lwweklski.inwestowaniepogodzinach.pl Open in urlscan Pro
2606:4700:3036::ac43:d18e Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lwweklski.inwestowaniepogodzinach.pl/
Submission: On November 23 via api (November 23rd 2022, 12:51:43 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3036::ac43:d18e, located in United States and belongs to CLOUDFLARENET, US. The main domain is lwweklski.inwestowaniepogodzinach.pl.

This is the only time lwweklski.inwestowaniepogodzinach.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3036::ac43:d18e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::6815:55c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
1	46.248.186.12 46.248.186.12	47544 (IQPL-AS) (IQPL-AS)
1 1	2606:4700:303... 2606:4700:3030::6815:3992	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::ac43:92a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.77.44.228 51.77.44.228	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3037::ac43:8926	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.208.189.116 91.208.189.116	31242 (TKPSA-AS) (TKPSA-AS)
6	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	5.134.213.18 5.134.213.18	42656 (QXL-POLAND) (QXL-POLAND)
1	162.55.172.15 162.55.172.15	24940 (HETZNER-AS) (HETZNER-AS)
1 2	51.68.140.21 51.68.140.21	16276 (OVH) (OVH)
1	89.161.210.79 89.161.210.79	12824 (HOMEPL-AS) (HOMEPL-AS)
1	18.66.147.17 18.66.147.17	16509 (AMAZON-02) (AMAZON-02)
1	212.91.26.153 212.91.26.153	15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
28	17

2 2606:4700:3036::ac43:d18e (United States)

ASN13335 (CLOUDFLARENET, US)

lwweklski.inwestowaniepogodzinach.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inwestowaniepogodzinach.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:55c1 (United States)

ASN13335 (CLOUDFLARENET, US)

lwweklski.inwestowaniepogodzinach.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.248.186.12 (Gdansk, Poland)

ASN47544 (IQPL-AS, PL)
PTR: 46-248-186-12.rev.iq.pl

photos05.redcart.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:3992 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

paczaizm.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:92a3 (United States)

ASN13335 (CLOUDFLARENET, US)

paczaizm.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.44.228 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: nidoking.ptwp.pl

pliki.rynekaptek.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8926 (United States)

ASN13335 (CLOUDFLARENET, US)

blog.moje-leczenie.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.208.189.116 (Poland)

ASN31242 (TKPSA-AS, PL)
PTR: elleman.pl

www.elleman.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.134.213.18 (Poznan, Poland)

ASN42656 (QXL-POLAND, PL)

a.allegroimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.172.15 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.15.172.55.162.clients.your-server.de

img.joemonster.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.68.140.21 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: 21.ip-51-68-140.eu

www.blasty.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.161.210.79 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver041227.home.pl

dragonus.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-17.fra60.r.cloudfront.net

em.wattpad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.91.26.153 (Warsaw, Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: web0.mydevil.net

www.partybus.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10122 4.bp.blogspot.com — Cisco Umbrella Rank: 12985 3.bp.blogspot.com — Cisco Umbrella Rank: 12751 2.bp.blogspot.com — Cisco Umbrella Rank: 13008	2 MB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 115	49 KB
4	inwestowaniepogodzinach.pl lwweklski.inwestowaniepogodzinach.pl inwestowaniepogodzinach.pl	57 KB
3	paczaizm.pl 1 redirects paczaizm.pl	167 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9992	2 KB
2	blasty.pl 1 redirects www.blasty.pl	37 KB
1	partybus.pl www.partybus.pl	150 KB
1	wattpad.com em.wattpad.com — Cisco Umbrella Rank: 598063	64 KB
1	dragonus.pl dragonus.pl	71 KB
1	joemonster.org img.joemonster.org — Cisco Umbrella Rank: 395847	72 KB
1	allegroimg.com a.allegroimg.com — Cisco Umbrella Rank: 62202	481 KB
1	elleman.pl www.elleman.pl	249 KB
1	moje-leczenie.pl blog.moje-leczenie.pl	686 KB
1	rynekaptek.pl pliki.rynekaptek.pl	34 KB
1	redcart.pl photos05.redcart.pl	2 KB
28	15

	Domain	Requested by
4	i.ytimg.com	lwweklski.inwestowaniepogodzinach.pl
3	paczaizm.pl	1 redirects lwweklski.inwestowaniepogodzinach.pl
3	lwweklski.inwestowaniepogodzinach.pl	lwweklski.inwestowaniepogodzinach.pl
2	counter.yadro.ru	1 redirects lwweklski.inwestowaniepogodzinach.pl
2	www.blasty.pl	1 redirects lwweklski.inwestowaniepogodzinach.pl
2	3.bp.blogspot.com	lwweklski.inwestowaniepogodzinach.pl
2	4.bp.blogspot.com	lwweklski.inwestowaniepogodzinach.pl
1	inwestowaniepogodzinach.pl	lwweklski.inwestowaniepogodzinach.pl
1	2.bp.blogspot.com	lwweklski.inwestowaniepogodzinach.pl
1	www.partybus.pl	lwweklski.inwestowaniepogodzinach.pl
1	em.wattpad.com	lwweklski.inwestowaniepogodzinach.pl
1	dragonus.pl	lwweklski.inwestowaniepogodzinach.pl
1	img.joemonster.org	lwweklski.inwestowaniepogodzinach.pl
1	a.allegroimg.com	lwweklski.inwestowaniepogodzinach.pl
1	1.bp.blogspot.com	lwweklski.inwestowaniepogodzinach.pl
1	www.elleman.pl	lwweklski.inwestowaniepogodzinach.pl
1	blog.moje-leczenie.pl	lwweklski.inwestowaniepogodzinach.pl
1	pliki.rynekaptek.pl	lwweklski.inwestowaniepogodzinach.pl
1	photos05.redcart.pl	lwweklski.inwestowaniepogodzinach.pl
28	19

