Full URL
https://www.youbemom.com/min/f=js/yb.js
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.62.152.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.98.3ea9.ip4.static.sl-reverse.com
Software
Apache / PHP/5.5.38
Resource Hash
be6f55a7e8de01e04a1b12cea2aea5b19fb9aa3a14946cc53ce9cbf86364a34c

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 06:26:32 GMT
Content-Encoding
gzip
ETag
"pub1542840162;gz"
Last-Modified
Wed, 21 Nov 2018 22:42:42 GMT
Server
Apache
X-Powered-By
PHP/5.5.38
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=1800, public
Connection
close
Content-Length
2757
Expires
Sat, 23 May 2020 06:56:32 GMT
56807X1337401.skimlinks.js
s.skimresources.com/js
59 KB
22 KB
Script
General
Full URL
https://s.skimresources.com/js/56807X1337401.skimlinks.js
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
198045aa6610fabbe9a704ee6cb62e954a9d7ca47a65196e49fc96c999ee7b11

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:26:32 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2020 14:01:25 GMT
server
AmazonS3
x-amz-request-id
EBE6C0BB66CA04FD
etag
"d8c3b0ffc8b7e667a39b37c567ddf72d"
x-hw
1590215192.cds006.am5.hn,1590215192.cds136.am5.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
22397
x-amz-id-2
sJ6GZxXLnANBxy9RC5+MtQVPosvdSUPOMT18n4w8idV7rnX/gL8DUvBnN4bJ/M5McTFk6BfgqsU=
ga.js
ssl.google-analytics.com
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
7057
date
Sat, 23 May 2020 04:28:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 23 May 2020 06:28:56 GMT
icons.png
/img
6 KB
6 KB
Image
General
Full URL
https://www.youbemom.com/img/icons.png
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.62.152.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.98.3ea9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
c79bdd12f91979263ea5fefddd2439061cea139e1c34fb7081f8d55ce3eb69fe

Request headers

Referer
https://www.youbemom.com/min/f=css/master.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 06:26:33 GMT
Last-Modified
Wed, 21 Nov 2018 22:42:42 GMT
Server
Apache
ETag
"9606cc-1608-57b3477d340b0"
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
close
Accept-Ranges
bytes
Content-Length
5640
Expires
Wed, 22 Jul 2020 06:26:33 GMT
?xguid=01E903CCHWKA4B09FNZJE70JTW&persistence=1&checksum=f7ace9979341f09fcd54c045db5f993bcb47172a9833451abc01cf40549781e9
r.skimresources.com/api
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01E903CCHWKA4B09FNZJE70JTW&persistence=1&checksum=f7ace9979341f09fcd54c045db5f993bcb47172a9833451abc01cf40549781e9
173 B
489 B
XHR
General
Full URL
https://r.skimresources.com/api/?xguid=01E903CCHWKA4B09FNZJE70JTW&persistence=1&checksum=f7ace9979341f09fcd54c045db5f993bcb47172a9833451abc01cf40549781e9
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
beb8961b4eb31abaf47dbc254c0c494a44ac1b85c5e100737dbe854f24b67b12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.youbemom.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Sat, 23 May 2020 06:26:33 GMT
via
1.1 google
server
openresty/1.11.2.5
status
307
location
https://r.skimresources.com/api/?xguid=01E903CCHWKA4B09FNZJE70JTW&persistence=1&checksum=f7ace9979341f09fcd54c045db5f993bcb47172a9833451abc01cf40549781e9
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.youbemom.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
text/html
alt-svc
clear
content-length
193
robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.24882844491030887
t.skimresources.com/api/v2
0
102 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.24882844491030887
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
206
date
Sat, 23 May 2020 06:26:33 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif?ch=1&rn=3.486362765945816
p.skimresources.com
43 B
244 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=3.486362765945816
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:26:33 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
px.gif?ch=2&rn=3.486362765945816
p.skimresources.com
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=3.486362765945816
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:26:33 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
__utm.gif?utmwv=5.7.2&utms=1&utmn=275751159&utmhn=www.youbemom.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found&utmhid=205893...
ssl.google-analytics.com/r
35 B
196 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=275751159&utmhn=www.youbemom.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found&utmhid=2058935330&utmr=-&utmp=%2Fforum%2Fpermalink%2F10296961%2Fsempak-bolong&utmht=1590215193117&utmac=UA-4451850-1&utmcc=__utma%3D32722102.1264404835.1590215193.1590215193.1590215193.1%3B%2B__utmz%3D32722102.1590215193.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=296505169&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 May 2020 06:26:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
t.skimresources.com/api/v2
22 B
341 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/56807X1337401.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 May 2020 06:26:33 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.youbemom.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
iab?nocache=1590215193188
api.skimlinks.mgr.consensu.org
772 B
635 B
XHR
General
Full URL
https://api.skimlinks.mgr.consensu.org/iab?nocache=1590215193188
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/56807X1337401.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
nginx/1.14.0 /
Resource Hash
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.0
access-control-allow-headers
*
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.youbemom.com
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
Consent_A_en.js
s.skimresources.com/js/GDPR
20 KB
8 KB
Script
General
Full URL
https://s.skimresources.com/js/GDPR/Consent_A_en.js
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/56807X1337401.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f4a6c260e7d0c605e8737bdb84d618938b13948754699cf91d7fba544915bda

