urlscan.io logo urlscan.io
SecurityTrails logo

flirtooy.info Open in urlscan Pro
2606:4700:3037::6815:215b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gbin21.inwestowaniepogodzinach.pl/
Effective URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c...
Submission: On January 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 20 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3037::6815:215b, located in United States and belongs to CLOUDFLARENET, US. The main domain is flirtooy.info. The Cisco Umbrella rank of the primary domain is 623783.
TLS certificate: Issued by GTS CA 1P5 on December 9th 2023. Valid for: 3 months.
This is the only time flirtooy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
3 79.133.217.178 20853 (ETOP-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 178.32.201.246 16276 (OVH)
1 46.242.239.227 12824 (HOMEPL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 91.134.210.116 16276 (OVH)
1 146.75.36.193 54113 (FASTLY)
1 5.149.167.161 31229 (PL-BEYOND-AS)
1 217.74.71.140 16138 (INTERIA)
1 2600:9000:21e... 16509 (AMAZON-02)
2 3 173.0.157.204 7979 (SERVERS-COM)
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
47 18
5    2606:4700:3037::6815:55c1 (United States)

ASN13335 (CLOUDFLARENET, US)
gbin21.inwestowaniepogodzinach.pl
inwestowaniepogodzinach.pl
3    79.133.217.178 (Warsaw, Poland)

ASN20853 (ETOP-AS, PL)
cdn1.modnezakupy.net
2    2606:4700:3034::ac43:ab8d (United States)

ASN13335 (CLOUDFLARENET, US)
photos.strefa-hostess.pl
2    2606:4700:3037::6815:1296 (United States)

ASN13335 (CLOUDFLARENET, US)
intimshop.pl
1    178.32.201.246 (Ivry-sur-Seine, France)

ASN16276 (OVH, FR)
PTR: www.imid.med.pl
www.imid.med.pl
1    46.242.239.227 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver3194425-3194456.home.pl
biennalewarszawa.pl
1    2606:4700:3033::6815:4bd5 (United States)

ASN13335 (CLOUDFLARENET, US)
znanyfotograf.com
2    2606:4700:20::681a:663 (United States)

ASN13335 (CLOUDFLARENET, US)
i5.offers.gallery
offers.gallery
1    91.134.210.116 (France)

ASN16276 (OVH, FR)
PTR: pl.superprof.com
www.superprof.pl
1    146.75.36.193 (Reston, United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    5.149.167.161 (Poland)

ASN31229 (PL-BEYOND-AS, PL)
PTR: vm19976.iai-system.com
pinkshop.pl
1    217.74.71.140 (Poland)

ASN16138 (INTERIA, PL)
PTR: cv.interia.pl
i.iplsc.com
1    2600:9000:21ea:ce00:18:bcda:d600:21 (United States)

ASN16509 (AMAZON-02, US)
d13uy3bdhwkuhk.cloudfront.net
3    173.0.157.204 (United States)

ASN7979 (SERVERS-COM, US)
go.gkrtmc.com
17    2606:4700:3037::6815:215b (United States)

ASN13335 (CLOUDFLARENET, US)
flirtooy.info
api.flirtooy.info
1    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
9 flirtooy.info go.gkrtmc.com
flirtooy.info
8 api.flirtooy.info flirtooy.info
4 gbin21.inwestowaniepogodzinach.pl gbin21.inwestowaniepogodzinach.pl
3 go.gkrtmc.com 2 redirects gbin21.inwestowaniepogodzinach.pl
3 cdn1.modnezakupy.net gbin21.inwestowaniepogodzinach.pl
2 fonts.gstatic.com fonts.googleapis.com
2 intimshop.pl gbin21.inwestowaniepogodzinach.pl
2 photos.strefa-hostess.pl gbin21.inwestowaniepogodzinach.pl
1 fonts.googleapis.com flirtooy.info
1 inwestowaniepogodzinach.pl gbin21.inwestowaniepogodzinach.pl
1 offers.gallery gbin21.inwestowaniepogodzinach.pl
1 d13uy3bdhwkuhk.cloudfront.net gbin21.inwestowaniepogodzinach.pl
1 i.iplsc.com gbin21.inwestowaniepogodzinach.pl
1 pinkshop.pl gbin21.inwestowaniepogodzinach.pl
1 i.imgur.com gbin21.inwestowaniepogodzinach.pl
1 www.superprof.pl gbin21.inwestowaniepogodzinach.pl
1 i5.offers.gallery gbin21.inwestowaniepogodzinach.pl
1 znanyfotograf.com gbin21.inwestowaniepogodzinach.pl
1 biennalewarszawa.pl gbin21.inwestowaniepogodzinach.pl
1 www.imid.med.pl gbin21.inwestowaniepogodzinach.pl
0 counter.yadro.ru Failed gbin21.inwestowaniepogodzinach.pl
0 web.goingapp.pl Failed gbin21.inwestowaniepogodzinach.pl
0 cdn2.modnezakupy.net Failed gbin21.inwestowaniepogodzinach.pl
0 www.mobilesalon.net Failed gbin21.inwestowaniepogodzinach.pl
47 24

This site contains no links.