This site contains links to these domains. Also see Links.

Domain
inwestowaniepogodzinach.pl
mszczonw21.inwestowaniepogodzinach.pl
lipsk21.inwestowaniepogodzinach.pl
iawa21.inwestowaniepogodzinach.pl
tomaszwmazowiecki21.inwestowaniepogodzinach.pl
konin21.inwestowaniepogodzinach.pl
mylenice21.inwestowaniepogodzinach.pl
krakw.inwestowaniepogodzinach.pl
katowice.inwestowaniepogodzinach.pl
nowydwrgdaski21.inwestowaniepogodzinach.pl
mylibrz21.inwestowaniepogodzinach.pl
koszalin.inwestowaniepogodzinach.pl
lublin22.inwestowaniepogodzinach.pl
siedlce22.inwestowaniepogodzinach.pl
inowrocaw22.inwestowaniepogodzinach.pl
krotoszyn.inwestowaniepogodzinach.pl
otwock22.inwestowaniepogodzinach.pl
gostynin.inwestowaniepogodzinach.pl
gostynin22.inwestowaniepogodzinach.pl
gdask23.inwestowaniepogodzinach.pl
www.liveinternet.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.redcart.pl Certum Domain Validation CA SHA2	`2022-04-22` - `2023-04-22`	a year	crt.sh
pliki.rynekaptek.pl R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
*.elleman.pl Certum Domain Validation CA SHA2	`2022-11-21` - `2023-11-21`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.allegroimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-10-06`	a year	crt.sh
img.joemonster.org R3	`2022-09-24` - `2022-12-23`	3 months	crt.sh
dragonus.pl Certyfikat SSL	`2021-12-01` - `2022-12-01`	a year	crt.sh
wattpad.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://lwweklski.inwestowaniepogodzinach.pl/
Frame ID: 4032B3C13DFC37781B972C2B68073986
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pierdol to tabletki erotyczne zadania

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

28
Requests

75 %
HTTPS

41 %
IPv6

15
Domains

19
Subdomains

17
IPs

4
Countries

4451 kB
Transfer

4704 kB
Size

2
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: http://inwestowaniepogodzinach.pl/
Title: inwestowaniepogodzinach.pl

Search URL Search Domain Scan URL

URL: https://mszczonw21.inwestowaniepogodzinach.pl/
Title: ogloszenia towarzyskie gorzow wlkp.

Search URL Search Domain Scan URL

URL: https://lipsk21.inwestowaniepogodzinach.pl/
Title: pierdolić źródłosłów

Search URL Search Domain Scan URL

URL: https://iawa21.inwestowaniepogodzinach.pl/
Title: passionate datezone

Search URL Search Domain Scan URL

URL: https://tomaszwmazowiecki21.inwestowaniepogodzinach.pl/
Title: sex klub gay warszawa

Search URL Search Domain Scan URL

URL: https://konin21.inwestowaniepogodzinach.pl/
Title: żony dziwki i kochanki

Search URL Search Domain Scan URL

URL: https://mylenice21.inwestowaniepogodzinach.pl/
Title: anonse towarzyskie ruda śląska

Search URL Search Domain Scan URL

URL: https://krakw.inwestowaniepogodzinach.pl/
Title: na wspolnej seks

Search URL Search Domain Scan URL

URL: https://katowice.inwestowaniepogodzinach.pl/
Title: ogłoszenia towarzyskie płock olx

Search URL Search Domain Scan URL

URL: https://nowydwrgdaski21.inwestowaniepogodzinach.pl/
Title: sex ogłoszenia sochaczew

Search URL Search Domain Scan URL

URL: https://mylibrz21.inwestowaniepogodzinach.pl/
Title: tekst szukam dziewczyny

Search URL Search Domain Scan URL

URL: https://koszalin.inwestowaniepogodzinach.pl/
Title: seks ogłoszenia transwestytów

Search URL Search Domain Scan URL

URL: https://lublin22.inwestowaniepogodzinach.pl/
Title: dziewczyny na sex rzeszow

Search URL Search Domain Scan URL

URL: https://siedlce22.inwestowaniepogodzinach.pl/
Title: smieszne filmy erotyczne

