bustygirls4u.com Open in urlscan Pro
52.9.103.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coin8news.beauty/?shiny
Effective URL:
https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_156561637024...
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On March 19 via api (March 19th 2023, 10:24:52 pm UTC) from JP — Scanned from JP

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 10 domains to perform 22 HTTP transactions. The main IP is 52.9.103.175, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is bustygirls4u.com. The Cisco Umbrella rank of the primary domain is 411072.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.

This is the only time bustygirls4u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:bc9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	2606:4700:303... 2606:4700:3037::6815:5c46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:1a:... 2a04:4e42:1a::159	54113 (FASTLY) (FASTLY)
1 1	2606:4700:303... 2606:4700:3032::ac43:8c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	52.9.103.175 52.9.103.175	16509 (AMAZON-02) (AMAZON-02)
5	13.225.165.30 13.225.165.30	() ()
1	2404:6800:400... 2404:6800:400a:80e::200a	() ()
1	2404:6800:400... 2404:6800:4004:826::2008	() ()
1	2404:6800:400... 2404:6800:4004:808::2003	() ()
22	8

1 2606:4700:3034::ac43:bc9d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coin8news.beauty	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3037::6815:5c46 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

coin8news.beauty	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mail.coin8news.beauty	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1a::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:8c1a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

6473af.binomlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.9.103.175 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-103-175.us-west-1.compute.amazonaws.com

bustygirls4u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.165.30 (None, )

ASN- ()

cdn3reference.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80e::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:808::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	bustygirls4u.com 1 redirects bustygirls4u.com — Cisco Umbrella Rank: 411072	27 KB
6	coin8news.beauty 4 redirects coin8news.beauty mail.coin8news.beauty	4 KB
5	cdn3reference.com cdn3reference.com	519 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
1	googleapis.com fonts.googleapis.com	851 B
1	binomlink.com 1 redirects 6473af.binomlink.com	1 KB
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 804	26 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5069	246 B
0	retarget2core.com Failed retarget2core.com Failed
22	10

	Domain	Requested by
7	bustygirls4u.com	1 redirects mail.coin8news.beauty bustygirls4u.com
5	cdn3reference.com	bustygirls4u.com cdn3reference.com
4	mail.coin8news.beauty	3 redirects coin8news.beauty
2	coin8news.beauty	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	bustygirls4u.com
1	fonts.googleapis.com	cdn3reference.com
1	6473af.binomlink.com	1 redirects
1	pbs.twimg.com
1	bit.ly	1 redirects
0	retarget2core.com Failed	cdn3reference.com
22	11

This site contains no links.

Subject Issuer	Validity	Valid
*.coin8news.beauty GTS CA 1P5	`2023-03-17` - `2023-06-15`	3 months	crt.sh
bustygirls4u.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-22`	a year	crt.sh
cdn3reference.com Amazon RSA 2048 M02	`2023-02-15` - `2024-03-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
Frame ID: E49B53575402B181B8F2F30233A67F27
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://coin8news.beauty/?shiny HTTP 301
https://coin8news.beauty/?shiny Page URL
http://mail.coin8news.beauty/contact HTTP 301
https://mail.coin8news.beauty/contact HTTP 301
http://mail.coin8news.beauty/contact/ HTTP 301
https://mail.coin8news.beauty/contact/ Page URL
http://6473af.binomlink.com/c7b2l0k.php?key=snp3vkn2e4nt3zmh2ng1&t=17-03&site=coin8news.beauty HTTP 302
https://bustygirls4u.com/tds/ae?tdsId=s7664gor_r&tds_campaign=s7664gor&s1=ps&utm_source=int&utm_sub=o... HTTP 302
https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

22
Requests

73 %
HTTPS

70 %
IPv6

10
Domains

11
Subdomains

8
IPs

1
Countries

654 kB
Transfer

845 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coin8news.beauty/?shiny HTTP 301
https://coin8news.beauty/?shiny Page URL
http://mail.coin8news.beauty/contact HTTP 301
https://mail.coin8news.beauty/contact HTTP 301
http://mail.coin8news.beauty/contact/ HTTP 301
https://mail.coin8news.beauty/contact/ Page URL
http://6473af.binomlink.com/c7b2l0k.php?key=snp3vkn2e4nt3zmh2ng1&t=17-03&site=coin8news.beauty HTTP 302
https://bustygirls4u.com/tds/ae?tdsId=s7664gor_r&tds_campaign=s7664gor&s1=ps&utm_source=int&utm_sub=opnfnl&affid=f5049c5d&subid=17-03&subid2={subid2}&clickid=e0a38fnsc2tbldf6 HTTP 302
https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://coin8news.beauty/?shiny HTTP 301
https://coin8news.beauty/?shiny

