urlscan.io logo urlscan.io
SecurityTrails logo

1r2.pl Open in urlscan Pro
13.225.63.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1r2.pl/locale/uk
Effective URL: https://1r2.pl/
Submission: On March 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 11 domains to perform 27 HTTP transactions. The main IP is 13.225.63.57, located in United States and belongs to AMAZON-02, US. The main domain is 1r2.pl.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 6th 2023. Valid for: a year.
This is the only time 1r2.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    13.225.63.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-78.ewr53.r.cloudfront.net
1r2.pl
2    13.225.63.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-57.ewr53.r.cloudfront.net
1r2.pl
3    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)
fonts.bunny.net
5    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    108.138.128.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-25.jfk50.r.cloudfront.net
assets.flexl.ink
2    2607:f8b0:4006:80d::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
10 flexl.ink
assets.flexl.ink
346 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 387
114 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
259 KB
3 1r2.pl
1r2.pl
120 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
1 KB
1 gstatic.com
www.gstatic.com
197 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
247 B
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1234
7 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
199 KB
1 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 14384
1 KB
27 11
Domain Requested by
10 assets.flexl.ink 1r2.pl
cdnjs.cloudflare.com
5 cdnjs.cloudflare.com 1r2.pl
3 www.googletagmanager.com 1r2.pl
www.googletagmanager.com
3 1r2.pl 2 redirects
2 www.google.com 1r2.pl
1 www.gstatic.com www.google.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 unpkg.com 1r2.pl
1 cdn.jsdelivr.net 1r2.pl
1 fonts.bunny.net 1r2.pl
27 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
1r2.pl
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
fonts.bunny.net
R3		 2024-02-25 -
2024-05-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
flexl.ink
Amazon RSA 2048 M03		 2023-10-23 -
2024-11-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://1r2.pl/
Frame ID: 970DD7330B64C8C540CC66E7E174CDA8
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FlexLink - короткі посилання та реклама | FlexLink

Page URL History Show full URLs

  1. http://1r2.pl/locale/uk HTTP 301
    https://1r2.pl/locale/uk HTTP 302
    https://1r2.pl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]{1,512}\bwire:
  • livewire(?:\.min)?\.js
Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

27
Requests

100 %
HTTPS

75 %
IPv6

11
Domains

11
Subdomains

11
IPs

1
Countries

1244 kB
Transfer

3446 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1r2.pl/locale/uk HTTP 301
    https://1r2.pl/locale/uk HTTP 302
    https://1r2.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1r2.pl/
Redirect Chain
  • http://1r2.pl/locale/uk
  • https://1r2.pl/locale/uk
  • https://1r2.pl/
118 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-57.ewr53.r.cloudfront.net
Software
/
Resource Hash
5d81d52381109f82486305d77b437ba13d915fd1763b043fb76dea5578235a1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-length
120362
content-type
text/html; charset=UTF-8
date
Mon, 18 Mar 2024 20:51:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
via
1.1 6bee7b982f10ef7095c00bdf38581dd2.cloudfront.net (CloudFront)
x-amz-apigw-id
U19ktEr8joEEpDQ=
x-amz-cf-id
BiSGDfJcsQrFhrjcgrOUWEfnpOCil7cmzsnSIVl3shXDxBfBidJ5nw==
x-amz-cf-pop
EWR53-C1
x-amzn-remapped-date
Mon, 18 Mar 2024 20:51:29 GMT
x-amzn-requestid
bc6e1d82-9b5b-4f59-a5db-01716d7aa2a8
x-amzn-trace-id
Root=1-65f8a951-1430d7070858b403449f5cc3;Parent=34510cd818d2b546;Sampled=0;lineage=decfeba3:0
x-cache
Miss from cloudfront