Search URL Search Domain Scan URL

URL: https://inowrocaw22.inwestowaniepogodzinach.pl/
Title: starsza pani szuka mlodego pana

Search URL Search Domain Scan URL

URL: https://krotoszyn.inwestowaniepogodzinach.pl/
Title: oferty sex olsztyn

Search URL Search Domain Scan URL

URL: https://otwock22.inwestowaniepogodzinach.pl/
Title: poznam pana nowy sącz

Search URL Search Domain Scan URL

URL: https://gostynin.inwestowaniepogodzinach.pl/
Title: sex oferty opole lubelskie

Search URL Search Domain Scan URL

URL: https://gostynin22.inwestowaniepogodzinach.pl/
Title: seks video

Search URL Search Domain Scan URL

URL: https://gdask23.inwestowaniepogodzinach.pl/
Title: tablica pl towarzyskie

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;pldat3

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg HTTP 302
https://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg

Request Chain 15

http://www.blasty.pl/upload/images/large/2016/10/mnie-nie-wkurwiaj_2016-10-12_08-31-23.jpg HTTP 301
https://www.blasty.pl/upload/images/large/2016/10/mnie-nie-wkurwiaj_2016-10-12_08-31-23.jpg

Request Chain 24

https://counter.yadro.ru/hit;pldat3?t57.6;r;s1600*1200*24;uhttp%3A//lwweklski.inwestowaniepogodzinach.pl/;hPierdol%20to%20tabletki%20erotyczne%20zadania;0.39056223939549906 HTTP 302
https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttp%3A//lwweklski.inwestowaniepogodzinach.pl/;hPierdol%20to%20tabletki%20erotyczne%20zadania;0.39056223939549906

28 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lwweklski.inwestowaniepogodzinach.pl/ 320 KB
56 KB 1917ms
1864ms Document
text/html 2606:4700:3036::ac43:d18e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:d18e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 8634108f743a6a161bac83bfd4966a5fc4f6e648092d09143a0e0ea0028edf82

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 76ea0986cc39c4c2-DUS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Nov 2022 12:51:37 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNIa10TRgb962Sa1KNnBJgk7U5uOZXCYtLxEgXKT4%2BdwZfDVc%2BwCFxPDY%2FnZYbg%2FfqHkOC3%2FKLuk03U0IO0VGRhoFQMK5x0IW90q0l4CzvcMe3vnDoQqgkPjoSc4JI%2FH25hJNy5Pf7kBUwF%2BvLYMlUXWpObvo2oetRmrRbeyMtwWqDw%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gdxwfkw.js Show response
lwweklski.inwestowaniepogodzinach.pl/ 1022 B
1 KB 973ms
886ms Script
application/javascript 2606:4700:3037::6815:55c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lwweklski.inwestowaniepogodzinach.pl/gdxwfkw.js?0.7606803314580932&q=cGllcmRvbCB0byB0YWJsZXRraQ==
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: d79e42205a695ea885c46f6c87dcdcbe56d8a01d96cb353d33184a106186eca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Nov 2022 12:51:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9B4gHjwdlKZrUbcHPNbyxUFTX81WJ33Tbr21yGD39Z7nCWabRXxydVNyxJ794%2FCY0c%2FSJzmy4OwozwPi7J4o6icnbr1MZnKDnCyMKgaZozQDTwobBkuMuWAgMn37vpsrqialScot6z%2BPv7W4%2FKw0COpEGn7afVAf7D%2FapLq8P%2FHOvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 76ea09935ccb900c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/1yZ3PHdlmQE/ 10 KB
10 KB 209ms
120ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1yZ3PHdlmQE/hqdefault.jpg

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c559cf87c202add4af35e7509b48c756bc07e07f38d0f276229d805394f2ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9842
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 23 Nov 2022 14:51:38 GMT

GET
H2 200 b83625466c56ec111b8d9bc475f7f2e6.jpg
photos05.redcart.pl/templates/images/thumb/15322/%7B%7Brcx%7D%7D/%7B%7Brcy%7D%7D/pl/0/templates/images/products/15322/ 2 KB
2 KB 231ms
70ms Image
image/jpeg 46.248.186.12
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos05.redcart.pl/templates/images/thumb/15322/%7B%7Brcx%7D%7D/%7B%7Brcy%7D%7D/pl/0/templates/images/products/15322/b83625466c56ec111b8d9bc475f7f2e6.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.248.186.12 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 46-248-186-12.rev.iq.pl
Software: nginx/1.18.0 /
Resource Hash: 828a173d2e064e20a3d756031bb71fef55f81a590cbaa161c1932e71ac25ac93

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Fri, 23 Dec 2022 12:51:38 GMT
date: Wed, 23 Nov 2022 12:51:38 GMT
last-modified: Wed, 23 Nov 2022 11:28:25 GMT
server: nginx/1.18.0
x-backend: static
etag: "637e03d9-690"
content-type: image/jpeg
cache-control: max-age=2592000
x-server: s5
accept-ranges: bytes
content-length: 1680
x-static: static_rc:static1