Subject Issuer Validity Valid
inwestowaniepogodzinach.pl
GTS CA 1P5		 2023-11-10 -
2024-02-08		 3 months crt.sh
*.modnezakupy.net
Certyfikat SSL		 2023-10-03 -
2024-10-02		 a year crt.sh
strefa-hostess.pl
GTS CA 1P5		 2023-11-26 -
2024-02-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-10 -
2024-02-09		 a year crt.sh
imid.med.pl
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
*.biennalewarszawa.pl
Certyfikat SSL		 2023-01-17 -
2024-01-17		 a year crt.sh
znanyfotograf.com
GTS CA 1P5		 2023-12-08 -
2024-03-07		 3 months crt.sh
superprof.pl
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.pinkshop.pl
Certum Domain Validation CA SHA2		 2023-08-14 -
2024-08-13		 a year crt.sh
*.iplsc.com
DOMENY SSL DV Certification Authority		 2023-03-31 -
2024-03-30		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
track.cpamatica.com
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
flirtooy.info
GTS CA 1P5		 2023-12-09 -
2024-03-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
Frame ID: 137BD46316E84F99D1DAE184CF1B76A0
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dating Service

Page URL History Show full URLs

  1. https://gbin21.inwestowaniepogodzinach.pl/ Page URL
  2. https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
    https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c Page URL
  3. https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c HTTP 302
    https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
  • vue[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

47
Requests

91 %
HTTPS

53 %
IPv6

20
Domains

24
Subdomains

18
IPs

3
Countries

1046 kB
Transfer

7519 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gbin21.inwestowaniepogodzinach.pl/ Page URL
  2. https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
    https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c Page URL
  3. https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c HTTP 302
    https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://goingapp.pl/storage/app/uploads/public/5d7/8ff/cd9/thumb_455880_600x350_0_0_crop.jpg HTTP 301
  • https://web.goingapp.pl/storage/app/uploads/public/5d7/8ff/cd9/thumb_455880_600x350_0_0_crop.jpg
Request Chain 27
  • https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
  • https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gbin21.inwestowaniepogodzinach.pl/ 		317 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
64828432cce6fce2e512834aa936bce4147eb2961ea8de521051a017c07d03f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f91e0da88567e1-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 03 Jan 2024 06:17:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmIOdweyYN%2FMoxmGuIRqApIrpMBc6LMQtxHM7WkFiwI8EIoptNafYSTLv%2B1tNwjK93jEn%2BXnk1URou5F79%2BYaPbduqF9xuaBZQa%2B6mv77lRZ6nkGD5kWIb3igBP0MeRYoatUJecnKbkH%2BbujUVe64xntZQYHUS86oU9pHj0obxE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
gdxwfkw.js
gbin21.inwestowaniepogodzinach.pl/ 		1016 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbin21.inwestowaniepogodzinach.pl/gdxwfkw.js?0.8859281979012008&q=c2V4IGFsZWtzYW5kcmEgd2Fyc3phd2E=
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
750d1709b15c0bd53e22ea8627edda465c30f2b3dfab34c09f195de79f610fed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 03 Jan 2024 06:17:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaWmro8pAffXNbRW2Zo5qufIgP5ogg5vPmSk1Qu8HvhBsgC7q6MWdUwbjUqnJ2n19fnBLfsnylrsxQ2rIudxuCuPKrfQny6jAA3pFat0Nsp18kY6edkCFfVaKpSE8IOJdjrVVXJMj0vYo5uLzfF6upfr14uksKBvo0lwr5lrdMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83f91e12ff8267e1-MIA
alt-svc
h3=":443"; ma=86400
L4215-4-7.jpg
cdn1.modnezakupy.net/s2/lorin/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.modnezakupy.net/s2/lorin/L4215-4-7.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.217.178 Warsaw, Poland, ASN20853 (ETOP-AS, PL),
Reverse DNS
Software
phoenix /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 20:28:24 GMT
Last-Modified
Thu, 09 May 2019 11:50:27 GMT
Server
phoenix
Content-Type
image/jpeg
Cache-Control
max-age=15984000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
12973
aleksandra.jpg
photos.strefa-hostess.pl/profil/olack/aleksandra/big/345709/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.strefa-hostess.pl/profil/olack/aleksandra/big/345709/aleksandra.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
masazer-fox-show-63-00011.jpg
intimshop.pl/9774-large_default/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intimshop.pl/9774-large_default/masazer-fox-show-63-00011.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16ea9b5dfcdc30b5fcc45b955a8a7c4487752bd2e2b36f1fb8de992dcad7d75a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:13 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 11:38:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5%2FHE7x99ioh2vRBN5rzwj%2FbUGFdzfdtWEsWMr8psdp%2BGDYX15oOyaeM5s9PKUE26hdaxiC%2BC9LDdgLWAHJakFNNdImrftl0bohyf9fXBvz05c4OT3o0W1uSncfHbTrMZcRmyowYdNEk%2Bms%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83f91e135be0db15-MIA
alt-svc
h3=":443"; ma=86400
content-length
23928
Aleksandra%20%C5%9Awieboda.JPG
www.imid.med.pl/files/imid/zdjecia%20pracownikow/ 		80 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imid.med.pl/files/imid/zdjecia%20pracownikow/Aleksandra%20%C5%9Awieboda.JPG
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.32.201.246 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS
www.imid.med.pl
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 06:17:14 GMT
Last-Modified
Thu, 08 Feb 2018 08:42:43 GMT
Server
nginx
ETag
"5a7c0d83-473fa4"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
4669348
Expires
Thu, 31 Dec 2037 23:55:55 GMT
zestaw-scandal-universal-cuff-set.jpg
intimshop.pl/3846-large_default/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intimshop.pl/3846-large_default/zestaw-scandal-universal-cuff-set.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d8b7f1b0f95ed255c932fbd2f5abecf586b88e9a5501192b811b8e24403aa94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:13 GMT
cf-cache-status
MISS
last-modified
Fri, 12 Jul 2019 15:57:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko%2FulSfq1aDzZ5Gm%2B2N0L4XRAlshSOay%2BsPaBWO%2FJ8IeHg7P2TOCMCDOWmdJXtLG85ZMmbh0cyAZ2qqbf7ZohQGwSmazHw%2F%2Bnlrxv4QGq9ZuRKUHQpw%2FpCEbD%2B2EJBFIpxTaDr6yupaWgsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83f91e135be4db15-MIA
alt-svc
h3=":443"; ma=86400
content-length
23235
aleksandra.jpg
photos.strefa-hostess.pl/profil/olala099/aleksandra/big/451487/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.strefa-hostess.pl/profil/olala099/aleksandra/big/451487/aleksandra.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ab8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc35bd3d1a775a966367ba861d5446eb88987a3bf87416303d8b604dc68a128