Redirect headers

cache-control
no-cache, private
content-length
302
content-type
text/html; charset=UTF-8
date
Mon, 18 Mar 2024 20:51:28 GMT
location
https://1r2.pl
via
1.1 6bee7b982f10ef7095c00bdf38581dd2.cloudfront.net (CloudFront)
x-amz-apigw-id
U19kpGO8DoEELJg=
x-amz-cf-id
SXeZzfNuv5TEAm2_p2e-U1Udn0P6BWAxHlCR5GtIYQSmSLVP8TrT6w==
x-amz-cf-pop
EWR53-C1
x-amzn-remapped-date
Mon, 18 Mar 2024 20:51:28 GMT
x-amzn-requestid
6ff33c70-8198-4419-bdae-5c479f20f54b
x-amzn-trace-id
Root=1-65f8a950-7cbe000145c6084b35bc8be2;Parent=08985da6dadf7fe3;Sampled=0;lineage=decfeba3:0
x-cache
Miss from cloudfront
js
www.googletagmanager.com/gtag/ 		269 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VR3E3ZDS1K
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c219a1f4975a19e1b6185547f3a8d8ded4630edb0cc856d8ad9378282e49825
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93000
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Mar 2024 20:51:29 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-965162298
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa9f5e622e229728c58c2c8775570b8b4556dd364d9cdf3f644a26c9e9691363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85958
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:10:09 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Mar 2024 20:51:29 GMT
css2
fonts.bunny.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css2?family=Nunito:wght@400;600;700&display=swap
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
ea3c0d239c7156c0ea9c86096a29d450cdf19b211125db9f0be7d2a2eff6f53f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
02/22/2024 20:06:37
cdn-pullzone
781720
last-modified
Thu, 22 Feb 2024 20:06:37 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
e8775016570dba5e8c3dd48199134a3c
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://1r2.pl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
241437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28112
last-modified
Wed, 21 Dec 2022 00:05:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63a24ddb-6dd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mgJPuljB7hUzPsNT6ee2ogYsrWY4lLbUiy7C%2BOFmPyKjGplkq180LY06V4BwHAqgG8FRDI3G8CohfKB52mHouYEMMJ4JAB2x0%2BoWh127oWEKBy0OrtCGLQWOfKEO4H8PlE4TcGp6dzjvakdXBAnD9nb0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
866819dd3c684bcc-BUF
expires
Sat, 08 Mar 2025 20:51:29 GMT
app-25b40daf.css
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/build/assets/ 		177 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/build/assets/app-25b40daf.css
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25b40dafb19ec7b40a710e8972780a03ec22ef69a99b59d01d21467665b8bf00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 18:29:59 GMT
content-encoding
br
via
1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
last-modified
Mon, 18 Mar 2024 18:05:41 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
8491
etag
W/"bb430bf144b57a1df5ae2c89d5a53d17"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-id
iGfDkeXS18Rir9pX3IEjzGK-WsLMn-jGFRjZFhgmfQnMGlyhiyhukw==
expires
Thu, 18 Apr 2024 12:41:38 GMT
app-12789d71.js
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/build/assets/ 		276 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/build/assets/app-12789d71.js
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
047cd1182cbd35e029f30c6c5948cf0aa1f024e9d86cf8800966e55249a37e1a

