Submitted URL: https://staryscz.inwestowaniepogodzinach.pl/
Effective URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec...
Submission: On December 07 via api from US — Scanned from US

Summary

This website contacted 18 IPs in 3 countries across 23 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3035::ac43:bd7c, located in United States and belongs to CLOUDFLARENET, US. The main domain is flirtooy.info.
TLS certificate: Issued by GTS CA 1P5 on October 11th 2023. Valid for: 3 months.
This is the only time flirtooy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
3 176.119.51.147 42503 (PL-OKTAWA...)
1 34.118.83.41 396982 (GOOGLE-CL...)
1 217.74.71.140 16138 (INTERIA)
1 93.157.100.46 34360 (OGICOM)
1 2 2a05:d014:12d... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 13.225.63.85 16509 (AMAZON-02)
1 37.28.159.195 197155 (ARTNET)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 157.90.168.251 24940 (HETZNER-AS)
1 69.16.175.42 20446 (STACKPATH...)
2 3 173.0.157.204 7979 (SERVERS-COM)
10 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
50 18
Apex Domain
Subdomains
Transfer
14 flirtooy.info
flirtooy.info
api.flirtooy.info
111 KB
5 inwestowaniepogodzinach.pl
staryscz.inwestowaniepogodzinach.pl
inwestowaniepogodzinach.pl
60 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 gkrtmc.com
go.gkrtmc.com — Cisco Umbrella Rank: 583405
4 KB
3 polki.pl
polki.pl — Cisco Umbrella Rank: 627235
108 KB
2 pornoblog24.pl
www.pornoblog24.pl
289 KB
2 zwierciadlo.pl
zwierciadlo.pl
618 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 woxcdn.com
b1.woxcdn.com
153 B
1 joemonster.org
img.joemonster.org — Cisco Umbrella Rank: 411714
44 KB
1 slaskietrendy.pl
slaskietrendy.pl
1 similarcdn.com
site-images.similarcdn.com — Cisco Umbrella Rank: 178840
46 B
1 sexeo.pl
www.sexeo.pl
74 KB
1 agnieszka.com.pl
agnieszka.com.pl
17 KB
1 iplsc.com
i.iplsc.com — Cisco Umbrella Rank: 94789
41 KB
1 diag.pl
diag.pl — Cisco Umbrella Rank: 333795
0 yadro.ru Failed
counter.yadro.ru Failed
0 ytimg.com Failed
i.ytimg.com Failed
0 infopraca.pl Failed
weblog.infopraca.pl Failed
0 menopauza.pl Failed
www.menopauza.pl Failed
0 ppstatic.pl Failed
d-art.ppstatic.pl Failed
0 lubiepodroze.eu Failed
lubiepodroze.eu Failed
0 niezaspokojona.com Failed
niezaspokojona.com Failed
50 23
Domain Requested by
8 api.flirtooy.info flirtooy.info
6 flirtooy.info go.gkrtmc.com
flirtooy.info
4 staryscz.inwestowaniepogodzinach.pl staryscz.inwestowaniepogodzinach.pl
3 fonts.gstatic.com fonts.googleapis.com
3 go.gkrtmc.com 2 redirects staryscz.inwestowaniepogodzinach.pl
3 polki.pl staryscz.inwestowaniepogodzinach.pl
2 www.pornoblog24.pl staryscz.inwestowaniepogodzinach.pl
2 zwierciadlo.pl 1 redirects staryscz.inwestowaniepogodzinach.pl
1 fonts.googleapis.com flirtooy.info
1 inwestowaniepogodzinach.pl staryscz.inwestowaniepogodzinach.pl
1 b1.woxcdn.com staryscz.inwestowaniepogodzinach.pl
1 img.joemonster.org staryscz.inwestowaniepogodzinach.pl
1 slaskietrendy.pl staryscz.inwestowaniepogodzinach.pl
1 site-images.similarcdn.com staryscz.inwestowaniepogodzinach.pl
1 www.sexeo.pl staryscz.inwestowaniepogodzinach.pl
1 agnieszka.com.pl staryscz.inwestowaniepogodzinach.pl
1 i.iplsc.com staryscz.inwestowaniepogodzinach.pl
1 diag.pl staryscz.inwestowaniepogodzinach.pl
0 counter.yadro.ru Failed staryscz.inwestowaniepogodzinach.pl
0 i.ytimg.com Failed staryscz.inwestowaniepogodzinach.pl
0 weblog.infopraca.pl Failed staryscz.inwestowaniepogodzinach.pl
0 www.menopauza.pl Failed staryscz.inwestowaniepogodzinach.pl
0 d-art.ppstatic.pl Failed
0 lubiepodroze.eu Failed staryscz.inwestowaniepogodzinach.pl
0 niezaspokojona.com Failed staryscz.inwestowaniepogodzinach.pl
50 25

This site contains no links.