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:13 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Oct 2019 19:09:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feheXOGvYcomu3l6iOm0xZr39Lp6CGtPzlMWtZSaA0my9ScnOeWS2LG2EMaX%2F%2BJKbjwGan%2Fj8M4gGVoFIrsjDaUi34iKsgEH%2Bob7VBMsSVgOrRwjyPNnSjXuOo28q01zyCafrAvopQSS14avPVwVhbO%2B4YW%2FxAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83f91e136c5d3360-MIA
alt-svc
h3=":443"; ma=86400
content-length
157922
expires
Fri, 02 Feb 2024 06:17:17 GMT
akardas-foto-pyzz-1400x2002.jpg
biennalewarszawa.pl/wp-content/uploads/2020/07/ 		96 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biennalewarszawa.pl/wp-content/uploads/2020/07/akardas-foto-pyzz-1400x2002.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.242.239.227 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver3194425-3194456.home.pl
Software
IdeaWebServer/5.4.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:14 GMT
last-modified
Sat, 11 Jul 2020 06:41:40 GMT
server
IdeaWebServer/5.4.0
content-length
210001
content-type
image/jpeg
zdjecie-fotograf-aleksandra-kaminska-fotografia-reportazowa-v374x821-y0.JPG
znanyfotograf.com/uploads/portfolio/aleksandra-kaminska/ 		416 KB
417 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znanyfotograf.com/uploads/portfolio/aleksandra-kaminska/zdjecie-fotograf-aleksandra-kaminska-fotografia-reportazowa-v374x821-y0.JPG
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
426256
last-modified
Fri, 27 Dec 2019 23:45:32 GMT
server
cloudflare
etag
"68110-59ab816e01f00"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfuGC%2FY6%2B7h08h81234F2QPMwCsMPUt80B4W4ckrEMr2xWVnltBoBX72Cu%2BQtjN%2FHE2nKEhlB9yylBcszzZ030aIr4Y8ku%2BhSiRTXgvt%2BSJ%2FNho%2FiHuX6JVgGzRKJ8Z2Q3y9Auq53j0A%2B%2FBA2e%2BDhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f91e13583467e4-MIA
expires
Thu, 02 Jan 2025 06:19:19 GMT
kajdanki-erotyczne-stalowe-kajdanki-obszyte-czarnym-futerkiem-b58d79411dc43d1a6ac80d4bd9ce9b21.jpg
i5.offers.gallery/p-c1-4d-c14d2cb719f0e057badac213859deb0c250x250/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i5.offers.gallery/p-c1-4d-c14d2cb719f0e057badac213859deb0c250x250/kajdanki-erotyczne-stalowe-kajdanki-obszyte-czarnym-futerkiem-b58d79411dc43d1a6ac80d4bd9ce9b21.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
054e34b0c2b65f834cf80547bdccd51b24e8695da30e0b5b390b6ec8c8238064