Request headers

Referer
https://1r2.pl/
Origin
https://1r2.pl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 18:29:59 GMT
content-encoding
br
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
8491
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 18 Mar 2024 18:05:41 GMT
server
AmazonS3
etag
W/"3d0fd0e90945831581452fc87f8e4b31"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, PUT, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
LS-B2Vc1uJjM0_2igAIo_3SYCUwRTIdOiibz3_Q_GzA-kgYjWHl16w==
expires
Tue, 16 Apr 2024 01:29:24 GMT
lottie-player.min.js
cdnjs.cloudflare.com/ajax/libs/lottie-player/1.6.2/ 		350 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.6.2/lottie-player.min.js
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3b411d9ab4a983a8c76ca4391ac0988696e00122d1fa53f9ad59417daac7b8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://1r2.pl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77371
last-modified
Wed, 07 Dec 2022 23:36:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63912395-12e3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjRhWGNCGeZ3YWmqhCGu5sx%2F8FsOWK%2Fvnvng1NYHOLWHyX9mepGF4Knu19TQiy8aV9mdkAoVFpNLjAfHKg894OtPItM49PF8SLnydyMdOerEsmrZI4GRwA4JUTe%2FCWxe%2F3bnbMXkaA5uiCViVBNrWY7k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
866819dd3c694bcc-BUF
expires
Sat, 08 Mar 2025 20:51:29 GMT
aos.css
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.css
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://1r2.pl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
241486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1438
last-modified
Mon, 04 May 2020 16:05:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d5d-65c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMOJhcOCe3i5UP0PTXyy9Fd14NRtZDQ%2BwsnFNdcrtEyz5Pq4HRrMp4%2F2rkp%2B6P7A4ktkq1J3JyUsWmCAxzhG0fKpbX79hM4wdVoQY70aRCZHNHHEuPFEtY9P5OPAdfVu4g%2BAjeyx85hvmKFuPPc%2BGb%2Bg"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
866819dd3c654bcc-BUF
expires
Sat, 08 Mar 2025 20:51:29 GMT
aos.js
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.js
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://1r2.pl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
48245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4109
last-modified
Mon, 04 May 2020 16:05:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d5d-3962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQsrbJqTj7bgdYb%2FwZ13l5ed%2FkJ8IPpYgY8HQKM6%2FoXc74iIK8P7R015i4I6dFqKxz4qIyR0ZWIspesUUA2yJ4Oln66LFCBEnJ%2FAlnbDPqPmC%2Fy2MiOEYQ0aoP40MIXC3ebsHn1fnB%2FuqGXYBdVvFoXQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
866819dd3c664bcc-BUF
expires
Sat, 08 Mar 2025 20:51:29 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8274175d96212541f3445e21c0a8ab63930110be676b47bce779c4119cf8323
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 18 Mar 2024 20:51:29 GMT
typed.min.js
cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.12/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.12/typed.min.js
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5154391ed1d39ada814f7298e5c77802f238ee9a74809c0833eab8e470fda0b9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://1r2.pl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
239548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3107
last-modified
Sat, 27 Mar 2021 01:34:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"605e8bc2-2e10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbpouJ%2Bw3ktXs2oYe6e4mm8EKnhp2vXBEYlqMiMR74p3X%2BqbxvAFvm4%2BTZHCmGYE88ljSZAFaFsYWtSE%2FC5NWt9u3tJ92SVMe4pCoBxfu8K9SNYa6elu%2BfHvzIJnoNrk9S%2BBXjEZMn1TG7trmgnQRO79"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
866819dd3c6b4bcc-BUF
expires
Sat, 08 Mar 2025 20:51:29 GMT
start-here.png
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/flaro-assets/images/pricing/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/flaro-assets/images/pricing/start-here.png
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77f844a794afdef600d42b58ce5a90a5b3ba7040fee5e48c577518c94e46cb76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 19:49:46 GMT
via
1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
3704
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2238
last-modified
Mon, 18 Mar 2024 18:05:44 GMT
server
AmazonS3
etag
"6f37fb7b15859d9536e80f4ce549197a"
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
hCGKIP24APns4_R1y0cOeicK_kPkZCPdl9ivgT_dG_grl76S3u2URw==
expires
Tue, 16 Apr 2024 01:29:24 GMT
tw-elements.umd.min.js
cdn.jsdelivr.net/npm/tw-elements/dist/js/ 		686 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/tw-elements/dist/js/tw-elements.umd.min.js
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d888a5a26ddbbf993a9ed01a03f6f2ee51b9f7e51ac733e2d504c766de68903f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Mar 2024 20:51:29 GMT
x-content-type-options
nosniff
content-encoding
br
age
20010
x-jsd-version
1.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
202818
x-served-by
cache-fra-eddf8230069-FRA, cache-nyc-kteb1890027-NYC
x-jsd-version-type
version
etag
W/"ab699-oUSFBns89BdPAcSBRfnjtLndYeo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
popper.min.js
unpkg.com/@popperjs/core@2.9.1/dist/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@popperjs/core@2.9.1/dist/umd/popper.min.js
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8caa3ef54f21cd971f2ea91425a00f871d492a69a8814b5786bac39292d9cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
212403
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HS3ARRCS5W7FR56JMAWWGBK8-lga
server
cloudflare
etag
W/"4853-tjv/BFEf7IDrFeQXJXqHE+6I79Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
866819de5f5c4bc3-BUF
livewire.js
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/vendor/livewire/ 		171 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/vendor/livewire/livewire.js?id=90730a3b0e7144480175
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 18:29:59 GMT
content-encoding
br
via
1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
last-modified
Mon, 18 Mar 2024 18:05:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
8491
etag
W/"0e377e741f7d57da94c0d5aed41693cd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
hdSKUmg450tdSFnjo2_Iq2AinytOSWUr2pkmUaNxV12Q78TDQjKiMQ==
expires
Tue, 16 Apr 2024 01:29:24 GMT
cube.json
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/animations/ 		32 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/animations/cube.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.6.2/lottie-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f20ae4e42c1da257593235da501ee286f7059eacd21ee0c2e1759d08b33034d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 19:49:46 GMT
content-encoding
br
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
3703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 18 Mar 2024 18:05:41 GMT
server
AmazonS3
etag
W/"5799a19e2062f3d913a354f4e995810e"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, PUT, POST
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
TJtZp0l4IfuCmxn2M5oD0dmUgyCpRoHQcTL9wFRKbvr93YYFEsclOA==
expires
Tue, 16 Apr 2024 01:29:24 GMT
cube.json