GET
H2

200

eutanazol-lek-na-wszystko-schopenhauer.jpg
paczaizm.pl/content/wp-content/uploads/
Redirect Chain

http://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg
https://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg

106 KB
107 KB

108ms
108ms

Image
image/jpeg

2606:4700:3033::ac43:92a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Server: 2606:4700:3033::ac43:92a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b1f19a15b9773b679d43884e6d1ba388cabe54b921a9596f290b7e7d0436bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 108884
last-modified: Wed, 17 Jan 2018 20:22:21 GMT
server: cloudflare
etag: "1a954-5a5fb07d-4bafa7776d1ee8a5;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AFQeR8a%2FDf7KQVKU6GsxN%2BFMuN7KpXBJfjbuGV0vuwv3tNWC8Zkwn7%2FH9gPjipeva7aFjhBdQh7hud6HD5v6PaZy2%2Bl734bAZ9gXFXKEbKYZaHSmYILmnlesCI%2BH33rgrl7T1HqkYfGZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 76ea0993cc0d7a52-DUS
expires: Fri, 23 Dec 2022 12:51:37 GMT

Redirect headers

Date: Wed, 23 Nov 2022 12:51:38 GMT
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eId%2FB0TArcrPFiGT7xlAZ57HVclRYeAV8sa87PAp%2BEhFfDPNguW3%2BKp0gPnIDIWPb88myZIChIbzJMNZSPtSW8ICe1oxbfKtnZkZLIWxEEZzX1C7r3scsHAWb9rwNSX00YKlefXteNdw3g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
location: https://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 76ea09933a9d7175-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 004918_r0_620.jpg
pliki.rynekaptek.pl/i/00/49/18/ 34 KB
34 KB 328ms
65ms Image
image/jpeg 51.77.44.228
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pliki.rynekaptek.pl/i/00/49/18/004918_r0_620.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.77.44.228 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: nidoking.ptwp.pl
Software: Apache/2.4.38 /
Resource Hash: b112adf3ad512c5d26320f7ef1c1a1112e0f59f7cb6e04d72d5a8e838f7ddf1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
last-modified: Mon, 21 Mar 2016 12:28:24 GMT
server: Apache/2.4.38
etag: "867d-52e8e3b9e0a00"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34429
expires: Fri, 23 Dec 2022 12:51:38 GMT

GET
H/1.1 200
OK ewa.jpg
blog.moje-leczenie.pl/wp-content/uploads/2014/01/ 686 KB
686 KB 310ms
228ms Image
image/jpeg 2606:4700:3037::ac43:8926
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://blog.moje-leczenie.pl/wp-content/uploads/2014/01/ewa.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:8926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be6305829cd3331f1afd096ec24c41864a6c3992e719ef8c38e3174fa1554c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 12:51:38 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 13 Jan 2014 13:53:04 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "b9d7ce-ab701-4efda6519d0dc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy1CSjUM9PnqsKHlZFajVq%2BvDUDoPqrptrzL7N3So4FXK6m52170pwwYgVnHrSj6YH5w4cF7K%2BDkC62FBqcPv5pi7r9llkMO6hVmqPwsSxneUql0pxBRhgtvCKsIefHhjaAlj2U%2BU8oDchiR4p1YSpWXIC4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 76ea09935f0391f3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 702209

GET
H2 200 c87b87e691f5dc8d60df0aa183e5aeb5d5900486.jpeg
www.elleman.pl/uploads/media/default/0005/43/ 247 KB
249 KB 346ms
51ms Image
image/jpeg 91.208.189.116
TKPSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elleman.pl/uploads/media/default/0005/43/c87b87e691f5dc8d60df0aa183e5aeb5d5900486.jpeg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.208.189.116 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: elleman.pl
Software: XXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash: 89c7cb67721c0a03c31dbc64a323658031dab173718ba3b6546b040244ec9357

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Wed, 07 Dec 2022 11:28:25 GMT
date: Wed, 23 Nov 2022 11:28:25 GMT
x-cache-rule: YES with ttl: 86400.000
via: 1.1 varnish (Varnish/6.5)
last-modified: Wed, 12 Aug 2020 13:44:21 GMT
server: XXXXXXXXXXXXXXXXXXXXXXX
age: 4992
etag: "3dde5-5acae6297bc02"
x-cache: HIT
content-type: image/jpeg
x-varnish: 83428931 83275921
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 253413
x-cache-hits: 1

GET
H2 200 146545681b7201fb68cbebc67815de3fe88.png
1.bp.blogspot.com/-_7RjtGsZPAo/VxCDa9Pjv_I/AAAAAAAAwNE/iV8MdAzEhHM0xNmxkvSY0JEBAdfP1rEjwCLcB/s1600/ 109 KB
110 KB 551ms
458ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_7RjtGsZPAo/VxCDa9Pjv_I/AAAAAAAAwNE/iV8MdAzEhHM0xNmxkvSY0JEBAdfP1rEjwCLcB/s1600/146545681b7201fb68cbebc67815de3fe88.png