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:13 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2e97721b3c19315f9d4755deebbfeaffd8c6e495"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfBejkfrAiTmEA67GGafTADc5kJJM%2BY8lSoTDRnGq4ZxeOsBUvxTRCTuiQkSbt%2BBJxwvWopG7kkOZWaLGJ0nkxtMiqirNncgt2Lj%2Fh4cVxOf9qMwzO0G1%2FwxPjl2g%2BuQf1yAzs0SibZg5lvV3VBv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
83f91e135a584c32-MIA
content-length
4226
expires
Fri, 02 Feb 2024 06:17:13 GMT
nauczyciel-dom-amatorka-fanka-wiarstwa-figurowego-nauczy-podstaw-jazdy-wach-rolkach-wrotkach.jpg
www.superprof.pl/obrazy/ogloszenia/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.superprof.pl/obrazy/ogloszenia/nauczyciel-dom-amatorka-fanka-wiarstwa-figurowego-nauczy-podstaw-jazdy-wach-rolkach-wrotkach.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.134.210.116 , France, ASN16276 (OVH, FR),
Reverse DNS
pl.superprof.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:14 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Oct 2019 10:27:13 GMT
server
Apache
etag
c949c92ac36e90d6a47d9eb78fbd9a27
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 06:17:14 GMT
L4A9F9V.jpg
i.imgur.com/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/L4A9F9V.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4ce56e9fae350168caad7b8d3807b1f66cf3f337556d85f97a9869da8581cdf5
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:13 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
44204
x-cache
Miss from cloudfront, HIT
content-length
63876
x-served-by
cache-iad-kcgs7200119-IAD
last-modified
Fri, 13 Mar 2020 08:34:35 GMT
server
cat factory 1.0
x-timer
S1704262634.584827,VS0,VE2
etag
"51f98c8a764c468cbca8d6d4eaf14d0b"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dWFQBGhG6PL0hH3bX46JllHQ51WiYzVPjnJk139hwtdwG0aKW61Taw==
x-cache-hits
1
Makija%C5%BC-do-pracy-Warszawa-735x784.jpg
www.mobilesalon.net/wp-content/uploads/2018/12/ 		0
0
103.jpg
pinkshop.pl/userdata/public/news/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinkshop.pl/userdata/public/news/images/103.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.149.167.161 , Poland, ASN31229 (PL-BEYOND-AS, PL),
Reverse DNS
vm19976.iai-system.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
loretta-1-8.jpg
cdn1.modnezakupy.net/s2/livia/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.modnezakupy.net/s2/livia/loretta-1-8.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.217.178 Warsaw, Poland, ASN20853 (ETOP-AS, PL),
Reverse DNS
Software
phoenix /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 20:28:24 GMT
Last-Modified
Tue, 01 Aug 2017 17:10:48 GMT
Server
phoenix
Content-Type
image/jpeg
Cache-Control
max-age=15984000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
120805
0002LT74SW50M5VW-C411.jpg
i.iplsc.com/-/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.iplsc.com/-/0002LT74SW50M5VW-C411.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.74.71.140 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS
cv.interia.pl
Software
IPL/2.2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 18:00:30 GMT
last-modified
Tue, 02 Jan 2024 18:00:30 GMT
server
IPL/2.2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
19644
expires
Wed, 03 Jan 2024 18:00:30 GMT
906688-4089ceed0e3a35827a4d6b032b7fcb40.jpg
d13uy3bdhwkuhk.cloudfront.net/avatar/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13uy3bdhwkuhk.cloudfront.net/avatar/906688-4089ceed0e3a35827a4d6b032b7fcb40.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:ce00:18:bcda:d600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a4bcfd82b2ea7025f3a5d8aaca0cec63f38c2b95806e597d8a1f7b030d2c77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 18:00:31 GMT
x-amz-version-id
3IKlRhQ7rXMm6y1MAYgnhuiQ72qAHcXE
via
1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
last-modified
Fri, 02 Oct 2020 19:26:05 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
44204
etag
"3e851b28c82dd2666e702134cb6d8c8f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000, public
content-length
38967
x-amz-cf-id
OfekVLjTnKp34pnBuwdCOq2ZfiHG9K0ZCvh8m5--dzVwszDOSBUv8g==
d333-1-7.jpg
cdn2.modnezakupy.net/s2/excel/ 		0
0
thumb_455880_600x350_0_0_crop.jpg
web.goingapp.pl/storage/app/uploads/public/5d7/8ff/cd9/
Redirect Chain
  • https://goingapp.pl/storage/app/uploads/public/5d7/8ff/cd9/thumb_455880_600x350_0_0_crop.jpg
  • https://web.goingapp.pl/storage/app/uploads/public/5d7/8ff/cd9/thumb_455880_600x350_0_0_crop.jpg
0
0
pas-unieruchamiajcy-rce-i-nogi-wypita-dupka-100-dyskrecji-bezpieczne-zakupy-7167700814214.jpg
offers.gallery/p-6f-c4-6fc40704be1649e8ef32fd7d0ddd7490300x300/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.gallery/p-6f-c4-6fc40704be1649e8ef32fd7d0ddd7490300x300/pas-unieruchamiajcy-rce-i-nogi-wypita-dupka-100-dyskrecji-bezpieczne-zakupy-7167700814214.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f6ee703032041119ff741e05c1ba8fe3b0133eac"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKUOjoRzKO9Et20BpNE85qknZANQ%2FblIezwCA6i2c%2F4THE4w7L9nozNT5F7ardRx8CnvPP52gybkCelpUfeLse4IDBdlMdzpv0s2KPkNG6%2BGe1G%2BjJHOfmIifXzI1%2BnJpcOiR%2B0xKxmZvbcG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
83f91e17fe134c32-MIA
content-length
8136
expires
Fri, 02 Feb 2024 06:17:14 GMT
anahila55123-1-8.jpg
cdn1.modnezakupy.net/s2/livia/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.modnezakupy.net/s2/livia/anahila55123-1-8.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.217.178 Warsaw, Poland, ASN20853 (ETOP-AS, PL),
Reverse DNS
Software
phoenix /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 20:28:24 GMT
Last-Modified
Tue, 06 Mar 2018 12:35:52 GMT
Server
phoenix
Content-Type
image/jpeg
Cache-Control
max-age=15984000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
60048
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
hit;pldat3
counter.yadro.ru/ 		0
0
invester1.jpg
inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/invester1.jpg
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
olctlxj.gif
gbin21.inwestowaniepogodzinach.pl/ 		209 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbin21.inwestowaniepogodzinach.pl/olctlxj.gif?ref=&url=https%3A//gbin21.inwestowaniepogodzinach.pl/&scr=1600x1200&q=1704262633&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.129%20Safari/537.36&0.13502951045880907
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ead0d51f7ed1fd4e60e4e7fc77f368f5baffefd029e116552eb5f1590a5467