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/animations/ 		32 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/animations/cube.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.6.2/lottie-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f20ae4e42c1da257593235da501ee286f7059eacd21ee0c2e1759d08b33034d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 19:49:46 GMT
content-encoding
br
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
3703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 18 Mar 2024 18:05:41 GMT
server
AmazonS3
etag
W/"5799a19e2062f3d913a354f4e995810e"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, PUT, POST
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
TNluHv9OIGQoyxG_llMQ31GFxuA9SVOYyUUGEgJts-CWxMgQkQGyXA==
expires
Tue, 16 Apr 2024 01:29:24 GMT
scroll-bottom.json
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/animations/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/animations/scroll-bottom.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.6.2/lottie-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7851401ef84c2d9b9ab4892abf40e369cbd70e5db2ff836085a44a162d6db30a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:26 GMT
content-encoding
br
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 18 Mar 2024 18:05:41 GMT
server
AmazonS3
etag
W/"973316a8e78c869c89de166300b94eb1"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, PUT, POST
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
rWNo4QUxkHWEtb5N9vItjIWQ5etoi0jUftDn-lZN02EZzbrugaB9xQ==
expires
Tue, 16 Apr 2024 01:29:24 GMT
scroll-bottom.json
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/animations/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/animations/scroll-bottom.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.6.2/lottie-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7851401ef84c2d9b9ab4892abf40e369cbd70e5db2ff836085a44a162d6db30a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:26 GMT
content-encoding
br
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 18 Mar 2024 18:05:41 GMT
server
AmazonS3
etag
W/"973316a8e78c869c89de166300b94eb1"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, PUT, POST
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
S9BEjy7VvJksQHT0ve2mhe8dMOPhmFF_WR6m3w60m6147lcVUWihSQ==
expires
Tue, 16 Apr 2024 01:29:24 GMT
map.jpg
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/images/features/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/images/features/map.jpg
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2928952465cd041ebf63ca97e9dfc90cdce529613bff1f9406e8f6c8de9372a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 19:57:55 GMT
via
1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
3215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
122102
last-modified
Mon, 18 Mar 2024 18:05:45 GMT
server
AmazonS3
etag
"07ccdb470cbc7e029e61ff90ff4d2fa2"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Hrm7HYVb8HEtM4-5uOahCGh698IVEX0QP6RodolJrjpiHYPgenNa9w==
expires
Tue, 16 Apr 2024 01:29:24 GMT
current-balance.jpg
assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/images/features/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.flexl.ink/8fac58da-24a7-4895-beac-40569cfa3cd7/images/features/current-balance.jpg
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-25.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a74a50983e7e7b46104a35bca9d4303e032b579be7245c2f864467cf17241c0b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:26 GMT
via
1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
64085
last-modified
Mon, 18 Mar 2024 18:05:44 GMT
server
AmazonS3
etag
"fc13b2de0e6948b4a6151609a1cac1d9"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Y4am9gLsycPy-kHGGgWk8TqdtqkZnHUEHAo_b2mPrgQjpVGwFdAlHg==
expires
Tue, 16 Apr 2024 01:29:24 GMT
collect
www.google-analytics.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VR3E3ZDS1K&gtm=45je43d0v898431886za200&_p=1710795089427&gcd=13l3l3l3l1&npa=0&dma=0&cid=1980493012.1710795090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710795089&sct=1&seg=0&dl=https%3A%2F%2F1r2.pl%2F&dt=FlexLink%20-%20%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D1%96%20%D0%BF%D0%BE%D1%81%D0%B8%D0%BB%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%7C%20FlexLink&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1666
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VR3E3ZDS1K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2024 20:51:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1r2.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-965162298&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VR3E3ZDS1K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9c3e9e2b5cc30fe9ad029aff2a74cfd77c52f4f5fc596c9b45e9433a9294494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:51:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85931
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 19:36:24 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Mar 2024 20:51:29 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/965162298/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965162298/?random=1710795090036&cv=11&fst=1710795090036&bg=ffffff&guid=ON&async=1&gtm=45be43d0v9108082465za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1r2.pl%2F&hn=www.googleadservices.com&frm=0&tiba=FlexLink%20-%20%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D1%96%20%D0%BF%D0%BE%D1%81%D0%B8%D0%BB%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%7C%20FlexLink&npa=0&pscdl=noapi&auid=2135962983.1710795090&uamb=0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-965162298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a64cc03ad6c2ae095c17f07a7a511d29fcdcce99253089a1ee73018f5c1aa58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2024 20:51:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ 		492 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1r2.pl/
Origin
https://1r2.pl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 19:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200837
x-xss-protection
0
last-modified
Fri, 15 Mar 2024 21:41:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Mar 2025 19:19:33 GMT
/
www.google.com/pagead/1p-user-list/965162298/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/965162298/?random=1710795090036&cv=11&fst=1710792000000&bg=ffffff&guid=ON&async=1&gtm=45be43d0v9108082465za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1r2.pl%2F&frm=0&tiba=FlexLink%20-%20%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D1%96%20%D0%BF%D0%BE%D1%81%D0%B8%D0%BB%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%7C%20FlexLink&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqCtOVWtGenMUEXxYSMatckBJFDrvO8A&random=4067450744&rmt_tld=0&ipr=y
Requested by
Host: 1r2.pl
URL: https://1r2.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1r2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2024 20:51:30 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| $ function| jQuery object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| AOS function| Typed object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| te object| Popper object| tooltipTriggerList object| tooltipList object| Livewire object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine object| GooglebQhCsO object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| Pusher function| _ function| axios object| Alpine object| recaptcha