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a69ad1c4c5aa9034efa9af57c196b0bd5b5a485007dcad48fd2b047ab0b90184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vc0d4"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="146545681b7201fb68cbebc67815de3fe88.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111993
x-xss-protection: 0
expires: Thu, 24 Nov 2022 12:51:38 GMT

GET
H2 200 SSA56524.JPG
4.bp.blogspot.com/-clp4BYb4RoE/VN9dUReYCoI/AAAAAAAAF00/G5uvVOk_Kn0/s1600/ 306 KB
306 KB 466ms
365ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-clp4BYb4RoE/VN9dUReYCoI/AAAAAAAAF00/G5uvVOk_Kn0/s1600/SSA56524.JPG

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

63b948b4e84b54c1d931d29f2bec7031947a51f12c7cfe64716b3a5168ebcaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v174e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SSA56524.JPG"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313163
x-xss-protection: 0
expires: Thu, 24 Nov 2022 12:51:38 GMT

GET
H2 200 DSC_1094-1.JPG
3.bp.blogspot.com/-KWDfpUwzi1g/VXamXiKPB8I/AAAAAAAACwo/Fw7H0dLL2Ig/s1600/ 309 KB
309 KB 539ms
426ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-KWDfpUwzi1g/VXamXiKPB8I/AAAAAAAACwo/Fw7H0dLL2Ig/s1600/DSC_1094-1.JPG

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e0819409ca098381a786104f36c10ddce094e93c73e9c695aa7ac1a29feacd9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vb0b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DSC_1094-1.JPG"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316098
x-xss-protection: 0
expires: Thu, 24 Nov 2022 12:51:38 GMT

GET
H2 200 KOSTKI-DO-GRY-EROTYCZNEJ-ZADANIA-GRA-WSTEPNA
a.allegroimg.com/original/0397cb/638519af4dac8d08bee2e8e1d1ca/ 480 KB
481 KB 517ms
58ms Image
image/jpeg 5.134.213.18
QXL-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.allegroimg.com/original/0397cb/638519af4dac8d08bee2e8e1d1ca/KOSTKI-DO-GRY-EROTYCZNEJ-ZADANIA-GRA-WSTEPNA

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.134.213.18 Poznan, Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

e81a2d23a1a6b6c389bdd365c90eb3731df79f6abf7d9a31adbff59ec3020c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
accept-ch: Width
etag: "8fde0c8c5934aa8df8dabb22b01c29e3"
vary: Accept
accept-ch-lifetime: 86400
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: https://allegro.pl, http://allegro.pl
content-length: 491641

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/IndZWqvLMi8/ 10 KB
10 KB 145ms
83ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/IndZWqvLMi8/hqdefault.jpg

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5231141fbe567a7f08cfc9fc1247fe642e2803adebe2cff0baa6520adb1b50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10104
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 23 Nov 2022 14:51:38 GMT

GET
H2 200 NK%2B-%2BKarty%2BMegamocy.png
4.bp.blogspot.com/-6a4Q9fsE23U/WKYYmWliK4I/AAAAAAAAHE0/UgiMBeRqzOsMsXKNAQ4Etf7NH7EldGMjwCLcB/s1600/ 802 KB
803 KB 662ms
584ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-6a4Q9fsE23U/WKYYmWliK4I/AAAAAAAAHE0/UgiMBeRqzOsMsXKNAQ4Etf7NH7EldGMjwCLcB/s1600/NK%2B-%2BKarty%2BMegamocy.png

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

24def96989d5546f9aeffb57da5a6e9de9a90d0c334d4382ad31ac11e77b0f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c52"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NK - Karty Megamocy.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 821603
x-xss-protection: 0
expires: Thu, 24 Nov 2022 12:51:38 GMT

GET
H2 200 demot-155-468.jpg
img.joemonster.org/i/2015/12/ 71 KB
72 KB 243ms
140ms Image
image/jpeg 162.55.172.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.joemonster.org/i/2015/12/demot-155-468.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.172.15 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.15.172.55.162.clients.your-server.de
Software: nginx /
Resource Hash: f5d369c987be3f4376752c009c2640d60f27810f02d7018f832b2b7112e411c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
last-modified: Sun, 20 Dec 2015 08:57:35 GMT
server: nginx
etag: "56766d7f-11bc3"
vary: Origin, Origin
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS
content-type: image/jpeg
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=1728000
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 72643
expires: Tue, 13 Dec 2022 12:51:38 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/nVYQ6UxLgIQ/ 16 KB
16 KB 152ms
89ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/nVYQ6UxLgIQ/hqdefault.jpg

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e9d2a82042d02ea43beb73f1e66df2f47bc6e56558741faaa1a17c61e516cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16504
x-xss-protection: 0
server: sffe
etag: "1553980767"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 23 Nov 2022 14:51:38 GMT

GET
H/1.1

200
OK

mnie-nie-wkurwiaj_2016-10-12_08-31-23.jpg
www.blasty.pl/upload/images/large/2016/10/
Redirect Chain

http://www.blasty.pl/upload/images/large/2016/10/mnie-nie-wkurwiaj_2016-10-12_08-31-23.jpg
https://www.blasty.pl/upload/images/large/2016/10/mnie-nie-wkurwiaj_2016-10-12_08-31-23.jpg

