| babesnearyou.com/de/multi/ms/1-526541/images/2.jpg | 104.21.1.57 | 200 OK | 78 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/images/2.jpg IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 914x1280, components 3 Hashdddbdc2f319c9d78a0007ade38d25caf 25e87f559b6612e86cef80f5889dff6f27feefd2 74e03517c01c1b917a873c96ae30a76c5565183a0f0baeacd6bd650ab4e53a6e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/images/2.jpg HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: image/jpeg
content-length: 78435
last-modified: Tue, 12 Mar 2024 12:32:49 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7zojCM6Tsxq5pk2fcQi3hd0rClDksEzCaZ3Wo7HLu25SXPFMAShitPbPmiXUbyCZ%2B40IgFOGS%2Bj60HcAmkrLQ5fNM7JxFphr7oplcsh3lKPOYRtsmdPTWCUvYtKSgply8S0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804e82b2a9b56c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| babesnearyou.com/de/multi/ms/1-526541/images/1.jpg | 104.21.1.57 | 200 OK | 44 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/images/1.jpg IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x983, components 3 Hash6beac959b37a40ad27f7314c0577327a 1975c2d3c441151aa547786adac7f886df27c7c0 befd5b9cc3e81924abdc1dac61325a77fec38bb88c67ba9862cf16877402ea10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/images/1.jpg HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: image/jpeg
content-length: 44238
last-modified: Tue, 12 Mar 2024 12:32:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NClA7BllZ7OElLoMg1Yu6yBrJvBjKIiOdAZA3vpMyqIJ0ypahN2s4YJDY51ymkKxNnUs5%2BPfmROBFqTfIDnAwblVtrlqNYwylEIrDzyQatAl939YSIrvhKHjg9yhkygWi7Ai"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804e82b2a9856c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| babesnearyou.com/de/multi/ms/1-526541/images/loadingbar.gif | 104.21.1.57 | 200 OK | 5.8 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/images/loadingbar.gif IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeGIF image data, version 89a, 208 x 13 Hashe7476fddd806e1ad72356ec86ae2a35a 162d8b87e6d1c3ef0ed5839ffd54cf5ac0c23e54 dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/images/loadingbar.gif HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: image/gif
content-length: 5837
last-modified: Tue, 12 Mar 2024 12:32:49 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JzPiKcI0mjBxkqBgziKMKb%2FhIn%2FdYdgvOgtittjcn42Pd2VEmiO2bOKFr0WkGhAPqDviNjf2CCLtUGcmseWBvjhBBsR9ZZ6VM%2BzpKinRi2JIJ%2BmrqV4N9efbw2wfsxvyzyFg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804e82b2aa156c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| babesnearyou.com/de/multi/ms/1-526541/images/3.jpg | 104.21.1.57 | 200 OK | 147 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/images/3.jpg IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 913x1280, components 3 Size147 kB (147043 bytes) Hashbce2a61cba59ef61f87fffc64cae1c69 0704d0769bf4b33bd35a93fc0d56224ba203b77c 36c3c83a990b139968502712ef232b9502bd92f59eef37f800f2ba8a6ccbc65e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/images/3.jpg HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: image/jpeg
content-length: 147043
last-modified: Tue, 12 Mar 2024 12:32:49 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5ZtPStVmFSPtroTP8xMuXxH%2BSmDcLbXsBA5WsYeEaRhztczHJ45%2Fg%2BWpg1eJyvIGIlhtO8V77HC3OSVPewR%2Bsi%2BbqxmD%2BxGFyXchflL36QME5qHBfFxGn7ySWoLqMDy0DSR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804e82b2a9e56c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| babesnearyou.com/de/multi/ms/1-526541/js/funciones.js | 104.21.1.57 | 200 OK | 975 B |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/js/funciones.js IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeJavaScript source, ASCII text Hash4a66da9083890219fb6ca9ca884b9405 9ba7c42bcb7da0505b25af093ee16e7197965af5 d2edeb76d6eadc1951c1af523b88eabd1f49962acfaf6ee7c99c99e78afa0794