6 Cookies

Domain/Path Name / Value
1r2.pl/ Name: flexlink_session
Value: XCvcbhevfrbmQ3LchHgPIPPRlNWkPkXv4eCsi94Z
1r2.pl/ Name: locale
Value: eyJpdiI6IldYSXNGUHlNM093S1p1S0U1eXZJY1E9PSIsInZhbHVlIjoiZ0JMN29mMXQrKzlxWjE5U1NkbWhMNDlEbkovTGxYaUlOU05yRno2d3gyc2JWWC9MclMycGM4SU0zTXlvaUZlLyIsIm1hYyI6IjM4ZDNiZmRkMzQ2MjU1NTY1MzYzMjMxNzM1ZGNkMzAyZmQzMmJlZTJkZjBlMjg1M2Y1YmE2OWNmMjBmNjg1MmIiLCJ0YWciOiIifQ%3D%3D
.1r2.pl/ Name: _ga_VR3E3ZDS1K
Value: GS1.1.1710795089.1.0.1710795089.0.0.0
.1r2.pl/ Name: _ga
Value: GA1.1.1980493012.1710795090
.1r2.pl/ Name: _gcl_au
Value: 1.1.2135962983.1710795090
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
other warning URL: https://1r2.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1r2.pl
assets.flexl.ink
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.bunny.net
googleads.g.doubleclick.net
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
108.138.128.25
13.225.63.57
13.225.63.78
2606:4700::6810:7eaf
2606:4700::6811:190e
2607:f8b0:4006:80d::2004
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:822::200e
2a02:6ea0:c454::1
2a04:4e42:200::485
047cd1182cbd35e029f30c6c5948cf0aa1f024e9d86cf8800966e55249a37e1a
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1f20ae4e42c1da257593235da501ee286f7059eacd21ee0c2e1759d08b33034d
25b40dafb19ec7b40a710e8972780a03ec22ef69a99b59d01d21467665b8bf00
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
5154391ed1d39ada814f7298e5c77802f238ee9a74809c0833eab8e470fda0b9
5a64cc03ad6c2ae095c17f07a7a511d29fcdcce99253089a1ee73018f5c1aa58
5d81d52381109f82486305d77b437ba13d915fd1763b043fb76dea5578235a1b
77f844a794afdef600d42b58ce5a90a5b3ba7040fee5e48c577518c94e46cb76
7851401ef84c2d9b9ab4892abf40e369cbd70e5db2ff836085a44a162d6db30a
926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c
9c219a1f4975a19e1b6185547f3a8d8ded4630edb0cc856d8ad9378282e49825
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a74a50983e7e7b46104a35bca9d4303e032b579be7245c2f864467cf17241c0b
a8caa3ef54f21cd971f2ea91425a00f871d492a69a8814b5786bac39292d9cfd
a9c3e9e2b5cc30fe9ad029aff2a74cfd77c52f4f5fc596c9b45e9433a9294494
aa9f5e622e229728c58c2c8775570b8b4556dd364d9cdf3f644a26c9e9691363
c2928952465cd041ebf63ca97e9dfc90cdce529613bff1f9406e8f6c8de9372a
d888a5a26ddbbf993a9ed01a03f6f2ee51b9f7e51ac733e2d504c766de68903f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3c0d239c7156c0ea9c86096a29d450cdf19b211125db9f0be7d2a2eff6f53f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8274175d96212541f3445e21c0a8ab63930110be676b47bce779c4119cf8323
fd3b411d9ab4a983a8c76ca4391ac0988696e00122d1fa53f9ad59417daac7b8