37 KB
37 KB

299ms
120ms

Image
image/jpeg

51.68.140.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blasty.pl/upload/images/large/2016/10/mnie-nie-wkurwiaj_2016-10-12_08-31-23.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: HTTP/1.1
Server: 51.68.140.21 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: 21.ip-51-68-140.eu
Software: nginx/1.10.3 /
Resource Hash: ce08e55713142bf9e28558fcc59410998fe609f38928759ea2661466d20a48e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 12:51:38 GMT
Last-Modified: Sun, 18 Feb 2018 18:16:14 GMT
Server: nginx/1.10.3
ETag: "5a89c2ee-9350"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37712

Redirect headers

Location: https://www.blasty.pl/upload/images/large/2016/10/mnie-nie-wkurwiaj_2016-10-12_08-31-23.jpg
Date: Wed, 23 Nov 2022 12:51:38 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 185
Content-Type: text/html

GET
H2 200 gra%2Bdla%2Bdoros%25C5%2582ych%2Bgra%2Bdla%2Bpar%2Bgierki%2Bma%25C5%2582%25C5%25BCe%25C5%2584skie%2Brysunki%2BAndrzej%2BMleczko%2B%2B%252818%2529.JPG
3.bp.blogspot.com/-TsfuxAr1ey8/WVFESg5ZfrI/AAAAAAAAv5o/O1vQDnbKocYNAWEcRlEFeoC9QHm427AUACEwYBhgL/s1600/ 270 KB
271 KB 380ms
290ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-TsfuxAr1ey8/WVFESg5ZfrI/AAAAAAAAv5o/O1vQDnbKocYNAWEcRlEFeoC9QHm427AUACEwYBhgL/s1600/gra%2Bdla%2Bdoros%25C5%2582ych%2Bgra%2Bdla%2Bpar%2Bgierki%2Bma%25C5%2582%25C5%25BCe%25C5%2584skie%2Brysunki%2BAndrzej%2BMleczko%2B%2B%252818%2529.JPG

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

02c057d37e31fcc57063c91cf334c7b8feecfacc5e2350cbb305ef6b7a449ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vbfa7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gra dla doros_ych gra dla par gierki ma__e_skie rysunki Andrzej Mleczko (18).JPG";filename*=UTF-8''gra%20dla%20doros%C5%82ych%20gra%20dla%20par%20gierki%20ma%C5%82%C5%BCe%C5%84skie%20rysunki%20Andrzej%20Mleczko%20%20(18).JPG
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 276553
x-xss-protection: 0
expires: Thu, 24 Nov 2022 12:51:38 GMT

GET
H2 200 niepierdol-max-tabletki-lek-na-wszystko.jpg
paczaizm.pl/content/wp-content/uploads/ 59 KB
60 KB 135ms
49ms Image
image/jpeg 2606:4700:3033::ac43:92a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paczaizm.pl/content/wp-content/uploads/niepierdol-max-tabletki-lek-na-wszystko.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:92a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b71a4c8e62ae25cc4a0e19021dca08e7b162c41bd5135040a8fa77314ef39148

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2344264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60325
last-modified: Wed, 11 Apr 2018 12:39:02 GMT
server: cloudflare
etag: "eba5-5ace01e6-5a4547032deb4f65;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIWmthkIKd3xouLK71lWnwi%2FsracrAE7kQTv2Yq3cwnff%2BxcqFg0rz2lQhmNzL3hotaTApfwjIAica71u4JFIzzWNu96jEFR%2FtQCOSyCbUq8fC2CcrP2hP%2BPvLoM%2F9TgBK4cBVgnM%2F%2BCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 76ea09938b867a52-DUS
expires: Sat, 26 Nov 2022 09:40:33 GMT

GET
H2 200 0_0_productGfx_5073c34816e00342dff39dbcac3a155f.jpg
dragonus.pl/environment/cache/images/ 71 KB
71 KB 314ms
145ms Image
image/jpeg 89.161.210.79
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dragonus.pl/environment/cache/images/0_0_productGfx_5073c34816e00342dff39dbcac3a155f.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.161.210.79 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS: cloudserver041227.home.pl
Software: IdeaWebServer/5.1.0 /
Resource Hash: e5b8f90d9c96af27fd7523b31261761145924861430c2c5ce2a0cd86b9d4c545

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:36 GMT
last-modified: Thu, 20 Aug 2020 18:18:19 GMT
server: IdeaWebServer/5.1.0
content-length: 72642
content-type: image/jpeg

