tenderchicksfx.com Open in urlscan Pro
2606:4700:3034::ac43:8655 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://baby-girls.my.id/
Effective URL:
https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
Submission: On January 16 via manual (January 16th 2022, 6:38:30 pm UTC) from CA — Scanned from CA

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 33 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3034::ac43:8655, located in United States and belongs to CLOUDFLARENET, US. The main domain is tenderchicksfx.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2021. Valid for: a year.

This is the only time tenderchicksfx.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3036::ac43:cbe7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6815:55a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	192.99.8.27 192.99.8.27	16276 (OVH) (OVH)
1	158.69.139.226 158.69.139.226	16276 (OVH) (OVH)
3	51.161.15.93 51.161.15.93	16276 (OVH) (OVH)
1	13.225.63.76 13.225.63.76	16509 (AMAZON-02) (AMAZON-02)
3	3.131.111.10 3.131.111.10	16509 (AMAZON-02) (AMAZON-02)
1	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.55.120.93 45.55.120.93	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	54.89.1.168 54.89.1.168	14618 (AMAZON-AES) (AMAZON-AES)
4 7	23.200.228.59 23.200.228.59	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 5	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1	54.230.162.32 54.230.162.32	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
3	23.217.18.225 23.217.18.225	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	13.226.31.29 13.226.31.29	16509 (AMAZON-02) (AMAZON-02)
4	3.15.117.250 3.15.117.250	16509 (AMAZON-02) (AMAZON-02)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
6 8	52.3.138.212 52.3.138.212	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.235.23.231 34.235.23.231	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	104.18.14.222 104.18.14.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	68.67.161.183 68.67.161.183	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.230.162.76 54.230.162.76	16509 (AMAZON-02) (AMAZON-02)
1	23.217.46.172 23.217.46.172	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	63.251.86.51 63.251.86.51	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1	54.230.162.35 54.230.162.35	16509 (AMAZON-02) (AMAZON-02)
1 1	52.116.221.248 52.116.221.248	36351 (SOFTLAYER) (SOFTLAYER)
2	63.251.86.49 63.251.86.49	10913 (INTERNAP-BLK) (INTERNAP-BLK)
4 4	52.200.52.32 52.200.52.32	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:444... 2600:1f18:444a:4680:b988:ecc0:9832:67ce	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.18.102.194 104.18.102.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.31.87 13.226.31.87	16509 (AMAZON-02) (AMAZON-02)
1	75.2.13.80 75.2.13.80	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:303... 2606:4700:3034::ac43:8655	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	37

2 2606:4700:3036::ac43:cbe7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

baby-girls.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:55a (United States)

ASN13335 (CLOUDFLARENET, US)

fuckboox.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.27 (Ajax, Canada)

ASN16276 (OVH, FR)
PTR: ns500876.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.139.226 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip226.ip-158-69-139.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.161.15.93 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns570927.ip-51-161-15.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-76.ewr53.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.131.111.10 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-111-10.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.120.93 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.89.1.168 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-1-168.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.200.228.59 (New York, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-228-59.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.32.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-32.ewr53.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.217.18.225 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-18-225.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.31.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-29.ewr53.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.15.117.250 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-117-250.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.3.138.212 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-138-212.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.235.23.231 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-23-231.compute-1.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.14.222 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.183 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 803.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-76.ewr53.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.217.46.172 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-46-172.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 63.251.86.51 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-35.ewr53.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.221.248 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.200.52.32 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-52-32.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:b988:ecc0:9832:67ce (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.102.194 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.31.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-87.ewr53.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3034::ac43:8655 (United States)

ASN13335 (CLOUDFLARENET, US)

tenderchicksfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 9441 t.sharethis.com — Cisco Umbrella Rank: 5674 sync.sharethis.com — Cisco Umbrella Rank: 2485	17 KB
8	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 609 ce.lijit.com — Cisco Umbrella Rank: 701	4 KB
8	eyeota.net 6 redirects ps.eyeota.net — Cisco Umbrella Rank: 769	5 KB
7	tenderchicksfx.com tenderchicksfx.com	985 KB
7	bluekai.com 4 redirects tags.bluekai.com — Cisco Umbrella Rank: 402 stags.bluekai.com — Cisco Umbrella Rank: 445	4 KB
5	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 458 i6.liadm.com — Cisco Umbrella Rank: 1305	2 KB
5	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 169	2 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 3312 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 3801 onetag-geo-grouping.s-onetag.com — Cisco Umbrella Rank: 24236 data-beacons.s-onetag.com — Cisco Umbrella Rank: 12976 connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 2789	14 KB
4	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 538 tags.crwdcntrl.net — Cisco Umbrella Rank: 1395	9 KB
4	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 16221 t.dtscout.com — Cisco Umbrella Rank: 13169	10 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	1 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 6692 ic.tynt.com — Cisco Umbrella Rank: 3828 de.tynt.com — Cisco Umbrella Rank: 1127	6 KB
2	adsymptotic.com 2 redirects p.adsymptotic.com — Cisco Umbrella Rank: 514	562 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 254	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1092 mwzeom.zeotap.com — Cisco Umbrella Rank: 1443	775 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 279	831 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1202	884 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 970	2 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1264	719 B
2	gstatic.com fonts.gstatic.com	36 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16356 s4.histats.com — Cisco Umbrella Rank: 14220	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
2	baby-girls.my.id 1 redirects baby-girls.my.id	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 398	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 541	30 KB
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1881
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 631	599 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 775	967 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 3082	16 KB
1	33across.com cdn-tc.33across.com	531 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14729	404 B
1	fuckboox.xyz fuckboox.xyz	151 KB
61	33

	Domain	Requested by
8	ps.eyeota.net	6 redirects baby-girls.my.id
7	tenderchicksfx.com	tenderchicksfx.com
6	ap.lijit.com	3 redirects baby-girls.my.id
6	tags.bluekai.com	3 redirects baby-girls.my.id tags.bkrtx.com
5	cm.g.doubleclick.net	5 redirects
4	i.liadm.com	4 redirects
4	sync.sharethis.com	baby-girls.my.id
3	t.sharethis.com	pd.sharethis.com t.sharethis.com
3	match.adsrvr.org	3 redirects
3	bcp.crwdcntrl.net	1 redirects baby-girls.my.id tags.crwdcntrl.net
3	pd.sharethis.com	e.dtscout.com baby-girls.my.id t.sharethis.com
3	t.dtscout.com	e.dtscout.com
2	p.adsymptotic.com	2 redirects
2	x.bidswitch.net	1 redirects baby-girls.my.id
2	ce.lijit.com	baby-girls.my.id
2	ib.adnxs.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	ml314.com	1 redirects baby-girls.my.id
2	loadus.exelator.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	baby-girls.my.id tenderchicksfx.com
2	baby-girls.my.id	1 redirects
1	cdn.jsdelivr.net	tenderchicksfx.com
1	code.jquery.com	tenderchicksfx.com
1	connect-metrics-collector.s-onetag.com	get.s-onetag.com
1	api.intentiq.com	data-beacons.s-onetag.com
1	i6.liadm.com	baby-girls.my.id
1	um.simpli.fi	1 redirects
1	tags.crwdcntrl.net	cdn-tc.33across.com
1	cms.analytics.yahoo.com	1 redirects
1	stags.bluekai.com	1 redirects
1	tags.bkrtx.com	pd.sharethis.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	mwzeom.zeotap.com	baby-girls.my.id
1	spl.zeotap.com	1 redirects
1	cdn-tc.33across.com	de.tynt.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	baby-girls.my.id
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	e.dtscout.com
1	cdn.tynt.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	baby-girls.my.id
1	fuckboox.xyz	baby-girls.my.id
61	48

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-06` - `2023-01-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
histats.com R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
sharethis.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.dtscdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-04` - `2022-12-04`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
Frame ID: 3D2F339A963A437604CDD366EDB6F44C
Requests: 45 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001642358302B3638EE6955D25337F
Frame ID: 64FB609D534EF182F033375B80ECDDF9
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.797.22723&cid=c010&cls=C
Frame ID: 72A742A03070521C60C63D9F9DA1E5A8
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.797.22723/a/CA/t_.js?cid=c010&cls=C
Frame ID: CA4AB1E34C0BFDEEA894C1704C3774A2
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 15092BA42C7F6F31D6ECA0C49D5101BA
Requests: 2 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: F71CF59B061CB40CDCBC51DB14AD5C1C
Requests: 3 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/19505?id=y-7oTVY69E2pLZ5NbhdtJ7bFCUOOO2XNg1Cz8-~A
Frame ID: FB8A63D00DC3A44F5C0F197225A274C9
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=56195
Frame ID: DBD0B8270142E2D383443372F63B5412
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The most popular dating site of this month

Page URL History Show full URLs

http://baby-girls.my.id/ HTTP 301
https://baby-girls.my.id/ Page URL
https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

61
Requests

70 %
HTTPS

20 %
IPv6

33
Domains

48
Subdomains

37
IPs

5
Countries

1292 kB
Transfer

1441 kB
Size

56
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://baby-girls.my.id/ HTTP 301
https://baby-girls.my.id/ Page URL
https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://baby-girls.my.id/ HTTP 301
https://baby-girls.my.id/

Request Chain 13

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D001642358302B3638EE6955D25337F HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001642358302B3638EE6955D25337F

Request Chain 15

https://pixel.onaudience.com/?partner=137085098&mapped=6D001642358302B3638EE6955D25337F HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=11fc2c053e646d9b HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=6bb4175e-1b18-4173-8b52-40ea2375a9c6&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=N0pkMEpPd005OVlmcUtIQw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEH2PcpEAlGlv5JpK_G32jl0&google_cver=1

Request Chain 25

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=6bb4175e-1b18-4173-8b52-40ea2375a9c6&gdpr=0&gdpr_consent=

Request Chain 26

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=3e3d68401bc2275143a12779cbd277df

Request Chain 27

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2wUzq_SVNMdk7uIKQa6osSGKNA9Ak9w40DtIfCJQalCw&gdpr=0&gdpr_consent=

Request Chain 28

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGIAB2HkZh4AAAAIIlMrAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3624467040497565710 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNDQ2NzA0MDQ5NzU2NTcxMBAAGg0In8yRjwYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=8066fcfc5e7a444e5d854323a6eb32296119e88bffd55590816120398c6e0311f4cb09cee1a4f8eb&person_id=3624467040497565710&eid=50082

Request Chain 29

https://tags.bluekai.com/site/59574?id=ZGIAB2HkZh4AAAAIIlMrAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=Mlp0J99999YGMrHC&BK_SWAP_DEST=5957

Request Chain 31

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&33random=1642358302901.1&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&33random=1642358302901.1&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlhsUDFiVjRGRlVJWTAzQUR5SlgxdmktOGpZZEREcXBjTFpNcjFNSEN1VlE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlhsUDFiVjRGRlVJWTAzQUR5SlgxdmktOGpZZEREcXBjTFpNcjFNSEN1VlE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESENxteXRzP9pIqhc8B7bx9vc&google_cver=1

Request Chain 32

https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=&zcluid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&ziid=1642358302901.2 HTTP 302
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=62bd00c7-db6a-4702-5e1f-532a327aafa2&reqId=97f6be59-f997-4440-6fbe-7cf2ce73f959&us_privacy=&zcluid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&zdid=239&ziid=1642358302901.2&zpb=wu%21&zpbcat= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26ctry%3DCA%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D62bd00c7-db6a-4702-5e1f-532a327aafa2%26reqId%3D97f6be59-f997-4440-6fbe-7cf2ce73f959%26us_privacy%3D%26zcluid%3DLCzIu2HkZh6%252FftQvJyjjEg%253D%253D%26zdid%3D239%26ziid%3D1642358302901.2%26zpb%3Dwu%2521%26zpbcat%3D HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=5941192019936061130&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=62bd00c7-db6a-4702-5e1f-532a327aafa2&reqId=97f6be59-f997-4440-6fbe-7cf2ce73f959&us_privacy=&zcluid=LCzIu2HkZh6/ftQvJyjjEg==&zdid=239&ziid=1642358302901.2&zpb=wu!&zpbcat=

Request Chain 33

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&33random=1642358302901.4&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&33random=1642358302901.4&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlhsUDFiVjRGRlVJWTAzQUR5SlgxdmktOGpZZEREcXBjTFpNcjFNSEN1VlE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlhsUDFiVjRGRlVJWTAzQUR5SlgxdmktOGpZZEREcXBjTFpNcjFNSEN1VlE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEHU3j7aGqsV-eyb5yXHqNzI&google_cver=1

Request Chain 36

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 37

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 38

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 39

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGIAB2HkZh4AAAAIIlMrAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.797.22723%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=99788564 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI HTTP 302
https://tags.bluekai.com/site/19505?id=y-7oTVY69E2pLZ5NbhdtJ7bFCUOOO2XNg1Cz8-~A

Request Chain 42

https://um.simpli.fi/lj_match?r=88374 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=DF226E1ACB384849ADD11E8124D1852D

Request Chain 43

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088 HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088&_li_chk=true&previous_uuid=555690ea03a24216be28e686513019f1 HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 44

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088 HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088&_li_chk=true&previous_uuid=2835e68b49b54987a45413a0dc51fc81 HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088

Request Chain 45

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=01cd02e97dd4a0dfe94af088&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=91210 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=01cd02e97dd4a0dfe94af088&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=91210&_expected_cookie=5985978c0907161bea7cfc6c854500b4 HTTP 302
https://ce.lijit.com/merge?pid=5014&3pid=5985978c0907161bea7cfc6c854500b4

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
baby-girls.my.id/
Redirect Chain

http://baby-girls.my.id/
https://baby-girls.my.id/

6 KB
3 KB

194ms
139ms

Document
text/html

2606:4700:3036::ac43:cbe7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baby-girls.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:cbe7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 8931ea0d119bbfbdb8bcdeaec8e0bb2a83755f82c4e0e0f6b52e58f5b51bbdb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Sun, 16 Jan 2022 18:38:22 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91jAgtMJHw7dvYRGl5Tr5XE4%2BonvyptynTAyxxG1t3wX7c%2BfQNj%2BR0cfOXUU8bnKSIHj584TTcgHe0BVKi8le2Y53reWswp1J3q72Kcj8XND3ZHuDrup6Dm4Voe4Ncion6V52Yg7r1SBhXi3MziB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ce975dc7992713c-YUL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Jan 2022 19:38:22 GMT
Location: https://baby-girls.my.id/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCWej7nrIJlcQtRv%2Fw%2FqkXNUpWhIrHyL0pXy154DIGxiH1TpDvD6CqJMuShe2W7ch0De7z7e8WmQMOQe006Uo1VHN3%2BWfGzXPJiHoZ7R3zJxm%2BkejWXY2Joq8a5YMegy%2B7IgAOcB4Lyc3riIv%2FLn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ce975dbcd89ecf6-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 664 B
857 B 82ms
34ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: baby-girls.my.id
URL: https://baby-girls.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 Jan 2022 16:52:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 16 Jan 2022 18:38:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jan 2022 18:38:22 GMT

GET
H2 200 love.gif
fuckboox.xyz/ 150 KB
151 KB 87ms
26ms Image
image/gif 2606:4700:3031::6815:55a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fuckboox.xyz/love.gif
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:55a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e02626e6136c11d2ddb9b4a4cf94faa7853f7c6f3ed644ff9bcfae6f4912666

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 440091
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 153467
last-modified: Tue, 11 Jan 2022 13:45:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OVJd78E2rridxHVdeXWcr3Kf890fpnbVZ34afUz179b4s7OxLikhAyAopKP5xAHkP2O5c0fqLNbt52eFiJhMm0CS0RpjtUI2sSyqlJihAE%2FclgRtIwMgmgx%2F%2FVOUu3PHUZnxsuQ%2FWbvpGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ce975ddd9ef4bb8-YUL
expires: Tue, 18 Jan 2022 16:23:31 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 59ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:31:20 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.122.0/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 4364
x-request-id: 161547490

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://baby-girls.my.id
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 04:58:07 GMT
x-content-type-options: nosniff
age: 394815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 04:58:07 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 376 B
511 B 44ms
11ms Script
text/html 192.99.8.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4618755&@f16&@g1&@h1&@i1&@j1642358302453&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:37783443&@b3:1642358302&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbaby-girls.my.id%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.27 Ajax, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500876.ip-192-99-8.net
Software: /
Resource Hash: 892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
Connection: close
Content-Length: 376
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 8 KB
9 KB 55ms
19ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbaby-girls.my.id%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4618755&@f16&@g1&@h1&@i1&@j1642358302453&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:37783443&@b3:1642358302&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbaby-girls.my.id%2F&@w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 17809f020af273f07dbf04a4c283eac3c67b0a6999c8d2741b4c698dc1b11c25

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
X-T: 0.776
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sun, 16 Jan 2022 18:38:21 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 64FB 1 KB
754 B 53ms
17ms Document
text/html 51.161.15.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001642358302B3638EE6955D25337F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbaby-girls.my.id%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570927.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9ba597dd2f014387b6236c86fdd5f7dc3fdf6a60e2d41f3ed78fd983f0362116

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 16 Jan 2022 18:38:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Sun, 16 Jan 2022 18:38:21 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 77ms
21ms Script
text/javascript 13.225.63.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbaby-girls.my.id%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-76.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 33790
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 17a79dcb426270de1bedb2a8dbcb8f72.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 16 Jan 2022 09:15:13 GMT
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: 2bxieoeYzgftUwrIB8Px-yCHUHv76QSqcjY4LMfq33z8MFOGsPMQwA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 167ms
35ms Script
application/javascript 3.131.111.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbaby-girls.my.id%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.131.111.10 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-131-111-10.us-east-2.compute.amazonaws.com

Software

Resource Hash

b724700f0486ee937dc3917f83e1b3896c54b7fbf5f0005a40694f8a4c80f2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 10 KB
4 KB 107ms
39ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbaby-girls.my.id%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 77888
etag: W/"612951fd-288b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6ce975df9c4054c7-YYZ
expires: Wed, 19 Jan 2022 18:38:22 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 52ms
17ms Script
application/javascript 51.161.15.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=baby-girls.my.id&_ss=2vdqc8cs1l&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=32nl&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbaby-girls.my.id%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570927.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0e2f18ac8eb9321b84bb9177e9996614e35d8ba8b09ad65ee6d2ca44f08f1787

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
X-T: 0.146
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 16 Jan 2022 18:38:21 GMT

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
404 B 88ms
20ms Script
application/javascript 45.55.120.93
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001642358302B3638EE6955D25337F&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fbaby-girls.my.id%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbaby-girls.my.id%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:45:25 GMT
X-T: 1
x-server: web13.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sun, 16 Jan 2022 18:45:24 GMT

GET
H2

200

tpid=6D001642358302B3638EE6955D25337F
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D001642358302B3638EE6955D25337F
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001642358302B3638EE6955D25337F

49 B
736 B

42ms
41ms

Image
image/gif

54.89.1.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001642358302B3638EE6955D25337F
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: H2
Server: 54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-1-168.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 18:38:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.5.223
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 16 Jan 2022 18:38:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001642358302B3638EE6955D25337F
cache-control: no-cache
x-server: 10.40.37.167
content-length: 0
expires: 0

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
425 B 151ms
81ms Image
image/gif 23.200.228.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=6D001642358302B3638EE6955D25337F&ret=html&phint=__bk_l%3Dhttps%3A%2F%2Fbaby-girls.my.id%2F&r=44192283
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.228.59 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-228-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 18:38:22 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: c45e
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

2981
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D001642358302B3638EE6955D25337F
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=11fc2c053e646d9b
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=6bb4175e-1b18-4173-8b52-40ea2375a9c6&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=N0pkMEpPd005OVlmcUtIQw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEH2PcpEAlGlv5JpK_G32jl0&google_cver=1

62 B
550 B

107ms
106ms

Image
image/gif

23.200.228.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEH2PcpEAlGlv5JpK_G32jl0&google_cver=1
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 23.200.228.59 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-228-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 18:38:23 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 52b5
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Jan 2022 18:38:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEH2PcpEAlGlv5JpK_G32jl0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
948 B 96ms
30ms Fetch
application/json 54.230.162.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-32.ewr53.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:19:01 GMT
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront), 1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
age: 8361
x-amzn-requestid: b8276b5e-c667-4f4b-872c-9eb27f259424
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: IAD89-C3, EWR53-C3
x-amz-apigw-id: MC_KaHPSCYcFthQ=
content-length: 535
x-amz-cf-id: Wz9J3htFPFsDBDUrjY3MKVb6LtqomjM6LVi0AEpbqJlzusmhHm9w_g==

GET
H2 200 p
ic.tynt.com/b/ 35 B
523 B 110ms
33ms Image
image/gif 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1642358302679&dn=AFWU&iso=0&t=baby-girls.my.id
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:23 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
etag: "4bc8846c-23"
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-type: image/gif
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 99ms
20ms Script
application/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.21746209223044866&stid=ZGIAB2HkZh4AAAAIIlMrAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

cbba25709384ed0e1ac59bc715799424db52d8390410979c30d2ebfda0e4b29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 16 Jan 2022 19:38:22 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 36ms
35ms Image
image/gif 3.131.111.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fbaby-girls.my.id%2F&event_source=dtscout&rnd=0.21746209223044866&exptid=ZGIAB2HkZh4AAAAIIlMrAw%3D%3D&fcmp=false

Requested by

Host: baby-girls.my.id
URL: https://baby-girls.my.id/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.131.111.10 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-131-111-10.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H2 200 v2 Show response
de.tynt.com/deb/ 980 B
2 KB 98ms
31ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 6e50c3f8ccc8df5b6d783f759cf076844d3df4fbda7c5da2d5f6a53c349aa8d6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:22 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 980
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 72A7 2 KB
1 KB 26ms
26ms Document
text/html 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.797.22723&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.21746209223044866&stid=ZGIAB2HkZh4AAAAIIlMrAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/

Response headers

Content-Length: 1160
Cache-Control: max-age=604800
Expires: Sun, 23 Jan 2022 18:38:22 GMT
Date: Sun, 16 Jan 2022 18:38:22 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Encoding: gzip
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
831 B 103ms
50ms Fetch
application/json 13.226.31.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.31.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-31-29.ewr53.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:22 GMT
content-encoding: gzip
server: restify
x-amz-cf-pop: EWR53-C2
vary: Accept-Encoding,origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://baby-girls.my.id
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-id: Oc8OE6Pd7RrV9T2PgqhBbmglNDZhxOdpV_tGSgGnkBiyacwQV52VpA==
via: 1.1 bcc31f3e5b9e78f99a5a01aa529f6c94.cloudfront.net (CloudFront)

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.797.22723/a/CA/ Frame CA4A 20 KB
9 KB 25ms
25ms Script
text/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.797.22723/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.797.22723&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

aa9687a4c01d12ea25f7977bd4041c99e2d5a82cc7426614bf524f476dd31f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.797.22723&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8770
Expires: Sun, 23 Jan 2022 18:38:22 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame 1509 438 B
675 B 35ms
35ms Script
application/javascript 3.131.111.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.797.22723&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.131.111.10 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-131-111-10.us-east-2.compute.amazonaws.com

Software

Resource Hash

1a5bbedc5831a4f447a9fd4078908f2e904fb77b0042393616b8e67c50515435

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:22 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame CA4A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=6bb4175e-1b18-4173-8b52-40ea2375a9c6&gdpr=0&gdpr_consent=

42 B
297 B

145ms
35ms

Image
image/gif

3.15.117.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=6bb4175e-1b18-4173-8b52-40ea2375a9c6&gdpr=0&gdpr_consent=

Requested by

Host: baby-girls.my.id
URL: https://baby-girls.my.id/

Protocol

HTTP/1.1

Server

3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-15-117-250.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Length: 42
Stid: ZGIAB2HkZh4AAAAIIlMrAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 16 Jan 2022 18:38:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=6bb4175e-1b18-4173-8b52-40ea2375a9c6&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame CA4A
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=3e3d68401bc2275143a12779cbd277df

42 B
297 B

174ms
36ms

Image
image/gif

3.15.117.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=3e3d68401bc2275143a12779cbd277df

Requested by

Host: baby-girls.my.id
URL: https://baby-girls.my.id/

Protocol

HTTP/1.1

Server

3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-15-117-250.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Length: 42
Stid: ZGIAB2HkZh4AAAAIIlMrAw==
Content-Type: image/gif

Redirect headers

date: Sun, 16 Jan 2022 18:38:23 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=3e3d68401bc2275143a12779cbd277df
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame CA4A
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2wUzq_SVNMdk7uIKQa6osSGKNA9Ak9w40DtIfCJQalCw&gdpr=0&gdpr_consent=

42 B
297 B

134ms
36ms

Image
image/gif

3.15.117.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2wUzq_SVNMdk7uIKQa6osSGKNA9Ak9w40DtIfCJQalCw&gdpr=0&gdpr_consent=

Requested by

Host: baby-girls.my.id
URL: https://baby-girls.my.id/

Protocol

HTTP/1.1

Server

3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-15-117-250.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Length: 42
Stid: ZGIAB2HkZh4AAAAIIlMrAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2wUzq_SVNMdk7uIKQa6osSGKNA9Ak9w40DtIfCJQalCw&gdpr=0&gdpr_consent=
Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame CA4A
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGIAB2HkZh4AAAAIIlMrAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3624467040497565710
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNDQ2NzA0MDQ5NzU2NTcxMBAAGg0In8yRjwYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=8066fcfc5e7a444e5d854323a6eb32296119e88bffd55590816120398c6e0311f4cb09cee1a4f8eb&person_id=3624467040497565710&eid=50082

43 B
312 B

25ms
25ms

Image
image/gif

34.235.23.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=8066fcfc5e7a444e5d854323a6eb32296119e88bffd55590816120398c6e0311f4cb09cee1a4f8eb&person_id=3624467040497565710&eid=50082
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-23-231.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Mon, 17 Jan 2022 13:38:23 GMT

Redirect headers

date: Sun, 16 Jan 2022 18:38:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=8066fcfc5e7a444e5d854323a6eb32296119e88bffd55590816120398c6e0311f4cb09cee1a4f8eb&person_id=3624467040497565710&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame CA4A
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGIAB2HkZh4AAAAIIlMrAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=Mlp0J99999YGMrHC&BK_SWAP_DEST=5957

42 B
297 B

159ms
36ms

Image
image/gif

3.15.117.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=Mlp0J99999YGMrHC&BK_SWAP_DEST=5957

Requested by

Host: baby-girls.my.id
URL: https://baby-girls.my.id/

Protocol

HTTP/1.1

Server

3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-15-117-250.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Length: 42
Stid: ZGIAB2HkZh4AAAAIIlMrAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/oracle?uid=Mlp0J99999YGMrHC&BK_SWAP_DEST=5957
Date: Sun, 16 Jan 2022 18:38:23 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: fa57
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame F71C 343 B
531 B 104ms
34ms Document
text/html 104.18.14.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/

Response headers

date: Sun, 16 Jan 2022 18:38:23 GMT
content-type: text/html
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
vary: Accept-Encoding
etag: W/"6129520b-157"
content-encoding: gzip
cf-cache-status: HIT
age: 87602
expires: Wed, 19 Jan 2022 18:38:23 GMT
cache-control: public, max-age=259200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ce975e219165497-YYZ

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&33random=1642358302901.1&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&33random=1642358302901.1&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlhsUDFiVjRGRlVJWTAzQUR5SlgxdmktOGpZZEREcXBjTFpNcjFNSEN1VlE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlhsUDFiVjRGRlVJWTAzQUR5SlgxdmktOGpZZEREcXBjTFpNcjFNSEN1VlE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESENxteXRzP9pIqhc8B7bx9vc&google_cver=1

70 B
440 B

26ms
26ms

Image
image/gif

52.3.138.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESENxteXRzP9pIqhc8B7bx9vc&google_cver=1
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-138-212.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 16 Jan 2022 18:38:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESENxteXRzP9pIqhc8B7bx9vc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=&zcluid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&ziid=1642358302901.2
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=62bd00c7-db6a-4702-5e1f-532a327aafa2&reqId=97f6be59-f997-4440-6fbe-...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26ctry%3DCA%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D62bd00c7-db6a-4702-5e...
https://mwzeom.zeotap.com/mw?adnxs_uid=5941192019936061130&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=62bd00c7-db6a-4702-5e1f-532a327aafa2&reqId=97f6be59-f997-4440-6fbe-7cf2ce73f959&...

95 B
178 B

71ms
55ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=5941192019936061130&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=62bd00c7-db6a-4702-5e1f-532a327aafa2&reqId=97f6be59-f997-4440-6fbe-7cf2ce73f959&us_privacy=&zcluid=LCzIu2HkZh6/ftQvJyjjEg==&zdid=239&ziid=1642358302901.2&zpb=wu!&zpbcat=
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://baby-girls.my.id
access-control-allow-credentials: true
cf-ray: 6ce975e31debca47-YUL
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 18:38:23 GMT
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 803.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 1843bb53-833e-4b43-ab4a-e6581c4ba82d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=5941192019936061130&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=62bd00c7-db6a-4702-5e1f-532a327aafa2&reqId=97f6be59-f997-4440-6fbe-7cf2ce73f959&us_privacy=&zcluid=LCzIu2HkZh6/ftQvJyjjEg==&zdid=239&ziid=1642358302901.2&zpb=wu!&zpbcat=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&33random=1642358302901.4&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=LCzIu2HkZh6%2FftQvJyjjEg%3D%3D&us_privacy=&33random=1642358302901.4&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlhsUDFiVjRGRlVJWTAzQUR5SlgxdmktOGpZZEREcXBjTFpNcjFNSEN1VlE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlhsUDFiVjRGRlVJWTAzQUR5SlgxdmktOGpZZEREcXBjTFpNcjFNSEN1VlE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEHU3j7aGqsV-eyb5yXHqNzI&google_cver=1

70 B
440 B

26ms
25ms

Image
image/gif

52.3.138.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEHU3j7aGqsV-eyb5yXHqNzI&google_cver=1
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-138-212.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 16 Jan 2022 18:38:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEHU3j7aGqsV-eyb5yXHqNzI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 6 KB
2 KB 78ms
18ms Script
text/javascript 54.230.162.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-76.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:31:37 GMT
server: AmazonS3
age: 589
etag: W/"5ff42869b876a4eddafd981cab0b8818"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 b364a698bd3b40fc657ca5500f6818ce.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Sun, 16 Jan 2022 18:28:35 GMT
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: 1WucVHJ8mRyNRL5E41FBB5M3F6ypP-V6uGTiG0AGmt8kySdZezC3tA==

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ Frame 1509 51 KB
16 KB 80ms
19ms Script
application/javascript 23.217.46.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.217.46.172 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-46-172.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Sun, 16 Jan 2022 18:38:23 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Sun, 23 Jan 2022 18:38:23 GMT

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
464 B

85ms
28ms

Fetch
application/json

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 65b7061d0c38f15e43ae33576caa49be3b12f8a50b837c30fb8139191d9c938d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://baby-girls.my.id
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Access-Control-Allow-Origin: https://baby-girls.my.id
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
464 B

89ms
30ms

Fetch
application/json

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 65b7061d0c38f15e43ae33576caa49be3b12f8a50b837c30fb8139191d9c938d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://baby-girls.my.id
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Access-Control-Allow-Origin: https://baby-girls.my.id
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
464 B

87ms
29ms

Fetch
application/json

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 65b7061d0c38f15e43ae33576caa49be3b12f8a50b837c30fb8139191d9c938d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://baby-girls.my.id
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Access-Control-Allow-Origin: https://baby-girls.my.id
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

19505
tags.bluekai.com/site/ Frame FB8A
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGIAB2HkZh4AAAAIIlMrAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.797.22723%26cid%3Dc010%26cl...
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI
https://tags.bluekai.com/site/19505?id=y-7oTVY69E2pLZ5NbhdtJ7bFCUOOO2XNg1Cz8-~A

62 B
421 B

141ms
105ms

Document
image/gif

23.200.228.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/19505?id=y-7oTVY69E2pLZ5NbhdtJ7bFCUOOO2XNg1Cz8-~A
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.228.59 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-228-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: about:blank

Response headers

Content-Type: image/gif
Content-Length: 62
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Date: Sun, 16 Jan 2022 18:38:23 GMT
Connection: keep-alive

Redirect headers

date: Sun, 16 Jan 2022 18:38:23 GMT
content-type: text/html;charset=utf-8
location: https://tags.bluekai.com/site/19505?id=y-7oTVY69E2pLZ5NbhdtJ7bFCUOOO2XNg1Cz8-~A
content-length: 0
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame F71C 23 KB
8 KB 75ms
18ms Script
text/javascript 54.230.162.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-35.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 16 Jan 2022 12:59:56 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 20:35:46 GMT
server: AmazonS3
age: 20308
etag: W/"01cacbace375528e9789d3b3ed3804c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3d82e0cf3bc07e417aa87107adc81ac8.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: e4pz2CZI8pskZMJIFHB_7Nbgiqf84y2qiu655l3_hBMSsvmWBVxOCQ==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F71C 156 B
535 B 42ms
40ms XHR
application/json 54.89.1.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-1-168.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4afc2ad3848acda252bc8b01f81a4c8d2d1f3afe44e0627d0dc8443d14b0a3d9

Request headers

Referer: https://cdn-tc.33across.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 18:38:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.12.233
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 156
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=88374
https://ce.lijit.com/merge?pid=2&3pid=DF226E1ACB384849ADD11E8124D1852D

43 B
670 B

103ms
35ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=DF226E1ACB384849ADD11E8124D1852D
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 18:38:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 16 Jan 2022 18:38:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=DF226E1ACB384849ADD11E8124D1852D
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 15 Jan 2022 18:38:23 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088&_li_chk=true&previous_uuid=555690ea03a24216be28e686513019f1
https://x.bidswitch.net/sync?dsp_id=42&user_id=
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

43 B
510 B

38ms
38ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date: Sun, 16 Jan 2022 18:38:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

59074
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088&_li_chk=true&previous_uuid=2835e68b49b54987a45413a0dc51fc81
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088

43 B
447 B

83ms
26ms

Image
image/gif

2600:1f18:444a:4680:b988:ecc0:9832:67ce
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088

Requested by

Host: baby-girls.my.id
URL: https://baby-girls.my.id/

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:b988:ecc0:9832:67ce Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 3fcd41df466c894f
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=01cd02e97dd4a0dfe94af088
Date: Sun, 16 Jan 2022 18:38:22 GMT
Connection: keep-alive
trace-id: 48d11b5125dad242
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=01cd02e97dd4a0dfe94af088&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=01cd02e97dd4a0dfe94af088&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://ce.lijit.com/merge?pid=5014&3pid=5985978c0907161bea7cfc6c854500b4

43 B
673 B

94ms
36ms

Image
image/gif

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5014&3pid=5985978c0907161bea7cfc6c854500b4
Requested by: Host: baby-girls.my.id
URL: https://baby-girls.my.id/
Protocol: HTTP/1.1
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 18:38:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 16 Jan 2022 18:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://ce.lijit.com/merge?pid=5014&3pid=5985978c0907161bea7cfc6c854500b4
cf-ray: 6ce975e40bc353ef-YYZ
content-length: 0

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame DBD0 0
0 81ms
27ms Document
text/plain 13.226.31.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=56195
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.31.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-31-87.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/

Response headers

date: Sun, 16 Jan 2022 18:38:23 GMT
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
x-cache: Miss from cloudfront
via: 1.1 dd50f5bdd8da1cdd9e698cc2d6f8e828.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: 92-ldCJZyV354MrIoE39XoGg0fJbd_KoMYOpIz8X8tsy9jntUPJOLg==

POST
H/1.1 200
OK /
t.dtscout.com/pv/ 0
261 B 33ms
14ms Ping
application/javascript 51.161.15.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbaby-girls.my.id%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570927.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://baby-girls.my.id/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySiBik1dmaUGsE1mi

Response headers

Date: Sun, 16 Jan 2022 18:38:23 GMT
X-T: 0.14
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 16 Jan 2022 18:38:22 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 113ms
34ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://baby-girls.my.id/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 16 Jan 2022 18:38:23 GMT
content-length: 0
vary: Origin

GET
H2 200 Primary Request / Show response
tenderchicksfx.com/ 11 KB
5 KB 403ms
337ms Document
text/html 2606:4700:3034::ac43:8655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:8655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7219815b8a082aeba313966a208ffa456fc8aad520dddb546880fd5c20215422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baby-girls.my.id/

Response headers

date: Sun, 16 Jan 2022 18:38:23 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdws00sguHwUhPUN6i%2BM81%2B19IneRBm%2BBK2aCjhL1tXV6OqACAaFnUdaRDaCJFoeYUO0WGUuyySD7MMoRDNunmPZViccuQ6HdqCqUAzIjiUxCBxxEExAP9rJFgP8pFtXl%2B8jota%2BckkIxly1Bh1UM9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ce975e5cc94715a-YUL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST a.gif
t.sharethis.com/d/ Frame CA4A 0
0

GET
H3 200 css
fonts.googleapis.com/ 2 KB
525 B 64ms
36ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext

Requested by

Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4693ae478e1e7aab4ad441a824430a2299d89c3354e388eb10f6ea8100f6b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tenderchicksfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 Jan 2022 18:32:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 16 Jan 2022 18:38:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jan 2022 18:38:24 GMT

GET
H3 200 icon-cross.svg
tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/ 316 B
902 B 296ms
270ms Image
image/svg+xml 2606:4700:3034::ac43:8655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/icon-cross.svg
Requested by: Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c1977f089e4d0203a71c28178bd1b9f019a97690df9687984f7fc4e57c511b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4864
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 11:53:22 GMT
server: cloudflare
etag: W/"6194ed32-13c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6xuNMlG2hHNEKFps72O%2B6yB0gC0mwol1Tfs3UGSDKdWFsB8B6ly2OWikn1k2qamUAy1arBxFh6%2Bzku9mp0A7nEfzBsbEtzcT358O7pShWaasFz7aiBEm4F%2BK65Pl%2Bpy5cGZclAc1UHIU0bmYYz4f0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=14400
cf-ray: 6ce975e839bf4bca-YUL
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 icon-chevron-right.svg
tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/ 240 B
894 B 101ms
80ms Image
image/svg+xml 2606:4700:3034::ac43:8655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/icon-chevron-right.svg
Requested by: Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77d6c825244bbd244c8184f51b1f8b91064c1c2fa30d5883fcc2457f93d3a5f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4864
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 11:53:22 GMT
server: cloudflare
etag: W/"6194ed32-f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2B7GfCOVniEyC4f9lz09xGpKTg1n8EjpIiGX9Zzn3%2FX9Nh%2BD6uiueOhuiAKWdsUsozolzhP2qIciJSt%2F5lPKEmFMI%2F%2FMnRsH3POuoRfqC%2FClWIngDyUlKhGL9mSr3BCsY8W1IDTZ6d1PM1jLdQOquWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=14400
cf-ray: 6ce975e839bc4bca-YUL
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 89ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://tenderchicksfx.com/
Origin: https://tenderchicksfx.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:24 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1642358304.dop058.dc2.t,1642358304.cds094.dc2.hn,1642358304.cds164.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 jquery.background-video.min.js Show response
cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/ 3 KB
2 KB 76ms
31ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js

Requested by

Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

011aefbda7751bf283a0a16c869bb14d49d2ecfa767ae161c6db3a1eda0336e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tenderchicksfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7163324
x-jsd-version: 1.1.0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19136-FRA, cache-yyz4535-YYZ
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c2c-rk12AHoQRv8E9UcxhQwjPVHVc68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ce975e85c84ca57-YUL

GET
H3 200 p.js Show response
tenderchicksfx.com/ 404 B
1 KB 293ms
271ms Script
application/javascript 2606:4700:3034::ac43:8655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tenderchicksfx.com/p.js?a=1080289&cr=52802&lid=16320&mh=dkdVVnNiYU1BZldXZWVmcndvQ3JtVm1PekVRd0x6eUlMUG1zbEctMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=Ijay

Requested by

Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62253e1fc8b12cd2816bb04b649a660da36ec82b66af3670120b7886f3a41bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1M57cS5kVNe%2BZeGgct6bd6Wr5QCFbmvP9DebAiBJ6lf2c0NS0NTvtDQbs5R9JdV9p6J48%2BwGGOv17xQpmRTyPGl%2BG0p75waU0sknRqoiPbkhJE5jH6%2B4xojEf9ECOu0Ky928DLw4ZdIY%2F6zEigQA%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cf-ray: 6ce975e839c04bca-YUL

GET
H3 200 f.js Show response
tenderchicksfx.com/lstatic/ 2 KB
2 KB 395ms
373ms Script
application/javascript 2606:4700:3034::ac43:8655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenderchicksfx.com/lstatic/f.js
Requested by: Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 963a44fa6cbb7486c60762c3ee87598cebac50d93ffc8bcda9ac4b946637138b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 18:38:24 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 11:53:19 GMT
server: cloudflare
etag: W/"6194ed2f-6ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbKP%2BAGKR%2FcQXiX03s0VwVzv99hV01bAS3O%2BKmui3mmzUrMg7oY0IcClnURdGdBD0VrMfadFuZczsAAGsb%2BbwlDz6na66azLBcdwkNWOvJ57QCn%2BDDzFHZY2cuHEjLF%2B8zubB1DWKA3puezIooWf2og%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=14400
cf-ray: 6ce975e839b94bca-YUL
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 206 1.mp4
tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/video/ 974 KB
975 KB 73ms
61ms Media
video/mp4 2606:4700:3034::ac43:8655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenderchicksfx.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/video/1.mp4
Requested by: Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3b62fbea6a0f85a16904129c448a32bac1b84f6d63987fb12a4bec2bc91e97

Request headers

Referer: https://tenderchicksfx.com/?utm_source=QgnTN6xIx57f2&utm_campaign=Ijay
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 16 Jan 2022 18:38:24 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4863
Content-Range: bytes 0-997796/997797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 997797
last-modified: Wed, 17 Nov 2021 11:53:22 GMT
server: cloudflare
etag: "6194ed32-f39a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcTeQTqeUDSmq5wjyjvkOuZcWuOMrMXSqm1WOK%2BgIZX9g4Yc83yaG9Knpq7cxQvPcOIRLkaUCmbmi44rDST7bsr9PCIXztr%2Fs9UELLMiyGm4O8Df97LUt5VQqACD22Hn6YYQmVyT7r5WAKvm5B1LyAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=14400
cf-ray: 6ce975e839bd4bca-YUL
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v21/ 12 KB
12 KB 49ms
21ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v21/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tenderchicksfx.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 19:37:55 GMT
x-content-type-options: nosniff
age: 428429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12648
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 19:37:55 GMT

POST
H3 200 featrepl Show response
tenderchicksfx.com/ 2 B
615 B 203ms
202ms XHR
text/plain 2606:4700:3034::ac43:8655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenderchicksfx.com/featrepl?a=1080289&cr=52802&lid=16320&mh=dkdVVnNiYU1BZldXZWVmcndvQ3JtVm1PekVRd0x6eUlMUG1zbEctMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=Ijay
Requested by: Host: tenderchicksfx.com
URL: https://tenderchicksfx.com/lstatic/f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://tenderchicksfx.com/?a=1080289&cr=52802&lid=16320&mh=dkdVVnNiYU1BZldXZWVmcndvQ3JtVm1PekVRd0x6eUlMUG1zbEctMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=Ijay
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 16 Jan 2022 18:38:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMcXu5dgQaF%2Ff4MSY%2F3nBSqdKJzGpoPHQLkfd1INJ5oPKFNMkCCpPQSlEqeHTClIeT4DD9qQtd24BuNG%2BW0aurfhXjQZMmZN8boNCRWxGB1%2FAJzqyKWkMVSpRUdninaz%2BJYa%2FIP9VO7IQ7QqMEb9izo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6ce975ea9c634bca-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.sharethis.com
URL: https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGIAB2HkZh4AAAAIIlMrAw%253D%253D&tt=t.dhj&dhjLcy=1642358302839&lbl=pxcel&flbl=pxcel&ll=d&ver=1.797.22723&ell=d&cck=__stid&dmn=baby-girls.my.id&pn=%2F&qs=na&rdn=baby-girls.my.id&rpn=%2F&rqs=na&cc=CA&cont=NA&evid=TjuLk5XA3D9D6DmAZRSM&urls=!1!271!b-13j,!1!300!b-13h,!1!309!b-14s,!1!0!b-14t,!1!345!b-150,!1!254!b-16f&rnd=1642358303986&cid=c010&version=1.797.22723&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=30&sndBcn=1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 00:55:50	Name: _li_ss Value: MgkI_____wcQrhE
baby-girls.my.id/	1970-01-20 08:58:14	Name: HstCfa4618755 Value: 1642358302453
baby-girls.my.id/	1970-01-20 08:58:14	Name: HstCla4618755 Value: 1642358302453
baby-girls.my.id/	1970-01-20 08:58:14	Name: HstCmu4618755 Value: 1642358302453
baby-girls.my.id/	1970-01-20 08:58:14	Name: HstPn4618755 Value: 1
baby-girls.my.id/	1970-01-20 08:58:14	Name: HstPt4618755 Value: 1
baby-girls.my.id/	1970-01-20 08:58:14	Name: HstCnv4618755 Value: 1
baby-girls.my.id/	1970-01-20 08:58:14	Name: HstCns4618755 Value: 1
.dtscout.com/	1970-01-20 00:12:43	Name: m Value: 1
.dtscout.com/	1970-01-20 00:12:56	Name: b Value: 1
.dtscout.com/	1970-01-20 00:12:41	Name: st Value: 1
.dtscout.com/	1970-01-20 00:12:52	Name: oa Value: 1
.dtscout.com/	1970-01-20 02:36:38	Name: df Value: 1642358302
.dtscout.com/	1970-01-20 02:20:47	Name: l Value: 6D001642358302B3638EE6955D25337F
.baby-girls.my.id/	1970-01-20 02:17:55	Name: __dtsu Value: 6D001642358302B3638EE6955D25337F
.sharethis.com/	1970-01-20 08:58:14	Name: __stid Value: ZGIAB2HkZh4AAAAIIlMrAw==
.sharethis.com/	1970-01-20 08:58:14	Name: __stidv Value: 2
.dtscdn.com/	1970-01-20 04:30:23	Name: uid Value: 6D001642358302B3638EE6955D25337F
.crwdcntrl.net/	1970-01-20 06:41:24	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 06:41:24	Name: _cc_id Value: 1732d9054cec3267297740a2f17b2eee
.crwdcntrl.net/	1970-01-20 06:41:26	Name: _cc_cc Value: "ACZ4XmNQMDQ3NkqxNDA1SU5NNjYyMzeyNDc3MUg0SjM0TzJKTU1lAILEJ2lyIBoKAEEJCks%3D"
.crwdcntrl.net/	1970-01-20 06:41:26	Name: _cc_aud Value: "ABR4XmNgYGBIfJImB6SgAAAXBgHK"
.tynt.com/	1970-01-20 08:58:14	Name: uid Value: LCzIu2HkZh6/ftQvJyjjEg==
.tynt.com/	1970-01-20 02:22:14	Name: pids Value: %5B%7B%22p%22%3A%221d819f216e%22%2C%22f%22%3A1%2C%22ts%22%3A1642358302901%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1642358302901%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1642358302901%7D%5D
.onaudience.com/	1970-01-20 08:58:14	Name: cookie Value: d07d1bc645e937e7
.onaudience.com/	1970-01-20 00:14:04	Name: done_redirects109 Value: 1
.t.sharethis.com/	1970-01-20 00:32:47	Name: pxcelPage_default_c010_C Value: 1_0_1642358302951
.adsrvr.org/	1970-01-20 08:58:14	Name: TDID Value: 6bb4175e-1b18-4173-8b52-40ea2375a9c6
.exelator.com/	1970-01-20 03:05:26	Name: EE Value: "3e3d68401bc2275143a12779cbd277df"
.bluekai.com/	1970-01-20 04:31:50	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 04:31:50	Name: bku Value: +rQ99O8Z8sW8kw/A
.exelator.com/	1970-01-20 03:05:26	Name: ud Value: "eJxrXxzq6XKLQcE41TjFzMLEwDAp2cjI3NTQxDjR0Mjc3DI5KQVIpaQtLkstWrC0tDg1JenQkoqckpym1WXxoY7xbo6%252Bnj6Ry5wzivJzU1eAhcJcgxZZmi%252FJL8pMX%252BTsuLgoJY1hUUnxqeD9RuIAVpEpDA%253D%253D"
.eyeota.net/	1970-01-20 08:58:14	Name: mako_uid Value: 17e642ee969-63860000010a53b5
.eyeota.net/	1970-01-20 00:12:38	Name: SERVERID Value: 21429~DM
.zeotap.com/	1970-01-20 08:58:14	Name: zc Value: 62bd00c7-db6a-4702-5e1f-532a327aafa2
.ml314.com/	1970-01-20 08:58:14	Name: pi Value: 3624467040497565710
.lijit.com/	1970-01-20 08:58:14	Name: ljt_reader Value: 01cd02e97dd4a0dfe94af088
.adnxs.com/	1970-01-20 02:22:14	Name: uuid2 Value: 5941192019936061130
.adsrvr.org/	1970-01-20 08:58:14	Name: TDCPM Value: CAESFgoHYmx1ZWthaRILCObCvYityqw6EAUYBSACKAIyCwjC_Y-0w8qsOhAFOAE.
.rlcdn.com/	1970-01-20 08:58:14	Name: rlas3 Value: qDC5agdVfcbmNF/6jg/iM8LPsocpLHidCOobmmx7no0=
.doubleclick.net/	1970-01-20 17:43:50	Name: IDE Value: AHWqTUl3MY79l7eiiCmT8Cl-7qJm-3GASgkd05KCodp1NoqBZROSKiyP-8Rx7hTGoaY
.rlcdn.com/	1970-01-20 01:39:02	Name: pxrc Value: CJ/MkY8GEgUI6AcQABIFCNtOEAA=
.yahoo.com/	1970-01-20 08:58:35	Name: A3 Value: d=AQABBB9m5GECENSu4NRexd8nLWCicZYWPmcFEgEBAQG35WHuYQAAAAAA_SMAAA&S=AQAAArbWSg66LskXUztYe4aIO1U
.intentiq.com/	1970-01-20 17:43:50	Name: IQver Value: 1.9
.adsymptotic.com/	1970-01-20 02:22:14	Name: U Value: 5985978c0907161bea7cfc6c854500b4
.simpli.fi/	1970-01-20 08:59:40	Name: suid Value: DF226E1ACB384849ADD11E8124D1852D
.liadm.com/	1970-01-20 17:43:50	Name: lidid Value: 2835e68b-49b5-4987-a454-13a0dc51fc81
.lijit.com/	1970-01-20 08:58:14	Name: _ljtrtb_2 Value: DF226E1ACB384849ADD11E8124D1852D
.lijit.com/	1970-01-20 08:58:14	Name: _ljtrtb_5014 Value: 5985978c0907161bea7cfc6c854500b4
.bidswitch.net/	1970-01-20 08:58:14	Name: tuuid Value: 195c48a0-cafd-48e7-b25b-a1d466d1c184
.bidswitch.net/	1970-01-20 08:58:14	Name: c Value: 1642358303
.bidswitch.net/	1970-01-20 08:58:14	Name: tuuid_lu Value: 1642358303
tenderchicksfx.com/	1970-01-23 15:48:38	Name: c Value: a1wrbson6jeb2b
tenderchicksfx.com/	1970-01-20 00:55:50	Name: _csfn Value: 52a39a790e23fdb138cd8a67e36c10a9
tenderchicksfx.com/	1970-01-20 08:58:14	Name: k Value: SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTY5NDUwbQAAAApSallsUFFZUG9wbQAAAANoaWRtAAAAJnZHVVZzYmFNQWZXV2VlZnJ3b0NybVZtT3pFUXdMenlJTFBtc2xHbQAAAAJobGEBbQAAAAJwbGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8yZAADbmlsbQAAAAd0cmFja2VybQAAAARJamF5bQAAAAN1bnFtAAAADExBaExucW1McWFIZw.tagi_IwOirDp-p536ThedMrz5Dl8Z_NXcvtM_B-V6M8
tenderchicksfx.com/	1969-12-31 23:59:59	Name: __fjs Value: 1111111111110100111111111011