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/js/funciones.js HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 12:32:50 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnerAgZzg2r%2FGaKhqCwGC4yyZR8IS0635WmyQhvIXSCOwEk7ONtuaYNVOaULNQrb%2BFKzFXbM25ZyavDtw%2BnGaRkNIEjspzeLQL%2BmcXiXTpQqaFwQHCNZMSfGqZ7a5KWk3E60"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82b1a9056c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.production.push-sender.com/mng/subs_window.css?ver=1708011915 | 143.204.55.26 | 200 OK | 12 kB |
URL GET HTTP/2static.production.push-sender.com/mng/subs_window.css?ver=1708011915 IP143.204.55.26:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerAmazon Subjectproduction.push-sender.com FingerprintFF:F5:0A:96:D0:0D:81:D4:34:60:CB:E8:B6:BA:85:5B:40:30:38:AE ValidityMon, 18 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash18ec84fa567b223b3dcd8aa6e53e87cc b1512c822056b2ec5353152d8cd9fc2cebc5c833 3e2a67a5fc3e1e22c1821d1103e170a2f693e5ec9a3ffef27ea40e61109bcf48
GET /mng/subs_window.css?ver=1708011915 HTTP/1.1
Host: static.production.push-sender.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babesnearyou.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 07 May 2024 05:39:12 GMT
etag: W/"adb85744f96b502ad68d63ede0adcd4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Lb4XRdcROZkXFkbgaUj_F_BezDamS_RiwsoK-i9VVo3L1JznqlHTWA==
age: 63320
X-Firefox-Spdy: h2
|
|
| babesnearyou.com/de/multi/ms/1-526541/images/favicon.ico | 104.21.1.57 | 200 OK | 16 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/images/favicon.ico IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hash7faedbe42515bf37753386cfa3705fd1 5551708d49e8c13814c331decd7522b5fc8bbf65 7aadd57f8eaba177d6ad85879c18335ca2651064e89290930d17358b08502d5d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/images/favicon.ico HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:33 GMT
content-type: image/x-icon
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 12:32:49 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77csnxsnUrv2Bmed7e4nDFtO%2B4bE2qHbhpA1c%2BWBe47AsTH7Th4uUa%2FAHJrf09V7j78IO6v%2BIzodh3ppmus57fS9uE3HRxXZJuQ8NHm3CWiXA8hmymHzWQP5ODJw5QfiXgYU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82e1c6b56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 | 104.21.1.57 | 200 OK | 8.5 kB |
URL User Request GET HTTP/2babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 IP104.21.1.57:443
CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9235), with no line terminators Hashdaf7d082ac26dc689f88f8e0145bd102 3aea2de5fb5a5c3c74a18d5a79f8bf7f5995441b 399c66d3e05c4f504f590d4a40777757da1bf76ee8f3fa680512521d8fe784f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFYASscS%2F6HvVMosy%2Fgy%2FHJJb%2FjwzjH77Vq6nM1U4q2lNl1FviucKN8fHJRtBa2vnjihtU7yK8z%2Bqyo7n4f9NVeDKPpfgrb2qsE3SHPV1FWmQVhhQJWADKci4FZOBBxXTupn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82899841c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| babesnearyou.com/de/multi/ms/1-526541/css/layout.css | 104.21.1.57 | 200 OK | 322 B |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/css/layout.css IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeASCII text, with very long lines (341), with no line terminators Hash4dcfe26b5aa73db91dab4ac267fd944a 0e2452d0a106f9b362b4dab4d3ddd85a949b9457 07bfeb221b204f015f3bf0fa6f3fcd60ec65ae4bb552224af44a738708d2098d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/css/layout.css HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 12:32:47 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1uLUXqW84LZV1vSytr30dAcOfw1GpgJFMDbgMNWwW4ZUMImOYoQ5vbIcjujr3KJcvlbpFpvlVLJDPslFXmDVLPTd0WgNzCJuXygXc3Q7avYKXd6uaNovMxHsPjSCd%2B7nBCA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82b1a8a56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| babesnearyou.com/de/multi/ms/1-526541/js/jquery-1.7.1.min.js?1 | 104.21.1.57 | 200 OK | 96 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/js/jquery-1.7.1.min.js?1 IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeJavaScript source, ASCII text, with very long lines (32769) Hashfea83adc00fc00fe9957f39da72507a9 6f764831f450ef5ec28d288147a6080bd9be4f22 4541321d4df45b78f0f3dc4fad4a9b06c3c4d3ea4f754f54d2ee859526d9c42f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/js/jquery-1.7.1.min.js?1 HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 12:32:50 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Byz1A2yxKP2XpNkXEOxWj1fIZe%2FAcKoPMAQMNju0q208HUtFQDMj%2F7iK2jcwIjpOfoDheLfKI2nbbF1vsBXADwFYbvg%2FrPQs1xKWtV5k5El0s0cIvVkis73AHeN%2FJzh7j%2Fsm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82b1a8e56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alexatracker.com/jscode/JAIA.js?sub1=babesnearyou.com&sub2=&sub3=&sub4=&sub5=&prid= | 172.67.204.112 | 200 OK | 0 B |
URL GET HTTP/2alexatracker.com/jscode/JAIA.js?sub1=babesnearyou.com&sub2=&sub3=&sub4=&sub5=&prid= IP172.67.204.112:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerGoogle Trust Services LLC Subjectalexatracker.com Fingerprint74:C4:C5:AB:F0:96:19:8D:55:C1:FC:49:6D:EF:28:5C:C0:A3:FD:48 ValidityThu, 21 Mar 2024 13:35:40 GMT - Wed, 19 Jun 2024 13:35:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jscode/JAIA.js?sub1=babesnearyou.com&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babesnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:14:33 GMT
content-type: application/json; charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=1ef23a7d867401ed8cd691c3ed5e4def46cf08813e1d529d6f0b5b947ad4dedaa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A5758821898858968537%3B%7D; expires=Tue, 12 May 2026 23:14:33 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ODhBGqjMYh0sR0fgeBZvODZopl%2BNTA5GuahLk0ueXzHWJ2Sey99SS%2BUBSVeyi7VsvC4KZ9cQgCKYieskV3FWVQSGG5x7LtK93TLAjDyvpAwn8Md97eN5H3dC7qjzmgt4ADG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804e82d1a7d1c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| babesnearyou.com/de/multi/ms/1-526541/css/normalize.min.css | 104.21.1.57 | 200 OK | 2.5 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/css/normalize.min.css IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeASCII text, with very long lines (2521), with no line terminators Hashd3f7f25e2c267525e9dd372151dd44c5 be09fd593903cb589662555b7390314eb9b9f4ff 361ee38129e91e0c910a7ac38a336a54d6051d323f9b7846c0cf196961f34c92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/css/normalize.min.css HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 12:32:47 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3hBhNDJmqi%2FPjt0Aq8E4IXTW%2FrmCps2XgaixNm%2FmblOqYNaTZwiphzUHVHHEXgMahpv%2BlZ1eyCFAEZqapOJsUDSYbhxyK%2B9ptIWEWJExVpki2ELUpuw6YYLNvr8gQzgDjlF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82b0a8256c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zeniocloud.com/JAIA.js?sub1=babesnearyou.com | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/2zeniocloud.com/JAIA.js?sub1=babesnearyou.com IP188.114.96.1:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerGoogle Trust Services LLC Subjectzeniocloud.com FingerprintFD:31:E5:23:F0:E6:E0:B5:7F:67:26:F7:34:69:A7:B3:CA:39:1C:37 ValidityMon, 11 Mar 2024 16:41:24 GMT - Sun, 09 Jun 2024 16:41:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /JAIA.js?sub1=babesnearyou.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babesnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
last-modified: Tue, 07 May 2024 23:13:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmXmMkUhNl%2BF9xZTu8%2FrSGh43FTI3yhqxH%2BK2JCKXcKvMEdYy2kSsgt0PT5C62dING2bCFR%2FiqVIZ4LJ8yVLMb39DDFYI%2BUMoX4aaE2410BFqnEEWOzJ%2BN9Gsh9gG%2FJNaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804e82b7c33712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.production.push-sender.com/mng/channels/init.min.js?ver=1708011915 | 143.204.55.26 | 200 OK | 28 kB |
URL GET HTTP/2static.production.push-sender.com/mng/channels/init.min.js?ver=1708011915 IP143.204.55.26:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerAmazon Subjectproduction.push-sender.com FingerprintFF:F5:0A:96:D0:0D:81:D4:34:60:CB:E8:B6:BA:85:5B:40:30:38:AE ValidityMon, 18 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash8853549c3d94b135cff7696e087dc08f 92ff4b057e92c46752e87b593677e960f80afb09 09c57ca60b3ff9fc47a5cf1b9c5eb52017bb130a3347af01be1d05ab1f7f91a0
GET /mng/channels/init.min.js?ver=1708011915 HTTP/1.1
Host: static.production.push-sender.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babesnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 07 May 2024 05:42:35 GMT
etag: W/"8853549c3d94b135cff7696e087dc08f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oYdFjfEbzZoG3DQWttOg_Du9_1SVjTkee-PQrSkBO009IAPDeGVZsA==
age: 70597
X-Firefox-Spdy: h2
|
|
| babesnearyou.com/de/multi/ms/1-526541/js/backoffer.js | 104.21.1.57 | 200 OK | 430 B |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/js/backoffer.js IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeJavaScript source, ASCII text, with very long lines (430), with no line terminators Hash6d5aa83d23ce0b9f72d3b87d000d8fae 034fb8768eb58ffc0b5849e2c162989741a6cbec 89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/js/backoffer.js HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 12:32:50 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3vY0QTRigA2wkv1JpLMixj0IIHcjbNt1eEvb7uIsvX8i7b0oXhtYl%2BcjguJjyMUhqMG9thse0Co3VqnJ%2BOy%2BqJ6BgCSxtHwhFAXCzOnrVjgnvvRRGYes6ThA%2Fvl8CIwSKmV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82b2aa356c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| babesnearyou.com/de/multi/ms/1-526541/js/custom.js | 104.21.1.57 | 200 OK | 1.7 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/js/custom.js IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
File typeJavaScript source, ASCII text, with very long lines (1826), with no line terminators Hashebe1b0533bc2e9c280a30a10b2d8f64f 3f754d54422882f79ca5c90433aac7ef063079b1 90cf65b5d85999736e6c57458e827458a306af3057dbc347c569ef71a72d699d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/js/custom.js HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 12:32:50 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qB8creav7fGwakDZD2DmdP8ieqJRiD0L%2FzJgDn74z7cD0Z70X2L2hJmihz9BLW2%2BDIREZDxKJC8D4866bCrcWmBKzulrQYT8BoS2VKFizDCxCj8KBkHEpJCaYKKpn7%2BFJKu%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82b1a9256c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| babesnearyou.com/de/multi/ms/1-526541/css/main.css | 104.21.1.57 | 200 OK | 12 kB |
URL GET HTTP/3babesnearyou.com/de/multi/ms/1-526541/css/main.css IP104.21.1.57:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerLet's Encrypt Subjectbabesnearyou.com Fingerprint49:6B:C5:D5:40:BC:DF:6C:BD:33:FE:63:8B:2B:77:5B:FE:B9:0E:86 ValiditySat, 13 Apr 2024 21:34:31 GMT - Fri, 12 Jul 2024 21:34:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /de/multi/ms/1-526541/css/main.css HTTP/1.1
Host: babesnearyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:14:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 12:32:47 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8%2BbPrP2TunGjfnURgaF11Ev%2Fj4WNOsvU2kh2n4K3Fu0GmR0%2F0rmTyEpnp41mEhLLd2dClM0EJkQuF%2BOV6CkLznwxV7pmLyXzg%2Fnx3ZtJ4ghqPJyDsGBr6lPyt6VRstrc6%2BU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804e82b0a8956c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.production.push-sender.com/mng/subs_window.js?ver=1708011915 | 143.204.55.26 | 200 OK | 20 kB |
URL GET HTTP/2static.production.push-sender.com/mng/subs_window.js?ver=1708011915 IP143.204.55.26:443
Requested byhttps://babesnearyou.com/de/multi/ms/1-526541/?cep=vS1HzOZXvr6YIjUbE61Nfvfgghb0UbJCOCfT-wOyizABQxUjFqsZZ04oIq2fYBrFNby0AIiKTPXdZycQQ2KX1VASBbpPYSVw7DdsqSjCpEMfGNPKcgYZOf2f2_wWWBKbjWz8aWHAq_RLCeU6lWrJAXOsBeibVQwmK-Zc_nqGaoKMRTDcEJFwpsGaU1QEwkQZy3kqa-HrEGiHb9Xhx8anteYOL9kiy-JpTKUP6yCEcUevq6wJcuDcbE35u6EiT0_CSnD9Uc0A5dpqfHFEJ3fse195CpCKLcRnCU7kwXbIpEfTgUM6sBf_wS5XFYs17c7Ire9o6V_9JdVeSxkfJxziGrgzfoUT0Ka78TaAAtod0vDa4t1s5p58XjuEd59q1wKZ&lptoken=17af1563129f54a55429 CertificateIssuerAmazon Subjectproduction.push-sender.com FingerprintFF:F5:0A:96:D0:0D:81:D4:34:60:CB:E8:B6:BA:85:5B:40:30:38:AE ValidityMon, 18 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mng/subs_window.js?ver=1708011915 HTTP/1.1
Host: static.production.push-sender.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://babesnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 07 May 2024 06:58:05 GMT
etag: W/"2b3010e6d2440c83b9cfff48def5f0c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e-eE7OCM52yJN1a268VKb_QZvp7RxppyB_9SYZS5L2padZdYbRH34w==
age: 75748
X-Firefox-Spdy: h2
|
|