urlscan.io logo urlscan.io
SecurityTrails logo

freebaby4you.live Open in urlscan Pro
2606:4700:3032::ac43:cfa3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://oowcxjq_fdijl.contposriecolec.gq/Ferhh
Effective URL: http://freebaby4you.live/?s1=fhy1&email=
Submission: On December 10 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 8 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3032::ac43:cfa3, located in United States and belongs to CLOUDFLARENET, US. The main domain is freebaby4you.live.
This is the only time freebaby4you.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a03:2880:f17... ()
14 6
1    2606:4700:3037::ac43:a3fb (United States)

ASN13335 (CLOUDFLARENET, US)
oowcxjq_fdijl.contposriecolec.gq
1    2606:4700:3037::6815:5b05 (United States)

ASN13335 (CLOUDFLARENET, US)
oowcxjq_fdijl.contposriecolec.gq
1    2606:4700:3037::6815:844 (United States)

ASN13335 (CLOUDFLARENET, US)
proinfobtc.info
7    2606:4700:3032::ac43:cfa3 (United States)

ASN13335 (CLOUDFLARENET, US)
freebaby4you.live
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
svntrk.com
1    2a03:2880:f177:83:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 freebaby4you.live
freebaby4you.live
683 KB
2 contposriecolec.gq
oowcxjq_fdijl.contposriecolec.gq
2 KB
1 facebook.com
www.facebook.com
2 KB
1 svntrk.com
svntrk.com — Cisco Umbrella Rank: 546000
518 B
1 proinfobtc.info
proinfobtc.info
914 B
0 google.com Failed
lh3.google.com Failed
0 pornhub.com Failed
pornhub.com Failed
0 xvideos.com Failed
www.xvideos.com Failed
14 8
Domain Requested by
7 freebaby4you.live proinfobtc.info
freebaby4you.live
2 oowcxjq_fdijl.contposriecolec.gq 1 redirects
1 www.facebook.com freebaby4you.live
1 svntrk.com freebaby4you.live
1 proinfobtc.info oowcxjq_fdijl.contposriecolec.gq
0 lh3.google.com Failed freebaby4you.live
0 pornhub.com Failed freebaby4you.live
0 www.xvideos.com Failed freebaby4you.live
14 8

This site contains no links.

Subject Issuer Validity Valid
proinfobtc.info
GTS CA 1P5		 2023-10-14 -
2024-01-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-28 -
2024-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-18 -
2023-12-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://freebaby4you.live/?s1=fhy1&email=
Frame ID: 5031DF8C5CEC66E679FFC9FDAD92B86D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

I'm already all wet

Page URL History Show full URLs

  1. https://oowcxjq_fdijl.contposriecolec.gq/Ferhh HTTP 301
    http://oowcxjq_fdijl.contposriecolec.gq/Ferhh/ Page URL
  2. http://freebaby4you.live/?s1=fhy1&email= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

14
Requests

21 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

6
IPs

1
Countries

687 kB
Transfer

774 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oowcxjq_fdijl.contposriecolec.gq/Ferhh HTTP 301
    http://oowcxjq_fdijl.contposriecolec.gq/Ferhh/ Page URL
  2. http://freebaby4you.live/?s1=fhy1&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://oowcxjq_fdijl.contposriecolec.gq/Ferhh HTTP 301
  • http://oowcxjq_fdijl.contposriecolec.gq/Ferhh/

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
oowcxjq_fdijl.contposriecolec.gq/Ferhh/
Redirect Chain
  • https://oowcxjq_fdijl.contposriecolec.gq/Ferhh
  • http://oowcxjq_fdijl.contposriecolec.gq/Ferhh/
983 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://oowcxjq_fdijl.contposriecolec.gq/Ferhh/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:5b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242ce817463620783dbcfdad5b2647ea22589c7b5b1c78448c7c522fbff09621

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
83359548fa353657-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 10 Dec 2023 12:45:07 GMT
Last-Modified
Sun, 30 Apr 2023 23:45:16 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxmcUUBAAf4hWh3CfQd%2BPB%2BmpL7m22McAhwzl%2B%2F8JzuWV7M%2Bh%2FHT7fmgbEtx%2BIJjonVKElY2XMX93ojMHnso%2Bfoip7Xgxk4mKLJns%2B78jdCVU8Lx92zCYuR8oDSfqRXLiCDYekxtlXJo8qJDKnn3F0NQqtLXrlJTFTjP0KwRQw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
833595472c9a3903-IAD
content-type
text/html
date
Sun, 10 Dec 2023 12:45:07 GMT
location
http://oowcxjq_fdijl.contposriecolec.gq/Ferhh/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8u5nHVbcHDRchQNOSeaxCpOXmNplyQw0n%2BKcB4LkG7hRBFNQBpEJZEHqi7NdhnsxdljTjG4lvIdg3d9mxXbxVlWEVguZqck6qVZkW%2BmiIsJM6iPyFd1nUAOVghcC%2F8BI4%2BAEsWfyhN4V8LhgLrX9C2DApi4NOsf2%2BhvYchQrQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Pv3x3y99
proinfobtc.info/ 		408 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proinfobtc.info/Pv3x3y99?&se_referrer=&default_keyword=&&frm644efd65541fc=script644efd65541fd&_cid=d18577c0-926e-10f2-bb4f-59b6b1d94702
Requested by
Host: oowcxjq_fdijl.contposriecolec.gq
URL: http://oowcxjq_fdijl.contposriecolec.gq/Ferhh/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oowcxjq_fdijl.contposriecolec.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 12:45:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIu9XxcPx5m%2FJ47zFTFrT7fOUSXTZNKqnicG0ooPurc4EqUEBzsdQ%2Bo0plgcKoJczxpAtAriuwNAB%2FxiQIjWtl%2FiJtVrXe0hl9m4yacJn3N6DrPTFu5c2RqPKRVFBIlDGvJ%2BexhPkxpeji84KEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8335954a0ee219af-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 10 Dec 2023 12:45:07 GMT
Primary Request /
freebaby4you.live/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/?s1=fhy1&email=
Requested by
Host: proinfobtc.info
URL: https://proinfobtc.info/Pv3x3y99?&se_referrer=&default_keyword=&&frm644efd65541fc=script644efd65541fd&_cid=d18577c0-926e-10f2-bb4f-59b6b1d94702
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7621badd6186697ed25333d913e066093459d05c90493a1c09636102923b241

Request headers

Referer
http://oowcxjq_fdijl.contposriecolec.gq/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8335954eb94496ae-SJC
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Dec 2023 12:45:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjhMJz4b8o%2Bzt7P6ZtmCPJBEFxBXIdYkIyAUOWA5PRAhXiq%2F6EO4S%2BiJmbL4tMmqhc1ncDq0ntkJu0zfIcex9kfjOylOAZbHOSr%2BwzMpU5uFLko3rTf4nhHfro1%2F1tZ0nXml3NqmUZU5j5EJK1FURg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
cache-control
private, must-revalidate
expires
-1
pragma
no-cache
fhy1_6575b2d4e0a90.js
svntrk.com/assets/ 		0
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://svntrk.com/assets/fhy1_6575b2d4e0a90.js
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 12:45:09 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZgvK%2BYGQVjJ13FiVqUcP3l%2FCb%2Bz8qg9g8Ef09SrxT6W%2Bgb1pV9DLC7PykuVi54Do1J2iUJRjfC3AkhjtDxufXk5j%2B%2BSoAtgEER0cQLvuWTLX%2FAsjgY96eqvbtmQzisbfx0WBqktGRww"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
8335955489536f5e-CDG
alt-svc
h3=":443"; ma=86400
fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
freebaby4you.live/scripts/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/?s1=fhy1&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 12:45:10 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
last-modified
Wed, 06 Sep 2023 14:11:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
W/"64f88891-9ca8"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJalwY%2FsKlU9WOdHKdnWaPf%2F4KXdD%2FDENLXHDAKM%2B7KYkLI0sUKFzXaBbecSsG6iY9hM0wBJRwn32OUnWxZT%2B2b5NZT5U71BmhWiRYBy3%2BIXmaN96v%2F5UV0VHgCdvPfuBqyTc19HxAQvQ%2FuI0TR%2FzA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83359554af0996ae-SJC
vendor.0f11123df0a713d2b119cc16e4ec530c.css
freebaby4you.live/landings/68/fonts/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/68/fonts/vendor.0f11123df0a713d2b119cc16e4ec530c.css
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e520f3d4f3e8aac258fdbd8e3dfc45a8d3758e5ac40b2b25be42546df6e68651

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/?s1=fhy1&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 12:45:09 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
last-modified
Wed, 06 Sep 2023 14:11:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
W/"64f88890-2777"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYTKjpPL6AP7hsUXZhCb1APVSRQmI9Dbj9vMgvlQFir5aITY4YKagBc4CrnKjfmUjnRQywfEKM0nGe20SoIK%2FCziH1%2FSDCmn6wca%2BVuIiOLWsNgIapKSKZQ1FLa7SPtpDaYlSCvXNoY0wu%2BoSCFNcg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
833595543d7b5bb0-VIE
vendor.c646da3c88b8155a753aeef51880893f.js
freebaby4you.live/landings/68/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/68/js/vendor.c646da3c88b8155a753aeef51880893f.js
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58da45b28f71ef9815097a0eee0d846978d8ec34b8648edf35dd51711e78c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/?s1=fhy1&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 12:45:09 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Wed, 06 Sep 2023 14:11:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
W/"64f88890-16d8e"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj%2FGuMZID16nRSvBZ4q3AHoahxXzq7d5E8%2FDOK5BSBfxCkulBgWesKIZHNoNCrMt%2FD7f0Y1P7UYA%2Bi9QA%2BIyLBepGMyRfElfJigYEf0weOEUO%2FyKNOK09nmozBfj%2BbFUZTanOE9t5LdxrNE%2B8mIkeg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
833595544ab265b3-FRA
image%207.jpg
freebaby4you.live/landings/68/img/ 		239 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freebaby4you.live/landings/68/img/image%207.jpg
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/landings/68/fonts/vendor.0f11123df0a713d2b119cc16e4ec530c.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1713869656227abc05fbfd467b05864aa95574635d959fe2903b2cab0f7c027

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/landings/68/fonts/vendor.0f11123df0a713d2b119cc16e4ec530c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 12:45:11 GMT
CF-Cache-Status
MISS
last-modified
Wed, 06 Sep 2023 14:11:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
"64f88890-3bbf5"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JsCQwoxep32Dw05RfSYzoT0QLPM5fbHnLzaIHfg4rnClErYRvwwauh7N2GBspQdeJB39yKTqy%2BvKe2hizz%2Fh7OFtrV7kfE2t65W66e6QBuH%2Fr067Isk5Ezd%2BBM1hmTeUB23eUcLT7HKTGR8DV7GdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8335955b1d5d96ae-SJC
Content-Length
244725
Montserrat-Regular.ttf
freebaby4you.live/landings/68/fonts/ 		193 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/68/fonts/Montserrat-Regular.ttf
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/landings/68/fonts/vendor.0f11123df0a713d2b119cc16e4ec530c.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcfe8df29e553fbd655212f94300cb1e704c6cd147fa7a98cb4bcd9eb92c6707

Request headers

Referer
http://freebaby4you.live/landings/68/fonts/vendor.0f11123df0a713d2b119cc16e4ec530c.css
Origin
http://freebaby4you.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 12:45:10 GMT
CF-Cache-Status
REVALIDATED
last-modified
Wed, 06 Sep 2023 14:11:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
"64f88890-30558"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0fHfwy1%2Fw4JTUhRmbaRxPDedJ0%2BaN9q6dlBHdeOG23QfQqw0Cd%2Bh60U5M7luXbeT598olwSWcVl8%2BVqW2dhIBqgxQKUBhuWtU11pIQJVHRG9ucUx9s9%2BksLfmwbX2TJt4AIYzvgGHg97tJaNRkBkw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8335955aaa8365b3-FRA
Content-Length
197976
Montserrat-Bold.ttf
freebaby4you.live/landings/68/fonts/ 		193 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/68/fonts/Montserrat-Bold.ttf
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/landings/68/fonts/vendor.0f11123df0a713d2b119cc16e4ec530c.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189aeb285be99f0b58e454dd2dc3cbf34a6db844a9ef26ebc5909178ff77c5be

Request headers

Referer
http://freebaby4you.live/landings/68/fonts/vendor.0f11123df0a713d2b119cc16e4ec530c.css
Origin
http://freebaby4you.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 12:45:10 GMT
CF-Cache-Status
MISS
last-modified
Wed, 06 Sep 2023 14:11:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
"64f88890-305b8"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDdHRAo5lqxEh9Pv2TAdZDVzYiw64y3uKU5ddO35YF8NFdkxT3I2JhdQaBq68j1ovkpJHeQLFDmWKWbUPnriP2RgAjARRcbgYZgz%2F23W4ALYBGAufdIF9%2BZXb08bGs3NnxhNthtk6De4dW%2BpNL4vsg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8335955aa9ec5bb0-VIE
Content-Length
198072
mk_1123
www.xvideos.com/favorite/90902157/ 		0
0
manage
pornhub.com/video/ 		0
0
1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
lh3.google.com/u/0/d/ 		0
0
like.php
www.facebook.com/v14.0/plugins/ 		67 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/v14.0/plugins/like.php
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-debug
D+zPbqW0BrtLrd16a8dHCld6b3+t+F7m9VXcS5/IfW+izPxaBKM9ZEzgJIc3gVWd7rwuSP+qakd/822ddQAeUg==
x-content-type-options
nosniff
date
Sun, 10 Dec 2023 12:45:11 GMT
cross-origin-opener-policy
same-origin-allow-popups
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
67
x-xss-protection
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.xvideos.com
URL
https://www.xvideos.com/favorite/90902157/mk_1123
Domain
pornhub.com
URL
https://pornhub.com/video/manage?o=mr&t=pr2
Domain
lh3.google.com
URL
https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| deviceOrientationHandler string| thirdParty string| r string| vl object| fpPromise undefined| ss undefined| redirectURL function| openPopup function| clickButton function| nextStep function| getTimezone function| $ function| jQuery string| ce boolean| sf

4 Cookies

Domain/Path Name / Value
freebaby4you.live/ Name: XSRF-TOKEN
Value: eyJpdiI6InlGdG9SditLL2NqSm1xeTBhcmFyNGc9PSIsInZhbHVlIjoiTDVnRTd6eG9sUWUxVXhWVFJWVTIvU2REOWZaOUpOSjNpcEF5d1h4NThKTUpDeEVQTGh2SGV1SGJFS0I5SStwRCIsIm1hYyI6Ijc0NzhhNGZlODIxYmNkODU3NmY0ZTc4OWFmNmQwOWNmODExMWNhMGQ2NTNmOWE2MjlkZjIyMmY4YmUxYWYzMzQifQ%3D%3D
freebaby4you.live/ Name: laravel_session
Value: eyJpdiI6Iit4Q3VTdGFyRkJwakZ0bEJVZW1UQ0E9PSIsInZhbHVlIjoiTThWdlVzSCtPY1VNRi9yTDAxbzl0YTVrNCtmTVJBWEtNTURKTkJvMjZHUCtTVTAyN2RhVE0yd3NXUCtSUDBDQiIsIm1hYyI6IjYyYTQ0N2ZkMjA1NjBmZmIyMDU4MzgxNmFjNjk4MzUwYTBmNWU0ZGY4NzY4NzhiNzUyMDExYjkyM2EzOTcyZDAifQ%3D%3D
freebaby4you.live/ Name: SRVNAME
Value: w1
svntrk.com/ Name: svnimp
Value: 6575b2d5a8094