Request headers

Referer
https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:26:33 GMT
content-encoding
gzip
last-modified
Wed, 29 Apr 2020 16:36:26 GMT
server
AmazonS3
x-amz-request-id
CBC26E50839372EE
etag
"4beb237a57b6e492d5db30ea31a50566"
x-hw
1590215193.cds006.am5.hn,1590215193.cds102.am5.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
7465
x-amz-id-2
+McPKq3WnuSehQZJ+q/n1S9dLPSLQ0IcqRLp6WsKFh/3Ky/5KF252Q5DSJBHpo0MtmsugPyAYCI=
pixel.gif
load77.exelator.com
Redirect Chain
  • https://x.skimresources.com/?provider=exelate
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
273 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.youbemom.com
URL: https://www.youbemom.com/forum/permalink/10296961/sempak-bolong
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:26:33 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-edge-ip
195.181.175.50
x-age
155061
accept-ranges
bytes
content-length
43

Redirect headers

date
Sat, 23 May 2020 06:26:33 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
status
302
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
?provider_id=b92b078a9b2ff593de2176391b73ff73&skim_mapping=true
p.skimresources.com
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=b92b078a9b2ff593de2176391b73ff73
  • https://p.skimresources.com/?provider_id=b92b078a9b2ff593de2176391b73ff73&skim_mapping=true
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/?provider_id=b92b078a9b2ff593de2176391b73ff73&skim_mapping=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:26:33 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43

Redirect headers

date
Sat, 23 May 2020 06:26:33 GMT
via
1.1 google
server
TornadoServer/2.4.1
status
302
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://p.skimresources.com?provider_id=b92b078a9b2ff593de2176391b73ff73&skim_mapping=true
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 7
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01E903CCHWKA4B09FNZJE70JTW&persistence=1&checksum=f7ace9979341f09fcd54c045db5f993bcb47172a9833451abc01cf40549781e9
Request 15
  • https://x.skimresources.com/?provider=exelate
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
Request 16
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=b92b078a9b2ff593de2176391b73ff73
  • https://p.skimresources.com/?provider_id=b92b078a9b2ff593de2176391b73ff73&skim_mapping=true

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| _gaq function| sF string| deviceAgent object| agentID function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| _gat object| gaGlobal

6 Cookies

Domain/Path Name / Value
.youbemom.com/ Name: __utmb
Value: 32722102.1.10.1590215193
.youbemom.com/ Name: __utma
Value: 32722102.1264404835.1590215193.1590215193.1590215193.1
.youbemom.com/ Name: __utmt
Value: 1
.youbemom.com/ Name: __utmz
Value: 32722102.1590215193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.youbemom.com/ Name: __utmc
Value: 32722102
www.youbemom.com/ Name: PHPSESSID
Value: crupq0ioun6gbu5qngab40q667

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

ajax.googleapis.com
api.skimlinks.mgr.consensu.org
load77.exelator.com
loadeu.exelator.com
p.skimresources.com
r.skimresources.com
s.skimresources.com
ssl.google-analytics.com
sync.crwdcntrl.net
t.skimresources.com
www.youbemom.com
x.skimresources.com


147.75.102.200
151.139.128.11
169.62.152.146
195.181.175.52
2a00:1450:4001:814::2008
2a00:1450:4001:821::200a
34.253.109.165
35.190.40.172
35.190.59.101
35.190.91.160
35.201.67.47
35.244.246.232

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
198045aa6610fabbe9a704ee6cb62e954a9d7ca47a65196e49fc96c999ee7b11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
782e06a458b6c953e08a5dad782f9463ae5b2fb6abeef71b0a6a883ca400d26d
7f4a6c260e7d0c605e8737bdb84d618938b13948754699cf91d7fba544915bda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
be6f55a7e8de01e04a1b12cea2aea5b19fb9aa3a14946cc53ce9cbf86364a34c
beb8961b4eb31abaf47dbc254c0c494a44ac1b85c5e100737dbe854f24b67b12
c035a7b88cd387ba34eb2f5355a2a98ea550bd3b957c0cbd2329cfd5f9636908
c79bdd12f91979263ea5fefddd2439061cea139e1c34fb7081f8d55ce3eb69fe
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf