urlscan.io logo urlscan.io
SecurityTrails logo

freebaby4you.live Open in urlscan Pro
2606:4700:3032::ac43:cfa3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://biturl.top/FJRvya
Effective URL: http://freebaby4you.live/?s1=fhy1&email=
Submission: On February 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3032::ac43:cfa3, located in United States and belongs to CLOUDFLARENET, US. The main domain is freebaby4you.live.
This is the only time freebaby4you.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3032::ac43:b56c (United States)

ASN13335 (CLOUDFLARENET, US)
biturl.top
14    2606:4700:3034::6815:384f (United States)

ASN13335 (CLOUDFLARENET, US)
biturl.top
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:3037::6815:5475 (United States)

ASN13335 (CLOUDFLARENET, US)
jenniferynsdaviduu2284.store
8    2606:4700:3032::ac43:cfa3 (United States)

ASN13335 (CLOUDFLARENET, US)
freebaby4you.live
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
svntrk.com
1    185.88.181.9 (Amsterdam, Netherlands)

ASN46652 (SERVERSTACK-ASN, US)
www.xvideos.com
4    66.254.114.41 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
pornhub.com
www.pornhub.com
de.pornhub.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.google.com
3    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a03:2880:f13d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
15 biturl.top
biturl.top
147 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 106
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
228 KB
8 freebaby4you.live
freebaby4you.live
2 MB
4 google.com
lh3.google.com — Cisco Umbrella Rank: 201
accounts.google.com — Cisco Umbrella Rank: 24
2 KB
4 pornhub.com
pornhub.com — Cisco Umbrella Rank: 12464
www.pornhub.com — Cisco Umbrella Rank: 15097
de.pornhub.com — Cisco Umbrella Rank: 104808
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
2 KB
1 xvideos.com
www.xvideos.com — Cisco Umbrella Rank: 17317
1 svntrk.com
svntrk.com — Cisco Umbrella Rank: 635225
520 B
1 jenniferynsdaviduu2284.store
jenniferynsdaviduu2284.store
797 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
5 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2124
250 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
87 KB
41 12
Domain Requested by
15 biturl.top 1 redirects biturl.top
8 freebaby4you.live biturl.top
freebaby4you.live
6 pagead2.googlesyndication.com biturl.top
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 accounts.google.com 2 redirects
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 de.pornhub.com 1 redirects
1 www.facebook.com freebaby4you.live
1 lh3.google.com 1 redirects
1 www.pornhub.com 1 redirects
1 pornhub.com 1 redirects
1 www.xvideos.com freebaby4you.live
1 svntrk.com freebaby4you.live
1 jenniferynsdaviduu2284.store 1 redirects
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com biturl.top
41 16

This site contains no links.

Subject Issuer Validity Valid
biturl.top
E1		 2024-01-30 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
svntrk.com
Cloudflare Inc ECC CA-3		 2023-12-28 -
2024-12-27		 a year crt.sh
*.xvideos.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-21 -
2025-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-07 -
2024-03-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://freebaby4you.live/?s1=fhy1&email=
Frame ID: BFE56A23BE6AE59E0631FE121A277873
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 84EF989F22CB11BA71BA6ACB35D883C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2308560106736257&output=html&adk=1812271804&adf=3025194257&lmt=1709061817&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fbiturl.top%2FFJRvya&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709061817351&bpp=2&bdt=1383&idt=176&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2040242971505&frm=20&pv=2&ga_vid=1333180580.1709061817&ga_sid=1709061818&ga_hid=1768950069&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081349%2C44798934%2C95325066%2C95325752%2C95326316%2C31081354%2C31081085%2C95324160%2C95326436%2C95326430&oid=2&pvsid=2366728252367356&tmod=903176710&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: 2C67EE69EF00A0E8D5D3362DED76FB0D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C00D45F7F2B02E6336116672E9F5A171
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Ready to Be Seduced

Page URL History Show full URLs

  1. http://biturl.top/FJRvya HTTP 301
    https://biturl.top/FJRvya Page URL
  2. https://jenniferynsdaviduu2284.store/51 HTTP 302
    http://freebaby4you.live/?s1=fhy1&email= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

71 %
HTTPS

87 %
IPv6

12
Domains

16
Subdomains

13
IPs

4
Countries

2676 kB
Transfer

4095 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://biturl.top/FJRvya HTTP 301
    https://biturl.top/FJRvya Page URL
  2. https://jenniferynsdaviduu2284.store/51 HTTP 302
    http://freebaby4you.live/?s1=fhy1&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://biturl.top/FJRvya HTTP 301
  • https://biturl.top/FJRvya
Request Chain 37
  • https://pornhub.com/video/manage?o=mr&t=pr2 HTTP 301
  • https://www.pornhub.com/video/manage?o=mr&t=pr2 HTTP 302
  • https://de.pornhub.com/video/manage?o=mr&t=pr2 HTTP 302
  • https://de.pornhub.com/login
Request Chain 38
  • https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP 302
  • https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=ATuJsjyWvp6qHR5IHOtf-0hmEtesEfwPyYNnyseFe5WQe6872EPg_D-3KCaChfSOjdVZdikrykx1Og HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=ATuJsjwfGaDbq6FioApYbWnbJiSOg567oDTwgIsR0vpCtno5e4eJ3abRKBzi09_33bKmdDdVkm5jxQ&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1158103645%3A1709061821670656&theme=glif

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
FJRvya
biturl.top/
Redirect Chain
  • http://biturl.top/FJRvya
  • https://biturl.top/FJRvya
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
a8b37ffa346014cb13dc5b0f7206836b068664032cf36b9e3ac199916945492d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85c2cd953af2666e-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 27 Feb 2024 19:23:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7OAcHrADU0hy3qic4RHO1PdfKS5qfrHNIy2%2B9OOI19M7QhcJnhy9UkGsuracGO1l3%2FZoZcFZOumsqO9UeejC61ogNMp3x2xBZe0LlJ1K2nx6DpRsnaB2zIjvwPJjwR96Qj1eho4DbFx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Next.js

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
85c2cd917ec87286-EWR
Connection
keep-alive
Content-Type
text/html
Date
Tue, 27 Feb 2024 19:23:34 GMT
Location
https://biturl.top/FJRvya
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHFE7behCwMpcdrNSx%2Bbksa%2BX3VBqkWFHeTYw3XMvQA%2Bv3E7KpDnavomAK8UqzI4CU%2Bp1P%2BjjefjekJapUS4sL093dn4e0PAu2mt9xTVcD%2B00H7JHlgBTjBLP6U9rLmvLj%2FWKWHoBtXI"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		248 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7XPPV9GN8G
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c464b3d9d6c01af18b35bbaaad53b8403a60b792f3dd6d7d997a85a3316ff634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88413
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Feb 2024 19:23:36 GMT
ga.js
biturl.top/ 		143 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/ga.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa52717bd9e27ed9dcc699822e9d5efe0448407149b5e7d7aaeb6d1d06acd64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:37 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 02 Mar 2023 14:33:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8f-186a2be31b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQtrygdjmHt6w7DgI3mTD3zs2BUMCDgwJPwuYJqsgE5XwbV2KVUiRujfm7kPSDDQBAkAf6OHqGbWqBDh2ossCs7u9uplpBWEQMxvnzAFps%2FYyfzLCXrcOaV3Ov%2F%2BVv25OhOIisFJwV4u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
85c2cd9ddbce666e-AMS
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2308560106736257
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdee8497c82c6ee2e9f68dba7c3cf31ef6c2091ae3b780da16393701f311bf91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biturl.top/
Origin
https://biturl.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51102
x-xss-protection
0
server
cafe
etag
10098420546963153530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 27 Feb 2024 19:23:36 GMT
2ff1f1ce.18fc981f.chunk.css
biturl.top/_next/static/css/ 		695 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/css/2ff1f1ce.18fc981f.chunk.css
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd42b5229200a3a6e42de798799397a4a260a8f8e155afd4fa6a1bf05d17334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7734838
etag
W/"adae9-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuBfvJR42ltYy3rqr9%2FoR9ZwKDDc%2FOI4U18UD3WMcitmCt11YoOXbPeBBTYFwX3G7nvGfwPbr%2BdmT1PRoKAkeiPvBDasl4u7ujvcQEpiLoGNjXdbpTHMar%2Fj5JEH%2FlN03XvfqBd%2BF%2BHB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbcb666e-AMS
alt-svc
h3=":443"; ma=86400
main-1b0be8fd766b08834b48.js
biturl.top/_next/static/chunks/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/main-1b0be8fd766b08834b48.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a258af0172df53ee2342d64e0e5a027530f71df5e9c132ad41044d825a4748e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7911058
etag
W/"4e4a-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4g3S%2FzBrrCpOtZlQU7%2FHUzY%2B7hbviIm0YkREmY0tAML%2BSubfRLfmMxQ0XauVFjWsQJvUmlUpcYO%2F88ovKdJmVr55MXGlkeX8ToreOyCkPKwy7xEVgKeNPs2eiPX3q3fvIZ1UwamgZ38"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbd0666e-AMS
alt-svc
h3=":443"; ma=86400
webpack-d7b2fb72fb7257504a38.js
biturl.top/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/webpack-d7b2fb72fb7257504a38.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7615066
etag
W/"603-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtzDSgXvbrbLy5fa0UkYTmUmkuI%2F7%2BSYflrL3j3h0goklPparNjr8Q7j6QlmxhczErJxRAscvmfAw2XBw6ugE9hHrHrkia7%2BW6D2gR24GFdG5qLZumlSmpXiWrV1atunvmNFemFmo2P9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbd3666e-AMS
alt-svc
h3=":443"; ma=86400
framework.9ec1f7868b3e9d138cdd.js
biturl.top/_next/static/chunks/ 		125 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/framework.9ec1f7868b3e9d138cdd.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcbaa4bc631ba12929eb6ed63b6f5dc2624a83fb85e9846572bc964dde6ebce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Dec 2023 16:33:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1102281
etag
W/"1f599-18cb145a648"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNxOQn2yRNkBCn8zenO%2Blgxw5GfcxXFdYJVo3Bznwd8KtmSJGky62TlfCIEIhHym%2FVypPr%2F4JwmCVBmED2TMoYi7XJOMgZdYQc0nMfLUN%2F162fzsgyQCl7oyLQv%2B%2FKP%2FAU1lo%2B5%2F7sDw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbd9666e-AMS
alt-svc
h3=":443"; ma=86400
2ff1f1ce.4d62413f4da81be1e932.js
biturl.top/_next/static/chunks/ 		69 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/2ff1f1ce.4d62413f4da81be1e932.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856ab159a9a6cbdc7beb72fc35086e839adb48361d197135a92809e95b875345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9199206
etag
W/"45-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBcdzTZ3MG56Jd1bRhlaCwtoGOETRIuREdCS6tbWDnB2Ez9iEQGMkijHz8PpYbxTWuEomOhNKb7%2FnHgqiDHQQ0RqCZDBwrPZhdZzUf6mb7TxXbTQ68DXOB7hEIT8JJ033e1Ku990zdoc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbdc666e-AMS
alt-svc
h3=":443"; ma=86400
commons.1a67b7624dee42707202.js
biturl.top/_next/static/chunks/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/commons.1a67b7624dee42707202.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae305f10e31e6c06ccd931d7acbed1273ab1e31560e69d380e72625ff355466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9199206
etag
W/"8710-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lOqlygQzTs1QV5TI4Y5tfnteayiWpVrwg96lptX9HIKO9yulcFdNzDjIbng%2F1xy4cdPwB%2BOWdw1H16JNIkb2IjmWYgx7ke%2BPMYMscWnpdk4Fab2nle08c4b7ZQG2QKg2g1pCnENqEim"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbde666e-AMS
alt-svc
h3=":443"; ma=86400
styles.675f651b1df72b983d8e.js
biturl.top/_next/static/chunks/ 		92 B
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/styles.675f651b1df72b983d8e.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c51224a7d190e9acd88b3306ba626e276c2684ef660bb2f22c6f5385699efa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7721622
etag
W/"5c-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3eXCEQAr4RrdpZByOWlJUDKUKChOoSidf69S2Oez9WZyuneNZAdibWbce7kGozuwpGqem0gnVtJ6MXDFl39i0Tc4nRRaEKUzXdaZW1sKmx1dK%2BbAsOUUWm%2FgdbY00aEFOpph8hKvL1g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbe0666e-AMS
alt-svc
h3=":443"; ma=86400
_app-b997c16367488239c6e8.js
biturl.top/_next/static/chunks/pages/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/pages/_app-b997c16367488239c6e8.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52fea4caed1f57ba96fcc0832d336fbcb05202650eb8ac7c5924e52655e5732d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10234137
etag
W/"8f3-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=houJFPKBrJkmgh2lRT0O%2Bbri49bVsDImig4VEwiAq1g%2FW54vl03u7mo9t%2Fxlv5LPShWQBczOwzFgwKKK%2F3QYUYIv%2BGltRJMCY99MY78ZSn4sAHPnelxOizVSBtYQxSniCvuYnuOncYNV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbe9666e-AMS
alt-svc
h3=":443"; ma=86400
9998e2f4f0fd368ba9fe930e5fe76c82b0c9daa7.f7759df530b58a9200d4.js
biturl.top/_next/static/chunks/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/9998e2f4f0fd368ba9fe930e5fe76c82b0c9daa7.f7759df530b58a9200d4.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a770e674bf36f8e14269538f1503be778eb37533681227a37266a5ee3c8cf7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9199207
etag
W/"4071-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zar%2Bg155DRsYkHXtWEcJZAm3YXs6jGnenFQCvAm2L5XjQRHKaMX7A1zk0aqKCvu5YhA%2Bn1AaAKdyC8E8wf%2F4fjCO1mZJfTu7lr1y2nZXYiVykBPXj011gyJ7EwcdJiuxaHCYwUkrRlrz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9ddbea666e-AMS
alt-svc
h3=":443"; ma=86400
%5Bshort%5D-d5eca5734cd7492badaa.js
biturl.top/_next/static/chunks/pages/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/chunks/pages/%5Bshort%5D-d5eca5734cd7492badaa.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbd9c3bfc29621bc0b6b609cd4714335d3318770b691964f229fbcf2f1ddb3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Mar 2022 05:52:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9468361
etag
W/"70d-17fa5e21ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLK7UcNGbDiywOtoE%2FhcAf9Ngp8uDSjKZGxCSt4F6PWjlXhontvbJRI%2FQXZiS95gaMTKwekC3IE2VjTDoI2IGbtUz4Uwu1pv1IUfbGx3Z5iMnwsAZhtUzkaAD%2BhEgt4jreLr3BBYU6Q%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9dec19666e-AMS
alt-svc
h3=":443"; ma=86400
_buildManifest.js
biturl.top/_next/static/-mktQoVz8nOVaipqB2iQ2/ 		898 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/-mktQoVz8nOVaipqB2iQ2/_buildManifest.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96185eb3d58dbe4bc84fabac5da12b0d1bb78c1cf090bca19f9f1b967a59b333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Dec 2023 16:33:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5280173
etag
W/"382-18cb145a648"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Pci7HcXGCXR7NXylEef4Z%2FFCNtnjBQqZVo%2BYSi0CxhryyWsGgaQTP4nkMzQjbh6vfTcbR%2F2UqlPLUtBT69Z%2FHDbl8DdWRcSZu1WTnOO%2Fr8DKhoTn5rW%2Fyr6nI8RQZzF27ZHl%2BK2lJ8K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9eee0c666e-AMS
alt-svc
h3=":443"; ma=86400
_ssgManifest.js
biturl.top/_next/static/-mktQoVz8nOVaipqB2iQ2/ 		76 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biturl.top/_next/static/-mktQoVz8nOVaipqB2iQ2/_ssgManifest.js
Requested by
Host: biturl.top
URL: https://biturl.top/FJRvya
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:384f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/FJRvya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Dec 2023 16:33:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5274378
etag
W/"4c-18cb145a648"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe3y2Rp2K9ROp42UduDHwh7VnmumhwMoSX6xV51w1PvKBKHwesrUuGu7G%2Fc1CqG5k1sasal34xEDRC8H14y%2BR00Dkg7e6CcQsLl45R3araIRURHD8DJF%2BtMeUd2mF4lGZOTTwZV0Osjc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
85c2cd9f68924408-EWR
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7XPPV9GN8G&gtm=45je42q0v879879466za200&_p=1709061817299&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1333180580.1709061817&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709061817&sct=1&seg=0&dl=https%3A%2F%2Fbiturl.top%2FFJRvya&dt=BitURL%20-%20Free%20URL%20shortener%20service&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3486
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7XPPV9GN8G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 19:23:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biturl.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2308560106736257&plah=biturl.top&aplac=true&bust=31081354
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2308560106736257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141470
x-xss-protection
0
server
cafe
etag
10546710299423589819
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 19:23:37 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 84EF 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2308560106736257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biturl.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 10:49:52 GMT
etag
9539045072340585784
expires
Tue, 12 Mar 2024 10:49:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Primary Request /
freebaby4you.live/
Redirect Chain
  • https://jenniferynsdaviduu2284.store/51
  • http://freebaby4you.live/?s1=fhy1&email=
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/?s1=fhy1&email=
Requested by
Host: biturl.top
URL: https://biturl.top/_next/static/chunks/pages/%5Bshort%5D-d5eca5734cd7492badaa.js
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b3ff5c019fabb1ee8dcab53d31d6716944122a95fab6657bdb11960b15f6a2

Request headers

Referer
https://biturl.top/FJRvya
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
85c2cdaf1aae4217-EWR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Feb 2024 19:23:39 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e54gO%2Bgfxk4tQmkcIDa1LzqEWXoS8qrDguTfLyPNgmmg%2Fj0lvJLdPJaJO3fKixIALbERr%2F%2F1NcsDpxnp4ZMs1bqDx2HwOlLjJolSMigJQLwOP%2FAsom85XiKfhs3n6GPYAzMJaMTbac2TNXq4rFaYg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
cache-control
private, must-revalidate
expires
-1
pragma
no-cache

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85c2cda86f107c84-EWR
content-type
text/html; charset=utf-8
date
Tue, 27 Feb 2024 19:23:38 GMT
expires
Tue, 27 Feb 2024 19:23:38 GMT
location
http://freebaby4you.live/?s1=fhy1&email=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aOWaZiF6HN1O58lb%2FU5E8RNQ9g9XsE3mujGddeRPpbinZILPisaIQJnpXnD0ozjyMt2ME6NmVe4Or%2BpHIKA7awkV5VWmtnTIpOqlBXAwrNiBG4jjCk0vSMDL%2BCPQgzwipU5WFqoLrO4GztQd%2BLFAgCE4pW0pIEeIJsy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ads
pagead2.googlesyndication.com/pagead/ Frame 2C67 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2308560106736257&output=html&adk=1812271804&adf=3025194257&lmt=1709061817&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fbiturl.top%2FFJRvya&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709061817351&bpp=2&bdt=1383&idt=176&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2040242971505&frm=20&pv=2&ga_vid=1333180580.1709061817&ga_sid=1709061818&ga_hid=1768950069&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081082%2C31081349%2C44798934%2C95325066%2C95325752%2C95326316%2C31081354%2C31081085%2C95324160%2C95326436%2C95326430&oid=2&pvsid=2366728252367356&tmod=903176710&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2308560106736257&plah=biturl.top&aplac=true&bust=31081354
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biturl.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 19:23:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2308560106736257&plah=biturl.top&aplac=true&bust=31081354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12495
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2308560106736257&plah=biturl.top&aplac=true&bust=31081354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 19:23:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C00D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biturl.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 15:10:36 GMT
expires
Wed, 26 Feb 2025 15:10:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame C00D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
38121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15302
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 08:48:16 GMT
generate_204
tpc.googlesyndication.com/ Frame C00D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eFNz6A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=2366728252367356&bg=!TE-lTwDNAAZ3BdUuVwU7ADQBe5WfOIb6fvDR6SB6zwDFft6WKnWHuRDBR423YOqZoEZPDb7sYULYwN_sIodDGepqixurAgAAADNSAAAAAmgBB5kDCnY9zKmI5w6RBfFBCeQ2Y11ZvABcL9aQLoM5GOsOhWKThpJ3pzs45PktmgSPTDje7vzFvWPgvLPgfBE5VrpLu80cc-YDbIr0Btog7IoSwh7gzN1RNCy1X17ckf0A9OYOBFBw0TlkuD8L5NtOeYs6tf3kxUQe6yxsr-7wFdZCfi_lOYreJWDEg5YrKv4g81C9ZUUMbOz9p2YWvzPtgvRiX0lTsInTx56HlTP831KG1hPqYzm7y2Pjr1vTmtRFsJlJFxTn448QCgZ3qQYRhmRoiXbvLBrVK98ot31VLXJjmXAnWFpeepsj2GkuR_ABzAhi2O8LzivGjQsQaubNO5Ei2SrNWoyiWFot9sshRhc35Js7R2uPsYpWVoZjdB-54e3uHGkltE5L8CQo42EZ_q4o3nLX-2ocsUg_WlUkGkiksDJJMJGqNiEqqi4tI2Rd4FgmGSf-ChCvgR2-6GxpKc19R6HDfqRbOEKWskEdOBuTp1kdujxP-BSzoNGYn3GHkJTJcliT87gi79D7ilNnO95VkXKOYseyPaZ74MxlpUBUjfSv9fZQo5pCz5c8r3gauUcFjQ_G6oEoi_EdgKSfX-VYQTBsloq_0LJeGTjE0Ozl1fuH6u5uPgw2HqcRzITXMbwGW0BC0qzzpvkAIvAjITmDGg7kdpwfgWlVUpgmH8_U9XSIYlzNux0CPVFM5EvnPxqzPKpKIK68PYKSgdyPDah440HJTh-CGv3kz-9QihyEk3OymJN-b0-kO5GaTOZcjQcdMm3j490xOwkVXwVw4punjiZOfdxGQhOnIqPlpmd5W5GvdH6BXZoaOixHtjHRmT_a-v4V8l3QjVlOC6tGcCRbijzA7urLXZ5YKkpPvrdCb1BDiQC8if6XW_5pGlH-ClSFoWhRk4J1ZeC_rIe_do9ApTyE_c2YYwoRSBynxjJmexPRsOR4QrDs7AGUZr0sX7cdIihPSmboRtSClq-S7vZEUD4hTGJxRDyxJVepqa0wq7G9dK7xYmM0viRqBbr8mDHvQeb4wIIx1lIPI3M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biturl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0
fhy1_65de36bb477aa.js
svntrk.com/assets/ 		0
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://svntrk.com/assets/fhy1_65de36bb477aa.js
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 19:23:39 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7GFZEFEd9RBVEbnyBFthN%2F7GOIBqIygURx4Y%2FVhAQDKXV%2Fh5J77waN8fMK3lYZ26dfugTWI1%2BgztylvNlbj%2BvmYBrb9%2Ba%2BSeCLam%2B3p3mN8zs6igTy6e0CgCyOs4254B7%2FMFQjhMNJX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
85c2cdb40ccd6633-AMS
alt-svc
h3=":443"; ma=86400
fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
freebaby4you.live/scripts/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/?s1=fhy1&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Tue, 27 Feb 2024 19:23:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
last-modified
Fri, 09 Feb 2024 11:44:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2711
etag
W/"65c6102e-9ca8"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vycrhsmLu0QtHee1TcBkTxsr%2B76%2FBLJk6k29%2B36%2FgydZ6qh0ZBhadUcsUhTH2UGl4cLeuvQOZVBFGHQGM39K3zdOJoRx1CVSciUL2te5uGv0DVR5Tw3rT53qcMaeXqDIWNCo2vCGraFwHjJM4A%2FaDg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
85c2cdb40b504217-EWR
vendor.99527b0d27cd371e927862db4829e004.css
freebaby4you.live/landings/107/fonts/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb0f0e2e3d4443c807587dfe91a53bf94f015b0de7faa2cb3d3f3c3753223e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/?s1=fhy1&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Tue, 27 Feb 2024 19:23:39 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
last-modified
Fri, 09 Feb 2024 11:44:43 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
W/"65c6102b-2bd0"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBWEdC4RqjYocXq9SpJHdas4WBXqFIKBz%2FOE3TzszXsa48EKHF5%2BzNz4sl1QHztOSMCto64vzVMlzdDJrjQt1bNfpY8IJSAkZHUh%2F%2FMBe9YxXDZLmXLJ0x1fxXvSgaO%2BndcioQYWaxgiIh%2Byd2FBFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
85c2cdb3db5c6631-AMS
vendor.c646da3c88b8155a753aeef51880893f.js
freebaby4you.live/landings/107/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/107/js/vendor.c646da3c88b8155a753aeef51880893f.js
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58da45b28f71ef9815097a0eee0d846978d8ec34b8648edf35dd51711e78c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/?s1=fhy1&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Tue, 27 Feb 2024 19:23:40 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
last-modified
Fri, 09 Feb 2024 11:44:43 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
W/"65c6102b-16d8e"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy4EBSSDHx9wrqEkgyVkwqe591JcyYoyuCgTpGCH2PlfXslpe6LspBUF8FNxQf8vKE2AknTAwePgM4v0OZwpIhdzJDtQXKj3PJd717VquSqkfRS2N9%2Bm%2B7F1Yqt8FCklW6AsOgRzqa7EKvHFDxH5xg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
85c2cdb3dd892298-CDG
image%204.jpg
freebaby4you.live/landings/107/img/ 		275 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freebaby4you.live/landings/107/img/image%204.jpg
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9853923cea397a795d8a2633d0faad2e5752de77762821a3e692f7cb095a36a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Tue, 27 Feb 2024 19:23:40 GMT
CF-Cache-Status
MISS
last-modified
Fri, 09 Feb 2024 11:44:43 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
"65c6102b-44a8a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzIr%2FnaEQgAh7ypYgJDX1bI2qKB4LZmdY6BfDddiL9kn4ypeVk5fHFrJQdggohOikTvcjiY8R8UW%2FUc7crrNfJxfxEZBvDica8ERoT8NbkRgRCMzi2MEFGPZtqFf8qGQDoT%2BlBSFsvheZiwuqw0%2BGw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
85c2cdb84cee2298-CDG
Content-Length
281226
Lato-Heavy.ttf
freebaby4you.live/landings/107/fonts/ 		627 KB
627 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/107/fonts/Lato-Heavy.ttf
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3456ef78d44f4782afceed31d17a75e58a45e607f7cdf80a44c3df49073cfa08

Request headers

Referer
http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
Origin
http://freebaby4you.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Tue, 27 Feb 2024 19:23:40 GMT
CF-Cache-Status
MISS
last-modified
Fri, 09 Feb 2024 11:44:43 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
"65c6102b-9ca78"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JL4KOwfbSOviLY8uz2lLXMRHMktCv9PfeMufhXJYfSp%2Bcjsr1EaCgpEdSHbEMhzVCmmF45uh6Fjwet5ONZrzGapP4HrSnUX79fIUvJCb3bNAKPJriq%2FX5eIHjmovCSrF3HMHzq5t5%2BPIxpEJWouNpw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
85c2cdb84d596631-AMS
Content-Length
641656
Lato-Semibold.ttf
freebaby4you.live/landings/107/fonts/ 		630 KB
631 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/107/fonts/Lato-Semibold.ttf
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70059e8806b547c250eedcba775d14c6e083ac04143c4f039a705ce653b835c1

Request headers

Referer
http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
Origin
http://freebaby4you.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Tue, 27 Feb 2024 19:23:41 GMT
CF-Cache-Status
EXPIRED
last-modified
Fri, 09 Feb 2024 11:44:43 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
etag
"65c6102b-9d790"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4dqaOE68l%2FxUVcGN%2FNmQsrMuU1PD2lFwmrcoTUSNNQIKL8yob6Vz807FwhEEZW3m5xoHxBZR2kU1zjQu3pi%2B2sZAKcxTCIQGryTasAZbZsXTqcYl7acxY7wpfGBoHcERPhSIJnOmYm4l%2BoeSWBySg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
85c2cdb88a674217-EWR
Content-Length
645008
Lato-Regular.ttf
freebaby4you.live/landings/107/fonts/ 		618 KB
619 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://freebaby4you.live/landings/107/fonts/Lato-Regular.ttf
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:cfa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d6ac1edfb2e32a8f506eab100d52f36f19a359842e1336597b2c9febdaab6b

Request headers

Referer
http://freebaby4you.live/landings/107/fonts/vendor.99527b0d27cd371e927862db4829e004.css
Origin
http://freebaby4you.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Tue, 27 Feb 2024 19:23:40 GMT
CF-Cache-Status
HIT
last-modified
Fri, 09 Feb 2024 11:44:43 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
4485
etag
"65c6102b-9a738"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6xzIiRHAyfyweiNsxYnNZDfQLf2XSb4owAKoc158lwQY5ddT1UupYCFt%2B6n0RKsJNlxTsRX1WKftkwVEwJb8NwD8JqBtYN6FjByAIJfs26JuC2btzU%2BImzVexalphe14sjDbFJbKBMkAeHJs2wWOg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
85c2cdb91bbc424a-EWR
Content-Length
632632
mk_1123
www.xvideos.com/favorite/90902157/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xvideos.com/favorite/90902157/mk_1123
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/landings/107/js/vendor.c646da3c88b8155a753aeef51880893f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.88.181.9 Amsterdam, Netherlands, ASN46652 (SERVERSTACK-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers
login
de.pornhub.com/
Redirect Chain
  • https://pornhub.com/video/manage?o=mr&t=pr2
  • https://www.pornhub.com/video/manage?o=mr&t=pr2
  • https://de.pornhub.com/video/manage?o=mr&t=pr2
  • https://de.pornhub.com/login
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://de.pornhub.com/login
Protocol
H2
Server
66.254.114.41 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://freebaby4you.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 27 Feb 2024 19:23:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
text/html; charset=UTF-8
location
/login
cache-control
no-cache, no-store, must-revalidate
ph-redirect
1041
rating
RTA-5042-1996-1400-1577-RTA
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
  • https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
  • https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=ATuJsjyWvp6qHR5IHOtf-0hmEtesEfwPyYNnyseFe5WQe6872EP...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=ATuJsjwfGaDbq6FioApYbWnbJiSOg567o...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=ATuJsjwfGaDbq6FioApYbWnbJiSOg567oDTwgIsR0vpCtno5e4eJ3abRKBzi09_33bKmdDdVkm5jxQ&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1158103645%3A1709061821670656&theme=glif
Protocol
H3
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Feb 2024 19:23:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YG5s8sGgSJSzhloe_omHnw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
417
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=ATuJsjwfGaDbq6FioApYbWnbJiSOg567oDTwgIsR0vpCtno5e4eJ3abRKBzi09_33bKmdDdVkm5jxQ&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1158103645%3A1709061821670656&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/v14.0/plugins/ 		67 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/v14.0/plugins/like.php
Requested by
Host: freebaby4you.live
URL: http://freebaby4you.live/?s1=fhy1&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-content-type-options
nosniff
x-fb-debug
DkyascTdAkNrp+goJDKh5aikof9uGn9A8mhSfdwB2w1E8mJ+xM6ve/vJCDyhjCt+FO/fR6TNO9ccRnm08M+32g==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Tue, 27 Feb 2024 19:23:41 GMT
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
67
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7XPPV9GN8G&gtm=45je42q0v879879466za200&_p=1709061817299&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1333180580.1709061817&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709061817&sct=1&seg=0&dl=https%3A%2F%2Fbiturl.top%2FFJRvya&dt=BitURL%20-%20Free%20URL%20shortener%20service&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5642
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7XPPV9GN8G&gtm=45je42q0v879879466za200&_p=1709061817299&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1333180580.1709061817&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=3&sid=1709061817&sct=1&seg=0&dl=https%3A%2F%2Fbiturl.top%2FFJRvya&dt=BitURL%20-%20Free%20URL%20shortener%20service&en=user_engagement&_et=2150&tfd=5642

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| deviceOrientationHandler string| thirdParty string| r string| vl object| fpPromise undefined| ss undefined| redirectURL function| openPopup function| clickButton function| nextStep function| getTimezone function| $ function| jQuery string| ce boolean| sf

14 Cookies

Domain/Path Name / Value
www.pornhub.com/video Name: __s
Value: 65DE36BD-42FE722901BB1CE66-1FF330
www.pornhub.com/video Name: __l
Value: 65DE36BD-42FE722901BB1CE66-1FF330
de.pornhub.com/video Name: __s
Value: 65DE36BD-42FE722901BB1CE66-1FF36F
de.pornhub.com/video Name: __l
Value: 65DE36BD-42FE722901BB1CE66-1FF36F
.biturl.top/ Name: _ga
Value: GA1.1.1333180580.1709061817
jenniferynsdaviduu2284.store/ Name: _subid
Value: 4h94r5mc6b3
jenniferynsdaviduu2284.store/ Name: 43caa
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI4N1wiOjE3MDkwNjE4MTh9LFwiY2FtcGFpZ25zXCI6e1wiOThcIjoxNzA5MDYxODE4fSxcInRpbWVcIjoxNzA5MDYxODE4fSJ9.qdMv06O4CDJbOB0AVQ7H72nEHVgY9nAyF4jdvuby-Hg
freebaby4you.live/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNxYnI5UzNDYmlKVmh4SHNySnllMnc9PSIsInZhbHVlIjoiZXl1d1hXbVFhQ21kM01sSHZ5ZzRFZkhScDJ4elN5ZEdxMlMyNkVzUlJySTcxbmV6M0pTU2U1VlhWcSthYlB6WSIsIm1hYyI6ImQ4YWZlYzcyOTI4Y2U4YTZjY2E5ZDQ5NjFlNTQ5NGVlZmM5ZGE1MzllYzk2YTQ2Yjk3YjgzZjc5MjNiMDA3N2UifQ%3D%3D
freebaby4you.live/ Name: laravel_session
Value: eyJpdiI6Ii9EVzNXOUNRU0h0LzRveDZaalpVVnc9PSIsInZhbHVlIjoiZ1doN0xaUTMvVXd6aGRDcjRTVVVveVZwNmk0cjFDcGxNekZId21RK3R1STF4UElxaFJmYm5KYWgwS3FqaDRCcSIsIm1hYyI6IjdhYmU5NTYwNjBmMmRjYzQ4NzZhOTMyYzA3NzBlYzYxMmQwMThmZGQ5NjM3NTJhZGFlZDcwMTA2YTIzNWQwZDAifQ%3D%3D
freebaby4you.live/ Name: SRVNAME
Value: w1
.biturl.top/ Name: _ga_7XPPV9GN8G
Value: GS1.1.1709061817.1.0.1709061819.0.0.0
svntrk.com/ Name: svnimp
Value: 65de36bbb1030
de.pornhub.com/ Name: __s
Value: 65DE36BD-42FE722901BB1CE66-1FF3AF
de.pornhub.com/ Name: __l
Value: 65DE36BD-42FE722901BB1CE66-1FF3AF

9 Console Messages

Source Level URL
Text
other warning URL: http://freebaby4you.live/?s1=fhy1&email=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://freebaby4you.live/?s1=fhy1&email=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://freebaby4you.live/?s1=fhy1&email=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://freebaby4you.live/?s1=fhy1&email=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://freebaby4you.live/?s1=fhy1&email=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://freebaby4you.live/?s1=fhy1&email=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://freebaby4you.live/?s1=fhy1&email=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.xvideos.com/favorite/90902157/mk_1123
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=ATuJsjwfGaDbq6FioApYbWnbJiSOg567oDTwgIsR0vpCtno5e4eJ3abRKBzi09_33bKmdDdVkm5jxQ&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1158103645%3A1709061821670656&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
biturl.top
de.pornhub.com
freebaby4you.live
googleads.g.doubleclick.net
jenniferynsdaviduu2284.store
lh3.google.com
pagead2.googlesyndication.com
pornhub.com
region1.google-analytics.com
svntrk.com
tpc.googlesyndication.com
www.facebook.com
www.googletagmanager.com
www.pornhub.com
www.xvideos.com
region1.google-analytics.com
185.88.181.9
2001:4860:4802:32::36
2606:4700:3032::ac43:b56c
2606:4700:3032::ac43:cfa3
2606:4700:3034::6815:384f
2606:4700:3037::6815:5475
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:400c:c0a::54
2a03:2880:f13d:83:face:b00c:0:25de
2a06:98c1:3120::3
66.254.114.41
0a258af0172df53ee2342d64e0e5a027530f71df5e9c132ad41044d825a4748e
1c51224a7d190e9acd88b3306ba626e276c2684ef660bb2f22c6f5385699efa3
1dcbaa4bc631ba12929eb6ed63b6f5dc2624a83fb85e9846572bc964dde6ebce
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
3456ef78d44f4782afceed31d17a75e58a45e607f7cdf80a44c3df49073cfa08
52fea4caed1f57ba96fcc0832d336fbcb05202650eb8ac7c5924e52655e5732d
56d6ac1edfb2e32a8f506eab100d52f36f19a359842e1336597b2c9febdaab6b
57b3ff5c019fabb1ee8dcab53d31d6716944122a95fab6657bdb11960b15f6a2
5fbd9c3bfc29621bc0b6b609cd4714335d3318770b691964f229fbcf2f1ddb3f
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
70059e8806b547c250eedcba775d14c6e083ac04143c4f039a705ce653b835c1
7dd42b5229200a3a6e42de798799397a4a260a8f8e155afd4fa6a1bf05d17334
7fa52717bd9e27ed9dcc699822e9d5efe0448407149b5e7d7aaeb6d1d06acd64
856ab159a9a6cbdc7beb72fc35086e839adb48361d197135a92809e95b875345
96185eb3d58dbe4bc84fabac5da12b0d1bb78c1cf090bca19f9f1b967a59b333
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c
a58da45b28f71ef9815097a0eee0d846978d8ec34b8648edf35dd51711e78c62
a770e674bf36f8e14269538f1503be778eb37533681227a37266a5ee3c8cf7e1
a8b37ffa346014cb13dc5b0f7206836b068664032cf36b9e3ac199916945492d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bae305f10e31e6c06ccd931d7acbed1273ab1e31560e69d380e72625ff355466
bb0f0e2e3d4443c807587dfe91a53bf94f015b0de7faa2cb3d3f3c3753223e27
c464b3d9d6c01af18b35bbaaad53b8403a60b792f3dd6d7d997a85a3316ff634
cdee8497c82c6ee2e9f68dba7c3cf31ef6c2091ae3b780da16393701f311bf91
d9853923cea397a795d8a2633d0faad2e5752de77762821a3e692f7cb095a36a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855