GET
H2 200 68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f776174747061642d6d656469612d736572766963652f53746f7279496d6167652f74486e484d392d4c6b57394e50773d3d2d31342e31346163663261643137333039663039313933363...
em.wattpad.com/2a472b9d19774752d8c71051c5d4ca6cda31185e/ 64 KB
64 KB 317ms
215ms Image
image/jpeg 18.66.147.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://em.wattpad.com/2a472b9d19774752d8c71051c5d4ca6cda31185e/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f776174747061642d6d656469612d736572766963652f53746f7279496d6167652f74486e484d392d4c6b57394e50773d3d2d31342e313461636632616431373330396630393139333630303034353934372e6a7067?s=fitu0026w=720u0026h=720

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-17.fra60.r.cloudfront.net

Software

Resource Hash

b883482304cd4f56b145f2b53da09ef4f4e6ddd1e5814226c2d2fea6c0ead640

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 03 Jun 2022 03:51:51 GMT
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
etag: "28440506799c1a30362f31e4646ad01d"
x-frame-options: deny
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-kamu-host: https://www.media-proxy.com
x-amz-cf-id: VFjTxzQGo_9orC5X1kzlHRhnXcORICsNf9r5bvLDkXGNS0tgCTgQZQ==
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK zadania-dla-panny-m%C5%82odej.jpg
www.partybus.pl/wp-content/uploads/2015/02/ 150 KB
150 KB 337ms
56ms Image
image/jpeg 212.91.26.153
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.partybus.pl/wp-content/uploads/2015/02/zadania-dla-panny-m%C5%82odej.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: HTTP/1.1
Server: 212.91.26.153 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: web0.mydevil.net
Software: nginx /
Resource Hash: cfb264fcc3adc825976529ccddeb62dd03d9996fe98392e11637a7f367625a28

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 12:51:37 GMT
Last-Modified: Thu, 05 Mar 2015 14:19:11 GMT
Server: nginx
ETag: "54f865df-25749"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 153417
Expires: Fri, 23 Dec 2022 12:51:37 GMT

GET
H2 200 BOOK%2BCHALLENGE%2B2016.png
2.bp.blogspot.com/-TP4HPtAPSsA/VofeyQcgjSI/AAAAAAAACDM/XLAwSHS8zEE/s640/ 531 KB
532 KB 655ms
554ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-TP4HPtAPSsA/VofeyQcgjSI/AAAAAAAACDM/XLAwSHS8zEE/s640/BOOK%2BCHALLENGE%2B2016.png

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ceb8e3cd5ffb829d95e51a5eed8fde838612c0ccb2685c4feef87e46c2ae7db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v834"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BOOK CHALLENGE 2016.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 544152
x-xss-protection: 0
expires: Thu, 24 Nov 2022 12:51:38 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/M6wRnouGZFQ/ 13 KB
13 KB 49ms
48ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/M6wRnouGZFQ/hqdefault.jpg

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d03fae0e62a32a8c4546bca1b54a3ad2ffb8cc1b4eea70f4b55ed6254526aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:51:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12970
x-xss-protection: 0
server: sffe
etag: "1550477352"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 23 Nov 2022 14:51:38 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;pldat3
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;pldat3?t57.6;r;s1600*1200*24;uhttp%3A//lwweklski.inwestowaniepogodzinach.pl/;hPierdol%20to%20tabletki%20erotyczne%20zadania;0.39056223939549906
https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttp%3A//lwweklski.inwestowaniepogodzinach.pl/;hPierdol%20to%20tabletki%20erotyczne%20zadania;0.39056223939549906

911 B
1 KB

75ms
75ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttp%3A//lwweklski.inwestowaniepogodzinach.pl/;hPierdol%20to%20tabletki%20erotyczne%20zadania;0.39056223939549906

Requested by

Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 12:51:38 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 911
Expires: Mon, 22 Nov 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 12:51:38 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttp%3A//lwweklski.inwestowaniepogodzinach.pl/;hPierdol%20to%20tabletki%20erotyczne%20zadania;0.39056223939549906
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 22 Nov 2021 21:00:00 GMT

GET
H2 404 invester1.jpg
inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/ 0
0 917ms
800ms Image
text/html 2606:4700:3036::ac43:d18e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/invester1.jpg
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d18e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 404 gohryea.gif
lwweklski.inwestowaniepogodzinach.pl/ 0
0 129ms
84ms Image
text/html 2606:4700:3037::6815:55c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lwweklski.inwestowaniepogodzinach.pl/gohryea.gif?ref=&url=http%3A//lwweklski.inwestowaniepogodzinach.pl/&scr=1600x1200&q=1669207898&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&0.9028398126261195
Requested by: Host: lwweklski.inwestowaniepogodzinach.pl
URL: http://lwweklski.inwestowaniepogodzinach.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lwweklski.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET wgqvujf.js
lwweklski.inwestowaniepogodzinach.pl/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lwweklski.inwestowaniepogodzinach.pl
URL: https://lwweklski.inwestowaniepogodzinach.pl/wgqvujf.js?get=1&q=1669207898&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&0.06078047087871674

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| roepmbe object| ztbmpcl string| q object| owzdubw

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.yadro.ru/	1970-01-20 16:24:46	Name: FTID Value: 1ZVXTQ2i9UeR1ZVXTQ003T2T
			.yadro.ru/	1970-01-20 16:24:46	Name: VID Value: 1km6-q1sAmeR1ZVXTQ003T34