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:13 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq9odT80EsKNN30JRI0VMl6r%2BIAINh3a3YB%2BGX7euRp85hG8bd7qwvvCn74maIexpGrZFL%2Bu1nPbEG4EkBDL%2BXR2RIzPEfv%2BFkdlwWuF8rTyh8FpD%2FO00MPRKiDne5d19R5DxCXM3539ZnIU8vG8c5pWYhA1gFrYUX4D0zmOubo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
83f91e14c8bab3c8-MIA
alt-svc
h3=":443"; ma=86400
aaqgtdq.js
gbin21.inwestowaniepogodzinach.pl/ 		550 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbin21.inwestowaniepogodzinach.pl/aaqgtdq.js?get=1&q=1704262633&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.129%20Safari/537.36&0.6065429263964821
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/gdxwfkw.js?0.8859281979012008&q=c2V4IGFsZWtzYW5kcmEgd2Fyc3phd2E=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gbin21.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 03 Jan 2024 06:17:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihx1Chl1obFXcc7mWB2lpDnSlY2S7Cgf0DtZtXNwoSkgoo6G71JrnievyWuCuB3iixkpOIcQfz6%2Fmw7wdlYBIYZSky3vyDuqq%2B%2F1ipg4FTBrJ4oVyYZK9qvXwq5V31ekRtsbi4V%2BOrlz3%2BdkFqVg82SgISbeLsxY1Rdr0FQik%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
83f91e16aaa7b3c8-MIA
alt-svc
h3=":443"; ma=86400
cl
go.gkrtmc.com/
Redirect Chain
  • https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem
  • https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Requested by
Host: gbin21.inwestowaniepogodzinach.pl
URL: https://gbin21.inwestowaniepogodzinach.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.0.157.204 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gbin21.inwestowaniepogodzinach.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Wed, 03 Jan 2024 06:17:14 GMT
ETag
W/"579-0Vsjzx+kUoPTVO57S1z+EjAkaOk"
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
264
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Wed, 03 Jan 2024 06:17:14 GMT
Location
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
Primary Request /
flirtooy.info/
Redirect Chain
  • https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
  • https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
Requested by
Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34887f9e88e066996c1b3f93272d6e5479efc53d83d91853264122a608848b75

Request headers

Referer
https://go.gkrtmc.com/cl?offer_id=10170&aff_id=47487&aff_sub=66979&aff_sub5=seo-sem&bofc=aff_c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, no-transform
cf-cache-status
DYNAMIC
cf-ray
83f91e1b8c2b8dc4-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 03 Jan 2024 06:17:15 GMT
etag
W/"6582df3f-17a9"
expires
0
last-modified
Wed, 20 Dec 2023 12:34:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VmQ3dbolj0VMTrFtKsiRiap7Bf1Lcxg1k4h5rw7Lm1Xedv0erLqGniiirA0Lnat%2Bg9xIPgVgNTP3L5SbZNDPPqWjcFSxUkVbbyxh5nD4t8huquBvTrnO2lmbCKAF9ZG5P3Au0dJRgzr7kgV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
484
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Wed, 03 Jan 2024 06:17:14 GMT
Location
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 06:17:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 05:19:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 06:17:15 GMT
chunk-vendors.cbd28e82.js
flirtooy.info/js/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flirtooy.info/js/chunk-vendors.cbd28e82.js
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fefe8ce217d02253225049003a97624b897e4f65b30e793013e4d0f7ff12360
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1962849
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Dec 2023 13:02:01 GMT
server
cloudflare
etag
W/"65770849-2de84"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUlC3FdPnNYX8WXqlg8sMcJvpo5TUIvqJZId3mO0RXwDKTayRZrtenG0VBeMQKb0dWpAVJI1eFqq8txqUXRv0BaU8OPlvVmJJ4wJgA8cmAaC%2FtXuJ7covcRLmfqbUlbU1s6aXwT4N%2BZOGtYp"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
83f91e1d5e028dc4-MIA
expires
Wed, 10 Jan 2024 13:03:06 GMT
app.035ebfc1.js
flirtooy.info/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flirtooy.info/js/app.035ebfc1.js
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cccb8335ccc110e1f2873bd174fa4287d3bfec228bb95f58941cb5f8f7e16c
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1962849
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Dec 2023 13:02:01 GMT
server
cloudflare
etag
W/"65770849-6fab"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O059gMbB2n2ZLiLoLqyW7jClNV45hFG%2FlLgF%2BJzqtg%2BuE1mPhz90YZhdPFuSUpk4p7%2BEdlXOjdSu%2BcEh6zJd86qJoyDpbmF6KYvkEmaLc4KSyhTyd%2BjvY2ZnQh9%2BXrXhNF3qAIcuKybMoos"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
83f91e1d5e058dc4-MIA
expires
Wed, 10 Jan 2024 13:03:06 GMT
client-visit
api.flirtooy.info/v1/public/ 		2 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.flirtooy.info/v1/public/client-visit
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Jan 2024 06:17:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://flirtooy.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIy0JK7niensiR3zknpTf5mjNFmlcXqjalE%2FF6Q%2BJ%2FQSAsuplN5dzIvzdYQ%2FEAMOO8Jop297xxSD3UFhrUKKevVnBDEkMlqllJDMz15I%2FWWXTP8U9qLfEIOA3CXbZZWnAbILueJelHZ3lXgHSyuzjw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
83f91e208deb4964-MIA
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
alt-svc
h3=":443"; ma=86400
client-visit
api.flirtooy.info/v1/public/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.flirtooy.info/v1/public/client-visit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://flirtooy.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://flirtooy.info
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f91e1ee8c067ce-MIA
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 03 Jan 2024 06:17:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhTws%2FFIdGu7bYuKuG%2FoH2j2UISmZlZMC%2BkneaKDxMl1MLE7X8QzTzWreJydnGrby4Se2U0Cy0gwpgQbv80ASyDtnj8br3yVdptJiN9zcROZfTb5RYJFMijWsKOuYrmzRsZjICa8iE392lD2OIJfYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
auth
api.flirtooy.info/v1/user/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.flirtooy.info/v1/user/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://flirtooy.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://flirtooy.info
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f91e1ee8c367ce-MIA
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 03 Jan 2024 06:17:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8CzGMBwTdrzcBleXz04IhR8oJESPY%2BI7nW1bhWnz%2Bi101YIKyRJMgKesB5ypYSkCwgqlY5JtZOL8BOFIaQ1tvy%2BTb23TLjCrGuJg2tn1%2FB3GKZ%2BFpVa9DCYWj6O5ed3mTmXbw6MBDc7vRfdnnhV7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
auth
api.flirtooy.info/v1/user/ 		617 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.flirtooy.info/v1/user/auth
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.cbd28e82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cd707e6623956c7c2fd116cfd6a12b9148e423d2373a37ac0feb24a9df32f446

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 03 Jan 2024 06:17:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"269-flJetwn5GmxbTMivuDE1WFOQlPk"
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flirtooy.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZzW9iYUKDQmPqyuABgrsLmoiaYCisB%2FMn%2BkVoc9wcICpAiMgyDPwi2jcMl4veMK9wbJDQSNBj%2B93emhTE5TON3cgN52DzITN0VnA2mDsBDO2MeaZBONYoYOytk5xBuRHlQx1ZC%2FcAsfbRURN2daPw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
83f91e208dea4964-MIA
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
content-length
617
alt-svc
h3=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flirtooy.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:18:29 GMT
x-content-type-options
nosniff
age
334726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 09:18:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flirtooy.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 01:25:50 GMT
x-content-type-options
nosniff
age
449485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 01:25:50 GMT
land-LandDirectShortTT2-vue.da6605c7.css
flirtooy.info/css/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flirtooy.info/css/land-LandDirectShortTT2-vue.da6605c7.css
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/app.035ebfc1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
289bd735d17d654da437533c5e2dc09043a4d5b1c297df19345c865a0481800c
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
418137
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 12:34:07 GMT
server
cloudflare
etag
W/"6582df3f-53e0"
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeXK3VDYi0jRkqawOoV3TTeyebk4ZwsoUtuJhAts%2B5CRcNPDRdxOvb0tUvLNTdLtnPqQd9%2FfB86t7wCYL27vK72PNrX7vYOf%2BY6XdjjADWov%2FA0cnzUSWjCspvWCWcl%2BmnhHj%2BqKY0UCRYw3"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
83f91e22cf654964-MIA
expires
Sun, 28 Jan 2024 10:08:18 GMT
land-LandDirectShortTT2-vue.4269a2a3.js
flirtooy.info/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flirtooy.info/js/land-LandDirectShortTT2-vue.4269a2a3.js
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/app.035ebfc1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382a79f89c0dda1e9667aab06102d78b3f4c0a5bbddd0af531b67413315d9018
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1439016
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Dec 2023 13:02:01 GMT
server
cloudflare
etag
W/"65770849-2d83"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grhVQaTvivUJ6vXQwLWbZnICXePwycmpMrJ%2F5HO7e9lYqEzqRKn10PO2yTPEGRwjgUZLepBTUK8fw5Zz900zn%2Fo%2FGeG2aseUAEdVHEpgbYD25y3%2FX4RVD%2BMrlmHLm6mxj6pvKbM0hk3JUP56"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
83f91e22cf674964-MIA
expires
Tue, 16 Jan 2024 14:33:39 GMT
anal
api.flirtooy.info/v1/user/ 		26 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.flirtooy.info/v1/user/anal?event=push_subscription_show
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.cbd28e82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-US,en;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiYzliNGNhNTUtZTJkMS00MmU0LTkzZjQtOTUyZjdmNWMyNTBkIiwidmlzaXRfaWQiOiIyZTg5MDMzNC1kOTJiLTQwZjgtODExZS1jZTA5Y2VhY2E4ZDYiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJ0dDIiLCJpYXQiOjE3MDQyNjI2MzUsImV4cCI6MTczNTgyMDIzNX0.lhc8VfcWBSYS1n1gQjqAKcbxrLuVr-6EdaLjev3d-oc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flirtooy.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meFjsyl1Wz1CmGcI%2B92byjohIhTzZwK6%2F0pRRKw77sYMV%2BVPQGepCheSlIi28kJ3A2FyTn7u4oQwLvD4bcP%2FqCCskzkvPhft3MWTqAmhWXNVVkf5pn094XSwVFCAd67y%2FGyEw%2Fec8m9sNYsrAQTJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
83f91e23a83f4964-MIA
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
anal
api.flirtooy.info/v1/user/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.flirtooy.info/v1/user/anal?event=push_subscription_show
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://flirtooy.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://flirtooy.info
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f91e22cbf367ce-MIA
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 03 Jan 2024 06:17:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PNgz7M4tLDYBsMuhVpL6XZhArqV9FYERYkxahyEUMDVgyjlXl%2BztEeXQirTVgWaZe8Lp%2FUu6lJmmXPeM2yfff3rujn006k8nERPZBNESUyZBV7kBWDdWuFDAjvNjSFuvtP3lb3FCEnsmqA4lGAclw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
push-subscription
api.flirtooy.info/v1/user/ 		26 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.flirtooy.info/v1/user/push-subscription
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.cbd28e82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-US,en;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiYzliNGNhNTUtZTJkMS00MmU0LTkzZjQtOTUyZjdmNWMyNTBkIiwidmlzaXRfaWQiOiIyZTg5MDMzNC1kOTJiLTQwZjgtODExZS1jZTA5Y2VhY2E4ZDYiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJ0dDIiLCJpYXQiOjE3MDQyNjI2MzUsImV4cCI6MTczNTgyMDIzNX0.lhc8VfcWBSYS1n1gQjqAKcbxrLuVr-6EdaLjev3d-oc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 03 Jan 2024 06:17:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flirtooy.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BgVqP4%2FSx%2BEqOlwVzWFsNc83S%2FQnilLCSyluRaU64j2kO7BOBf3JYeWQqVfsAtsBt%2Bc7wAGBpzW1zSxlf1PFWrvY3JtBmv9qazrxahvjod6tQpp3bG%2BU2XaoBcG94oPDCUbaN58n47eTi3NwzRX7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
83f91e23a8414964-MIA
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
content-length
26
alt-svc
h3=":443"; ma=86400
push-subscription
api.flirtooy.info/v1/user/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.flirtooy.info/v1/user/push-subscription
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://flirtooy.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://flirtooy.info
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f91e22cbf667ce-MIA
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 03 Jan 2024 06:17:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXNtnL2LrJyyLEV6idPu6V27tO%2FwMJzT0HKjwcBevjqQrDI%2BDm3o%2BmXWfq4O9ahEmgiKeHxlp2zenVf1d7Bj%2ByoQJRRJN4TC9gjRP4VfUOwTWnfik9uhBMfuogtb0GalEQBTzQyVAJU6PbTerBT8eA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bg1.a6c153fa.jpg
flirtooy.info/img/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flirtooy.info/img/bg1.a6c153fa.jpg
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/css/land-LandDirectShortTT2-vue.da6605c7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33215a1515c319a23598b30fea546e10dcb8cca455b42e20d8aa5e2eebd73bde
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
https://flirtooy.info/css/land-LandDirectShortTT2-vue.da6605c7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:17:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2918999
alt-svc
h3=":443"; ma=86400
content-length
64359
last-modified
Wed, 29 Nov 2023 13:36:24 GMT
server
cloudflare
etag
"65673e58-fb67"
x-frame-options
deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8prQg9sEsicn%2FuWptZLtI%2BX6ACEv1Uo0u%2FjQn%2BAWnUSQ68Rkp%2FheYutCJ6QeSIE3vX0g2jc3uXym976muo%2FKRdMbuPl4VT255hAG%2FpTw20%2B%2BbWErKEj7OOZSmNsiWIFTL3%2BA1Mv8jaK5W1AD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f91e230f9f4964-MIA
expires
Fri, 29 Nov 2024 11:27:17 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d919905b98631ac02ce395cb20950f2379bcd9cea4f2e9f144f89a3e90e0bd1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
og.2d22d965.mp4
flirtooy.info/media/ 		52 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://flirtooy.info/media/og.2d22d965.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 03 Jan 2024 06:17:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4094
Content-Range
bytes 0-5930494/5930495
alt-svc
h3=":443"; ma=86400
Content-Length
5930495
last-modified
Wed, 20 Dec 2023 12:34:07 GMT
server
cloudflare
etag
"6582df3f-5a7dff"
x-frame-options
deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2gyWyVzfXfpgG6hXJ7nqOu0EZ9Jfd4TMyw3zMBVYVh3r91X%2BsT4wLx9Ygof9h3B%2BCHxPMxoP9OeCZWaCETrtkhF%2BKTpi4eiayTLUpyNK2NlDOa4I8J%2FFUizNc47LzUfsXTKv8lSpNuxwMoV"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
83f91e231fae4964-MIA
og.2d22d965.mp4
flirtooy.info/media/ 		31 KB
32 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://flirtooy.info/media/og.2d22d965.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d194d506fe134220a4ec0617c610acc0ea397bd5a997b69f25396e5118b2b2f0
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range
bytes=5898240-

Response headers

date
Wed, 03 Jan 2024 06:17:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4094
Content-Range
bytes 5898240-5930494/5930495
alt-svc
h3=":443"; ma=86400
Content-Length
32255
last-modified
Wed, 20 Dec 2023 12:34:07 GMT
server
cloudflare
etag
"6582df3f-5a7dff"
x-frame-options
deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2%2F5v57gYWI79OOMgVRcOc7DwGkysS7PePD90udty%2BK1LgtTwKUVRFfcv%2BVpei8cxNhzVHzintvY5gCKe1sCK5Kwi7ufE1nb5S2zhpKImhldOj%2F8dQQ9MCe7NnSd1ulGy6pS9iudW9Rf5u2k"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
83f91e23c8524964-MIA
og.2d22d965.mp4
flirtooy.info/media/ 		6 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://flirtooy.info/media/og.2d22d965.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range
bytes=32768-

Response headers

date
Wed, 03 Jan 2024 06:17:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4094
Content-Range
bytes 32768-5930494/5930495
alt-svc
h3=":443"; ma=86400
Content-Length
5897727
last-modified
Wed, 20 Dec 2023 12:34:07 GMT
server
cloudflare
etag
"6582df3f-5a7dff"
x-frame-options
deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rYAyjH3p3nBX0OKmhi6J6RwRRCp32iNHvVX79Sa4j3cS74VQimOta2PdlUeaLrWoGLgIPJRNlRUedeJlASjcsBPChVWhRSUrNN%2BGJ0A4Ntf%2BO1AgY0F%2FcoXVczyH0ZGfu0H6BxDRC%2BaqgzF"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
83f91e23f8704964-MIA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.mobilesalon.net
URL
https://www.mobilesalon.net/wp-content/uploads/2018/12/Makija%C5%BC-do-pracy-Warszawa-735x784.jpg
Domain
cdn2.modnezakupy.net
URL
https://cdn2.modnezakupy.net/s2/excel/d333-1-7.jpg
Domain
web.goingapp.pl
URL
https://web.goingapp.pl/storage/app/uploads/public/5d7/8ff/cd9/thumb_455880_600x350_0_0_crop.jpg
Domain
counter.yadro.ru
URL
https://counter.yadro.ru/hit;pldat3?t57.6;r;s1600*1200*24;uhttps%3A//gbin21.inwestowaniepogodzinach.pl/;hSex%20aleksandra%20warszawa%20bezpieczne%20strony%20erotyczne;0.38244749512420717