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.lijit.com
api.intentiq.com
baby-girls.my.id
bcp.crwdcntrl.net
cdn-tc.33across.com
cdn.jsdelivr.net
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
connect-metrics-collector.s-onetag.com
data-beacons.s-onetag.com
de.tynt.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
fuckboox.xyz
get.s-onetag.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
loadus.exelator.com
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.adsymptotic.com
pd.sharethis.com
pixel.onaudience.com
ps.eyeota.net
s10.histats.com
s4.histats.com
spl.zeotap.com
stags.bluekai.com
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tenderchicksfx.com
um.simpli.fi
x.bidswitch.net
t.sharethis.com
104.18.102.194
104.18.14.222
104.18.28.199
13.225.63.76
13.226.31.29
13.226.31.87
141.94.170.77
142.251.32.98
15.197.193.217
158.69.139.226
192.99.8.27
2001:4de0:ac18::1:a:2b
23.200.228.59
23.217.18.225
23.217.46.172
2600:1f18:444a:4680:b988:ecc0:9832:67ce
2606:4700:10::6816:1857
2606:4700:3031::6815:55a
2606:4700:3034::ac43:8655
2606:4700:3036::ac43:cbe7
2606:4700::6810:5614
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::200a
3.131.111.10
3.15.117.250
34.235.23.231
35.190.60.146
35.211.178.172
45.55.120.93
46.105.201.240
51.161.15.93
52.0.156.250
52.116.221.248
52.200.52.32
52.3.138.212
54.230.162.32
54.230.162.35
54.230.162.76
54.89.1.168
63.251.86.49
63.251.86.51
67.202.105.32
67.202.105.33
68.67.161.183
75.2.13.80
76.13.32.147
011aefbda7751bf283a0a16c869bb14d49d2ecfa767ae161c6db3a1eda0336e4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e02626e6136c11d2ddb9b4a4cf94faa7853f7c6f3ed644ff9bcfae6f4912666
0e2f18ac8eb9321b84bb9177e9996614e35d8ba8b09ad65ee6d2ca44f08f1787
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17809f020af273f07dbf04a4c283eac3c67b0a6999c8d2741b4c698dc1b11c25
1a5bbedc5831a4f447a9fd4078908f2e904fb77b0042393616b8e67c50515435
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b3b62fbea6a0f85a16904129c448a32bac1b84f6d63987fb12a4bec2bc91e97
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4afc2ad3848acda252bc8b01f81a4c8d2d1f3afe44e0627d0dc8443d14b0a3d9
5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
65b7061d0c38f15e43ae33576caa49be3b12f8a50b837c30fb8139191d9c938d
6e50c3f8ccc8df5b6d783f759cf076844d3df4fbda7c5da2d5f6a53c349aa8d6
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7219815b8a082aeba313966a208ffa456fc8aad520dddb546880fd5c20215422
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262
8931ea0d119bbfbdb8bcdeaec8e0bb2a83755f82c4e0e0f6b52e58f5b51bbdb6
963a44fa6cbb7486c60762c3ee87598cebac50d93ffc8bcda9ac4b946637138b
9ba597dd2f014387b6236c86fdd5f7dc3fdf6a60e2d41f3ed78fd983f0362116
a62253e1fc8b12cd2816bb04b649a660da36ec82b66af3670120b7886f3a41bc
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
aa9687a4c01d12ea25f7977bd4041c99e2d5a82cc7426614bf524f476dd31f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b724700f0486ee937dc3917f83e1b3896c54b7fbf5f0005a40694f8a4c80f2d5
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cbba25709384ed0e1ac59bc715799424db52d8390410979c30d2ebfda0e4b29d
d77d6c825244bbd244c8184f51b1f8b91064c1c2fa30d5883fcc2457f93d3a5f
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4693ae478e1e7aab4ad441a824430a2299d89c3354e388eb10f6ea8100f6b7f
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c1977f089e4d0203a71c28178bd1b9f019a97690df9687984f7fc4e57c511b
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

tenderchicksfx.com Open in urlscan Pro 2606:4700:3034::ac43:8655 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

70 %HTTPS

20 %IPv6

33 Domains

48 Subdomains

37 IPs

5 Countries

1292 kBTransfer

1441 kBSize

56 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

tenderchicksfx.com Open in urlscan Pro
2606:4700:3034::ac43:8655 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

70 %
HTTPS

20 %
IPv6

33
Domains

48
Subdomains

37
IPs

5
Countries

1292 kB
Transfer

1441 kB
Size

56
Cookies

61 HTTP transactions
0 data transactions