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/invester1.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lwweklski.inwestowaniepogodzinach.pl/gohryea.gif?ref=&url=http%3A//lwweklski.inwestowaniepogodzinach.pl/&scr=1600x1200&q=1669207898&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&0.9028398126261195 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: http://lwweklski.inwestowaniepogodzinach.pl/ Message: Access to XMLHttpRequest at 'https://lwweklski.inwestowaniepogodzinach.pl/wgqvujf.js?get=1&q=1669207898&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&0.06078047087871674' from origin 'http://lwweklski.inwestowaniepogodzinach.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://lwweklski.inwestowaniepogodzinach.pl/wgqvujf.js?get=1&q=1669207898&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&0.06078047087871674 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a.allegroimg.com
blog.moje-leczenie.pl
counter.yadro.ru
dragonus.pl
em.wattpad.com
i.ytimg.com
img.joemonster.org
inwestowaniepogodzinach.pl
lwweklski.inwestowaniepogodzinach.pl
paczaizm.pl
photos05.redcart.pl
pliki.rynekaptek.pl
www.blasty.pl
www.elleman.pl
www.partybus.pl
lwweklski.inwestowaniepogodzinach.pl
162.55.172.15
18.66.147.17
212.91.26.153
2606:4700:3030::6815:3992
2606:4700:3033::ac43:92a3
2606:4700:3036::ac43:d18e
2606:4700:3037::6815:55c1
2606:4700:3037::ac43:8926
2a00:1450:4001:802::2001
2a00:1450:4001:830::2016
46.248.186.12
5.134.213.18
51.68.140.21
51.77.44.228
88.212.202.52
89.161.210.79
91.208.189.116
02c057d37e31fcc57063c91cf334c7b8feecfacc5e2350cbb305ef6b7a449ff0
07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07
0c559cf87c202add4af35e7509b48c756bc07e07f38d0f276229d805394f2ed5
0e9d2a82042d02ea43beb73f1e66df2f47bc6e56558741faaa1a17c61e516cae
1d03fae0e62a32a8c4546bca1b54a3ad2ffb8cc1b4eea70f4b55ed6254526aef
24def96989d5546f9aeffb57da5a6e9de9a90d0c334d4382ad31ac11e77b0f14
63b948b4e84b54c1d931d29f2bec7031947a51f12c7cfe64716b3a5168ebcaa7
6b1f19a15b9773b679d43884e6d1ba388cabe54b921a9596f290b7e7d0436bbf
828a173d2e064e20a3d756031bb71fef55f81a590cbaa161c1932e71ac25ac93
8634108f743a6a161bac83bfd4966a5fc4f6e648092d09143a0e0ea0028edf82
89c7cb67721c0a03c31dbc64a323658031dab173718ba3b6546b040244ec9357
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a69ad1c4c5aa9034efa9af57c196b0bd5b5a485007dcad48fd2b047ab0b90184
b112adf3ad512c5d26320f7ef1c1a1112e0f59f7cb6e04d72d5a8e838f7ddf1c
b71a4c8e62ae25cc4a0e19021dca08e7b162c41bd5135040a8fa77314ef39148
b883482304cd4f56b145f2b53da09ef4f4e6ddd1e5814226c2d2fea6c0ead640
be6305829cd3331f1afd096ec24c41864a6c3992e719ef8c38e3174fa1554c01
ce08e55713142bf9e28558fcc59410998fe609f38928759ea2661466d20a48e7
ceb8e3cd5ffb829d95e51a5eed8fde838612c0ccb2685c4feef87e46c2ae7db4
cfb264fcc3adc825976529ccddeb62dd03d9996fe98392e11637a7f367625a28
d79e42205a695ea885c46f6c87dcdcbe56d8a01d96cb353d33184a106186eca3
e0819409ca098381a786104f36c10ddce094e93c73e9c695aa7ac1a29feacd9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b8f90d9c96af27fd7523b31261761145924861430c2c5ce2a0cd86b9d4c545
e81a2d23a1a6b6c389bdd365c90eb3731df79f6abf7d9a31adbff59ec3020c1c
f5231141fbe567a7f08cfc9fc1247fe642e2803adebe2cff0baa6520adb1b50f
f5d369c987be3f4376752c009c2640d60f27810f02d7018f832b2b7112e411c1

lwweklski.inwestowaniepogodzinach.pl Open in urlscan Pro 2606:4700:3036::ac43:d18e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

75 %HTTPS

41 %IPv6

15 Domains

19 Subdomains

17 IPs

4 Countries

4451 kBTransfer

4704 kBSize

2 Cookies

21 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

lwweklski.inwestowaniepogodzinach.pl Open in urlscan Pro
2606:4700:3036::ac43:d18e Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

75 %
HTTPS

41 %
IPv6

15
Domains

19
Subdomains

17
IPs

4
Countries

4451 kB
Transfer

4704 kB
Size

2
Cookies

28 HTTP transactions
1 data transactions