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackJsonp object| regeneratorRuntime

5 Cookies

Domain/Path Name / Value
.go.gkrtmc.com/ Name: language
Value: en
.go.gkrtmc.com/ Name: 8666
Value: 38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114
.go.gkrtmc.com/ Name: op_8666
Value: 0
.go.gkrtmc.com/ Name: user_id
Value: 80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150
api.flirtooy.info/ Name: authToken
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiYzliNGNhNTUtZTJkMS00MmU0LTkzZjQtOTUyZjdmNWMyNTBkIiwidmlzaXRfaWQiOiIyZTg5MDMzNC1kOTJiLTQwZjgtODExZS1jZTA5Y2VhY2E4ZDYiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJ0dDIiLCJpYXQiOjE3MDQyNjI2MzUsImV4cCI6MTczNTgyMDIzNX0.lhc8VfcWBSYS1n1gQjqAKcbxrLuVr-6EdaLjev3d-oc

7 Console Messages

Source Level URL
Text
security warning URL: https://gbin21.inwestowaniepogodzinach.pl/(Line 690)
Message:
Mixed Content: The page at 'https://gbin21.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.imid.med.pl/files/imid/zdjecia%20pracownikow/Aleksandra%20%C5%9Awieboda.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gbin21.inwestowaniepogodzinach.pl/(Line 690)
Message:
Mixed Content: The page at 'https://gbin21.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://i5.offers.gallery/p-c1-4d-c14d2cb719f0e057badac213859deb0c250x250/kajdanki-erotyczne-stalowe-kajdanki-obszyte-czarnym-futerkiem-b58d79411dc43d1a6ac80d4bd9ce9b21.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/invester1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://photos.strefa-hostess.pl/profil/olack/aleksandra/big/345709/aleksandra.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pinkshop.pl/userdata/public/news/images/103.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gbin21.inwestowaniepogodzinach.pl/olctlxj.gif?ref=&url=https%3A//gbin21.inwestowaniepogodzinach.pl/&scr=1600x1200&q=1704262633&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.129%20Safari/537.36&0.13502951045880907
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_aa3cc9471e7b184619b9c2e58f82f114&p10=80b146b8-d8bc-495c-a58a-5c073ab6ad8c_25223c14624853e0028cb5ecb3fe8150&source=66979&aff_sub=&aff_sub2=seo-sem
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.flirtooy.info
biennalewarszawa.pl
cdn1.modnezakupy.net
cdn2.modnezakupy.net
counter.yadro.ru
d13uy3bdhwkuhk.cloudfront.net
flirtooy.info
fonts.googleapis.com
fonts.gstatic.com
gbin21.inwestowaniepogodzinach.pl
go.gkrtmc.com
i.imgur.com
i.iplsc.com
i5.offers.gallery
intimshop.pl
inwestowaniepogodzinach.pl
offers.gallery
photos.strefa-hostess.pl
pinkshop.pl
web.goingapp.pl
www.imid.med.pl
www.mobilesalon.net
www.superprof.pl
znanyfotograf.com
cdn2.modnezakupy.net
counter.yadro.ru
web.goingapp.pl
www.mobilesalon.net
146.75.36.193
173.0.157.204
178.32.201.246
217.74.71.140
2600:9000:21ea:ce00:18:bcda:d600:21
2606:4700:20::681a:663
2606:4700:3033::6815:4bd5
2606:4700:3034::ac43:ab8d
2606:4700:3037::6815:1296
2606:4700:3037::6815:215b
2606:4700:3037::6815:55c1
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c1b::5e
46.242.239.227
5.149.167.161
79.133.217.178
91.134.210.116
054e34b0c2b65f834cf80547bdccd51b24e8695da30e0b5b390b6ec8c8238064
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc
0fefe8ce217d02253225049003a97624b897e4f65b30e793013e4d0f7ff12360
16ea9b5dfcdc30b5fcc45b955a8a7c4487752bd2e2b36f1fb8de992dcad7d75a
289bd735d17d654da437533c5e2dc09043a4d5b1c297df19345c865a0481800c
33215a1515c319a23598b30fea546e10dcb8cca455b42e20d8aa5e2eebd73bde
34887f9e88e066996c1b3f93272d6e5479efc53d83d91853264122a608848b75
382a79f89c0dda1e9667aab06102d78b3f4c0a5bbddd0af531b67413315d9018
41cccb8335ccc110e1f2873bd174fa4287d3bfec228bb95f58941cb5f8f7e16c
43ead0d51f7ed1fd4e60e4e7fc77f368f5baffefd029e116552eb5f1590a5467
4cc35bd3d1a775a966367ba861d5446eb88987a3bf87416303d8b604dc68a128
4ce56e9fae350168caad7b8d3807b1f66cf3f337556d85f97a9869da8581cdf5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d8b7f1b0f95ed255c932fbd2f5abecf586b88e9a5501192b811b8e24403aa94
64828432cce6fce2e512834aa936bce4147eb2961ea8de521051a017c07d03f2
750d1709b15c0bd53e22ea8627edda465c30f2b3dfab34c09f195de79f610fed
8d919905b98631ac02ce395cb20950f2379bcd9cea4f2e9f144f89a3e90e0bd1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c1a4bcfd82b2ea7025f3a5d8aaca0cec63f38c2b95806e597d8a1f7b030d2c77
cd707e6623956c7c2fd116cfd6a12b9148e423d2373a37ac0feb24a9df32f446
d194d506fe134220a4ec0617c610acc0ea397bd5a997b69f25396e5118b2b2f0
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860