Request Chain 1

http://mail.coin8news.beauty/contact HTTP 301
https://mail.coin8news.beauty/contact HTTP 301
http://mail.coin8news.beauty/contact/ HTTP 301
https://mail.coin8news.beauty/contact/

Request Chain 2

https://bit.ly/17-EUC?1151549556.jpg HTTP 301
https://pbs.twimg.com/media/EUCuxS3U0AEcf3x.jpg

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
coin8news.beauty/
Redirect Chain

http://coin8news.beauty/?shiny
https://coin8news.beauty/?shiny

197 B
606 B

487ms
477ms

Document
text/html

2606:4700:3037::6815:5c46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coin8news.beauty/?shiny
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5c46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aa920a5df3df671-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 19 Mar 2023 22:24:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FhMpYSehfTq1i4lFv3fh0SWtwWPIgKz%2FRdQ%2BPTFGk0cSCqUsbVirPEoSHZ4giOjvknaEuDh0usK7x12I8dnia8y%2FfghMVsJOG5UWHsJonVb%2FQiuHvX9b92F2hCFjhe8UYdsl2tHMMdIBLygkIbb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7aa920a5b8c5afe1-NRT
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 19 Mar 2023 22:24:46 GMT
Expires: Sun, 19 Mar 2023 23:24:46 GMT
Location: https://coin8news.beauty/?shiny
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTwN8hK%2B50mLOqyfxxBztHO9aSq1VC%2FDX1SSVs8bCYMEJh4pFIgqVxlTn3GFaaxAbu%2BLHqIVglKzc1YhBQ68dHfqYiTFyMIozvKfiYqt4YRN89zoLjl8qLo%2Byn9%2F6WBGsAiYP8vgGOzC9tCzjxU4"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/ Show response
mail.coin8news.beauty/contact/
Redirect Chain

http://mail.coin8news.beauty/contact
https://mail.coin8news.beauty/contact
http://mail.coin8news.beauty/contact/
https://mail.coin8news.beauty/contact/

336 B
518 B

551ms
549ms

Document
text/html

2606:4700:3037::6815:5c46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.coin8news.beauty/contact/
Requested by: Host: coin8news.beauty
URL: https://coin8news.beauty/?shiny
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5c46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2274ba95e19dc63e3d3935e4511cfa4efaef07b58c4163063dd522b40da6ec8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aa920adfae5f671-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 19 Mar 2023 22:24:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AA3PQnbCXw59NeE7VoBOUnOgdNJwMKynPQ4B0%2FfN6Imutr2Dc41GvN%2BjDUyAo%2BuqKF4Wr91o8RhA1b%2FephPvT42AjZ1lbpuJIAUwegJmDSIINk6fzijpzMVZTpy6R85NVTuo4yzIcDdziLqsDLogymOuaA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7aa920adedd9204d-NRT
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 19 Mar 2023 22:24:48 GMT
Expires: Sun, 19 Mar 2023 23:24:48 GMT
Location: https://mail.coin8news.beauty/contact/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQ8zeUVJoh2A3SWXLzE2JgXPOXh3oa35x6N7b9usN2WJdvf%2B4cdFFl8JmBQ3C%2Bjv%2BaNqNjkOrhi3FF8Jz4fUk5%2BdqnsBCHvg8CWtH0JNdCYjOSPpd3MLbKYYdNKIcqx%2FRXIpxCoJLEbxFR26VsFozG84s4M%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

EUCuxS3U0AEcf3x.jpg
pbs.twimg.com/media/
Redirect Chain

https://bit.ly/17-EUC?1151549556.jpg
https://pbs.twimg.com/media/EUCuxS3U0AEcf3x.jpg

26 KB
26 KB

20ms
4ms

Image
image/jpeg

2a04:4e42:1a::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUCuxS3U0AEcf3x.jpg

Protocol

Server

2a04:4e42:1a::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://mail.coin8news.beauty/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=631138519
date: Sun, 19 Mar 2023 22:24:49 GMT
x-content-type-options: nosniff
x-cache: HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 26427
x-served-by: cache-tyo11942-TYO, cache-tw-ZZZ1
last-modified: Thu, 26 Mar 2020 14:36:53 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: a9597c9f827a83bd
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

Redirect headers

date: Sun, 19 Mar 2023 22:24:49 GMT
via: 1.1 google
server: nginx
content-type: text/html; charset=utf-8
location: https://pbs.twimg.com/media/EUCuxS3U0AEcf3x.jpg
cache-control: private, max-age=90
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134

GET
H/1.1

200
OK

Primary Request jump Show response
bustygirls4u.com/
Redirect Chain

http://6473af.binomlink.com/c7b2l0k.php?key=snp3vkn2e4nt3zmh2ng1&t=17-03&site=coin8news.beauty
https://bustygirls4u.com/tds/ae?tdsId=s7664gor_r&tds_campaign=s7664gor&s1=ps&utm_source=int&utm_sub=opnfnl&affid=f5049c5d&subid=17-03&subid2={subid2}&clickid=e0a38fnsc2tbldf6
https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHU...

15 KB
3 KB

274ms
273ms

Document
text/html

52.9.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
Requested by: Host: mail.coin8news.beauty
URL: https://mail.coin8news.beauty/contact/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.103.175 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-103-175.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c98e9116a967a94d0e615f6f68692260a46cc7bc54331a90eab876af82ccc67c

Request headers

Referer: https://mail.coin8news.beauty/contact/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Sun, 19 Mar 2023 22:24:51 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
Access-Control-Allow-Origin: *
Connection: keep-alive
Date: Sun, 19 Mar 2023 22:24:50 GMT
Location: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked

GET
H/1.1 200
OK intg.js Show response
bustygirls4u.com/bridge/ 269 B
738 B 119ms
118ms Script
application/javascript 52.9.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/bridge/intg.js?v=8
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.103.175 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-103-175.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 556f2a46047c9b8dedbae5ef8c59dc7ea04ff88e76d7dcda568f1eb2dce03548

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 19 Mar 2023 22:24:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 16:45:39 GMT
Server: nginx
ETag: W/"10d-186eb501338"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H2 200 a5d2d49af318fe36f2aa61133bf8b1f3.css
cdn3reference.com/landings/25584/css/ 4 KB
2 KB 750ms
725ms Stylesheet
text/css 13.225.165.30

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3reference.com/landings/25584/css/a5d2d49af318fe36f2aa61133bf8b1f3.css
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 43fdd80bbac2a89b11b04de744fff68bcd27ad5e7f1ecd4b5ca4f45a2d23f667

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 19 Mar 2023 22:24:51 GMT
content-encoding: gzip
via: 1.1 e77892dd431d44863ad00701fe285932.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 14:46:26 GMT
server: nginx
x-amz-cf-pop: NRT12-C4
etag: W/"116a-5e711dca7d480"
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: t6mqvZN0slzP2EqLexf-BEPW51zloEsZ6102X3O7W75Zx9P0m726UA==

GET
H2 200 f3815a08510a77056024e76049efa2ff.js Show response
cdn3reference.com/landings/25584/js/ 95 KB
33 KB 1009ms
986ms Script
application/javascript 13.225.165.30

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3reference.com/landings/25584/js/f3815a08510a77056024e76049efa2ff.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 21057933e26b7f84d4402898c9a36479618978335cb9d0e430de32e4fc759c41

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 19 Mar 2023 22:24:51 GMT
content-encoding: gzip
via: 1.1 e77892dd431d44863ad00701fe285932.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 14:46:26 GMT
server: nginx
x-amz-cf-pop: NRT12-C4
etag: W/"17bbe-5e711dca7d480"
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: zyk_LhT5KYtDilypgUILFSNqJYYoowwRM8Is6bWMGffDcdqzd7elwg==

GET
H2 200 dc_img.js Show response
cdn3reference.com/js/ 488 B
635 B 755ms
732ms Script
application/javascript 13.225.165.30

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3reference.com/js/dc_img.js?v=8
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 19 Mar 2023 22:24:51 GMT
content-encoding: gzip
via: 1.1 e77892dd431d44863ad00701fe285932.cloudfront.net (CloudFront)
last-modified: Thu, 29 Oct 2020 09:22:15 GMT
server: nginx
x-amz-cf-pop: NRT12-C4
etag: W/"1e8-5b2cbd0d9620d"
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 1FOCVqEmBXmc5TUz6DU8FjgORwjuxcsfn069n7hPZ8lMmVeb2nVyEQ==

GET
H/1.1 200
OK ao_loader.js Show response
bustygirls4u.com/bridge/ 836 B
1002 B 115ms
115ms Script
application/javascript 52.9.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/bridge/ao_loader.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/intg.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.103.175 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-103-175.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d5d65364c02602f4fae5c63195607cfff433ac59d4c7d756e4a0a2e6f33ccd19

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 19 Mar 2023 22:24:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 16:45:39 GMT
Server: nginx
ETag: W/"344-186eb501338"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H/1.1 200
OK integration.js Show response
bustygirls4u.com/ 2 KB
1 KB 117ms
116ms Script
text/javascript 52.9.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/integration.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/intg.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.103.175 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-103-175.us-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: fcf0beb000c0392cbbb45e40156c0ff5ce33ee2072bc2dd376e3acc0e89eda0c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 19 Mar 2023 22:24:52 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Express
ETag: W/"713-KaQGZfSM2+uTQY8Sm+tSBLT4Qso"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK crypto-4.1.1.js Show response
bustygirls4u.com/bridge/ 47 KB
17 KB 200ms
122ms Script
application/javascript 52.9.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/bridge/crypto-4.1.1.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/intg.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.103.175 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-103-175.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eab5bd35e8ce36b0d7416bc35f8627b364d8574d8dd1247d791e2e7a6c2692b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 19 Mar 2023 22:24:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 16:45:39 GMT
Server: nginx
ETag: W/"bde2-186eb501338"
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H/1.1 200
OK frodi_data.js
bustygirls4u.com/bridge/ 6 KB
3 KB 289ms
120ms Script
application/javascript 52.9.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/bridge/frodi_data.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/intg.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.103.175 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-103-175.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 19 Mar 2023 22:24:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 16:45:39 GMT
Server: nginx
ETag: W/"19f8-186eb501338"
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
851 B 110ms
48ms Stylesheet
text/css 2404:6800:400a:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Requested by

Host: cdn3reference.com
URL: https://cdn3reference.com/landings/25584/css/a5d2d49af318fe36f2aa61133bf8b1f3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

6aae74b1b3752fb8f3899b285627d2557398819c4d88c43837b3d7f9ed740a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn3reference.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Mar 2023 22:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 19 Mar 2023 22:24:51 GMT

GET ao.js
bustygirls4u.com/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
50 KB 91ms
44ms Script
application/javascript 2404:6800:4004:826::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

Requested by

Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7432e43fca29e828bc078b07589d93aee07422d90281efcfe9b1847bb79b0396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 19 Mar 2023 22:24:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50829
x-xss-protection: 0
last-modified: Sun, 19 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Mar 2023 22:24:52 GMT

GET
H2 200 bg1.jpg
cdn3reference.com/landings/25584/images/ 105 KB
106 KB 251ms
248ms Image
image/jpeg 13.225.165.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3reference.com/landings/25584/images/bg1.jpg
Requested by: Host: cdn3reference.com
URL: https://cdn3reference.com/landings/25584/css/a5d2d49af318fe36f2aa61133bf8b1f3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn3reference.com/landings/25584/css/a5d2d49af318fe36f2aa61133bf8b1f3.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 19 Mar 2023 22:24:52 GMT
via: 1.1 e77892dd431d44863ad00701fe285932.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 08:29:46 GMT
server: nginx
x-amz-cf-pop: NRT12-C4
etag: "1a46e-5c2aaa1109280"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 107630
x-amz-cf-id: o8d58YAUMTW-n61JYgb7L9GSttCNIMCfknxp44e6pj9U6TDem7LDhA==

GET bg2.jpg
cdn3reference.com/landings/25584/images/ 0
0

GET
H2 200 004.gif
cdn3reference.com/landings/25584/images/ 377 KB
378 KB 253ms
250ms Image
image/gif 13.225.165.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3reference.com/landings/25584/images/004.gif
Requested by: Host: cdn3reference.com
URL: https://cdn3reference.com/landings/25584/css/a5d2d49af318fe36f2aa61133bf8b1f3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn3reference.com/landings/25584/css/a5d2d49af318fe36f2aa61133bf8b1f3.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 19 Mar 2023 22:24:52 GMT
via: 1.1 e77892dd431d44863ad00701fe285932.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 08:29:46 GMT
server: nginx
x-amz-cf-pop: NRT12-C4
etag: "5e5a7-5c2aaa1109280"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 386471
x-amz-cf-id: p1Tb6DiFicXcSgkEE14Uo4VbrtqGxKGqhuPrcEq4MJq4-cr_1TY9DQ==

GET logo.png
cdn3reference.com/landings/25584/images/ 0
0

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 47ms
3ms Font
font/woff2 2404:6800:4004:808::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bustygirls4u.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Mar 2023 10:51:37 GMT
x-content-type-options: nosniff
age: 387195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30856
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 10:51:37 GMT

GET fp_ec.js
retarget2core.com/fp/ 0
0

GET main.js
bustygirls4u.com/ufis/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bustygirls4u.com
URL: https://bustygirls4u.com/ao.js

Domain: cdn3reference.com
URL: https://cdn3reference.com/landings/25584/images/bg2.jpg

Domain: cdn3reference.com
URL: https://cdn3reference.com/landings/25584/images/logo.png

Domain: retarget2core.com
URL: https://retarget2core.com/fp/fp_ec.js

Domain: bustygirls4u.com
URL: https://bustygirls4u.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fbustygirls4u.com%2Fjump%3Ftds_campaign%3Db8378gor%26tds_ac_id%3Ds7664gor%26tds_ao%3D1%26s1%3Dps%26tds_id%3Db8378gor_jump_a_1565616370242%26utm_campaign%3Df5049c5d%26utm_content%3D17-03%26_tgUrl%3DaHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw%26utm_source%3Dint%26tds_oid%3D25584%26s3%3D%257Bsubid2%257D%26tds_host%3Dbustygirls4u.com%26tds_cid%3D83e71fd2744b7999a1509e77aeb8cdd1e34cea81%26data2%3De0a38fnsc2tbldf6%26id%3D25584%26dci%3D139cd787d8be399cc6d798b39f9cc1b7b0703f55&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
6473af.binomlink.com/	1970-01-20 10:29:11	Name: uclick Value: fnsc2tbl
6473af.binomlink.com/	1970-01-20 10:29:11	Name: uclickhash Value: fnsc2tbl-fnsc2tbl-bl-0-2t-he-bz-decb00
.bustygirls4u.com/	1970-01-20 19:13:20	Name: dci Value: 139cd787d8be399cc6d798b39f9cc1b7b0703f55
bustygirls4u.com/	1970-01-20 10:34:56	Name: dm Value: fe450dd0d1dadc615429144d33241f42

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://bustygirls4u.com/jump?tds_campaign=b8378gor&tds_ac_id=s7664gor&tds_ao=1&s1=ps&tds_id=b8378gor_jump_a_1565616370242&utm_campaign=f5049c5d&utm_content=17-03&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zLzZmNGJjZDljYmMyNzkxNGRiN2RhODdkMDRmMmM3M2MzP19fdD0xNjc5MjY0NjkwNzgwJl9fbD0zNjAw&utm_source=int&tds_oid=25584&s3=%7Bsubid2%7D&tds_host=bustygirls4u.com&tds_cid=83e71fd2744b7999a1509e77aeb8cdd1e34cea81&data2=e0a38fnsc2tbldf6&id=25584&dci=139cd787d8be399cc6d798b39f9cc1b7b0703f55(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6473af.binomlink.com
bit.ly
bustygirls4u.com
cdn3reference.com
coin8news.beauty
fonts.googleapis.com
fonts.gstatic.com
mail.coin8news.beauty
pbs.twimg.com
retarget2core.com
www.googletagmanager.com
bustygirls4u.com
cdn3reference.com
retarget2core.com
13.225.165.30
2404:6800:4004:808::2003
2404:6800:4004:826::2008
2404:6800:400a:80e::200a
2606:4700:3032::ac43:8c1a
2606:4700:3034::ac43:bc9d
2606:4700:3037::6815:5c46
2a04:4e42:1a::159
52.9.103.175
67.199.248.11
21057933e26b7f84d4402898c9a36479618978335cb9d0e430de32e4fc759c41
43fdd80bbac2a89b11b04de744fff68bcd27ad5e7f1ecd4b5ca4f45a2d23f667
556f2a46047c9b8dedbae5ef8c59dc7ea04ff88e76d7dcda568f1eb2dce03548
6aae74b1b3752fb8f3899b285627d2557398819c4d88c43837b3d7f9ed740a52
7432e43fca29e828bc078b07589d93aee07422d90281efcfe9b1847bb79b0396
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53
c98e9116a967a94d0e615f6f68692260a46cc7bc54331a90eab876af82ccc67c
d5d65364c02602f4fae5c63195607cfff433ac59d4c7d756e4a0a2e6f33ccd19
eab5bd35e8ce36b0d7416bc35f8627b364d8574d8dd1247d791e2e7a6c2692b2
f2274ba95e19dc63e3d3935e4511cfa4efaef07b58c4163063dd522b40da6ec8
fcf0beb000c0392cbbb45e40156c0ff5ce33ee2072bc2dd376e3acc0e89eda0c

bustygirls4u.com Open in urlscan Pro 52.9.103.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

73 %HTTPS

70 %IPv6

10 Domains

11 Subdomains

8 IPs

1 Countries

654 kBTransfer

845 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

bustygirls4u.com Open in urlscan Pro
52.9.103.175 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

73 %
HTTPS

70 %
IPv6

10
Domains

11
Subdomains

8
IPs

1
Countries

654 kB
Transfer

845 kB
Size

4
Cookies

22 HTTP transactions
0 data transactions