Subject Issuer Validity Valid
inwestowaniepogodzinach.pl
GTS CA 1P5
2023-11-10 -
2024-02-08
3 months crt.sh
*.polki.pl
Certum Domain Validation CA SHA2
2023-08-31 -
2024-08-30
a year crt.sh
diag.pl
Certum Extended Validation CA SHA2
2023-09-04 -
2024-09-03
a year crt.sh
*.iplsc.com
DOMENY SSL DV Certification Authority
2023-03-31 -
2024-03-30
a year crt.sh
agnieszka.com.pl
Certum Domain Validation CA SHA2
2023-05-26 -
2024-05-25
a year crt.sh
sexeo.pl
GTS CA 1P5
2023-12-07 -
2024-03-06
3 months crt.sh
similarcdn.com
Amazon RSA 2048 M02
2023-06-24 -
2024-07-22
a year crt.sh
slaskietrendy.pl
R3
2023-12-05 -
2024-03-04
3 months crt.sh
pornoblog24.pl
GTS CA 1P5
2023-11-28 -
2024-02-26
3 months crt.sh
img.joemonster.org
R3
2023-11-19 -
2024-02-17
3 months crt.sh
*.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA
2022-12-30 -
2024-01-19
a year crt.sh
track.cpamatica.com
R3
2023-11-07 -
2024-02-05
3 months crt.sh
flirtooy.info
GTS CA 1P5
2023-10-11 -
2024-01-09
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
Frame ID: 6DC7AC1CFC6080FAED49D6B2E99270CD
Requests: 47 HTTP requests in this frame

Screenshot

Page Title

Dating Service

Page URL History Show full URLs

  1. https://staryscz.inwestowaniepogodzinach.pl/ Page URL
  2. https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
    https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c Page URL
  3. https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c HTTP 302
    https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d5... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
  • vue[.-]([\d.]*\d)[^/]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

50
Requests

72 %
HTTPS

47 %
IPv6

23
Domains

25
Subdomains

18
IPs

3
Countries

795 kB
Transfer

1461 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://staryscz.inwestowaniepogodzinach.pl/ Page URL
  2. https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
    https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c Page URL
  3. https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c HTTP 302
    https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://zwierciadlo.pl/wp-content/uploads/2012/09/najlepsze-filmy-erotyczne-342-1024x711.jpg HTTP 301
  • https://zwierciadlo.pl/_resource/res/path/89/f0/89f0e5ea-2041-3414-93a4-6f69fb1fb3d9
Request Chain 15
  • https://d-tm.ppstatic.pl/kadry/2b/84/7eda2c05841b9b6e265370a3e3c4.1000.jpg HTTP 301
  • https://d-art.ppstatic.pl/k/r/1/2b/84/7eda2c05841b9b6e265370a3e3c4_o.jpg
Request Chain 20
  • https://zwierciadlo.pl/wp-content/uploads/2013/02/seks-na-oscarach-czyli-mocne-sceny-w-nagrodzonych-filmach-Untitled-design-2020-06-16T135908.186-600x365.png HTTP 301
  • https://zwierciadlo.pl/_resource/res/path/e2/93/e2938329-e74c-3a6c-8939-d88e6f8c5969
Request Chain 32
  • https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
  • https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
staryscz.inwestowaniepogodzinach.pl/
326 KB
58 KB
Document
General
Full URL
https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
946ad6f11a0ff9603c89c4c9ae1aebdd919063cd9e3a6b691b612a6f74a28f02

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
831c946e1955334c-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 11:55:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJuI4sUYiFuMa07KI7LXfJzr5IB0Gncet2s8Vk5JAl5G3cJf0YtQ%2FqTgvs3U3ulEIs71rW600GLpfE0wToZviMvnQ4GGEkOMJbzVesz3JAoiC5MCQlWYLKrDxZ9QngcHUu3e7no%2Bk%2F2usdmIDsSXYbY8k6IgtxpIk9c%2BncOxh%2BdYSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
gdxwfkw.js
staryscz.inwestowaniepogodzinach.pl/
1020 B
918 B
Script
General
Full URL
https://staryscz.inwestowaniepogodzinach.pl/gdxwfkw.js?0.6375584064782704&q=ZmlsbXkgb3Bvd2lhZGFuaWEgZXJvdHljem5l
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
25c18a5a305f541f280370c3edb7722a071f61b3dc0551c2a9a8361e0db032de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 11:55:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aa8NP3vMiCDfxsaQBpZ2OrS3zWFWEfQgA%2FJB9pkshhyG1x7BFsgSiqtUhVdKytED76OuUDVCbQasP%2B8G6XUCM2Ht3q7MFqzb9mMIct7b9G4ouqnTPDLY%2BF1BoBZ7aGy%2B%2FoTJOFfooOeJjbm8CAt144wkWZVIfDye97dnRazHXWf%2Fow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
831c94730f6a334c-MIA
alt-svc
h3=":443"; ma=86400
magdalena-cielecka-pokazala-zdjecie-bez-makijazu-w-dniu-46-urodzin-2401493.jpg
polki.pl/foto/4_3_LARGE/
48 KB
48 KB
Image
General
Full URL
https://polki.pl/foto/4_3_LARGE/magdalena-cielecka-pokazala-zdjecie-bez-makijazu-w-dniu-46-urodzin-2401493.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.119.51.147 , Poland, ASN42503 (PL-OKTAWAVE-AS, PL),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
x-openstack-request-id
tx6bd97adcf0874e01b2498-006571b2b1
x-backend
k44s-edip02-04m6kfiat-1ybu81ao,k44s-edip02-04m6kfiat-1ybu81ao
x-cache-key
polki.pl/foto/4_3_LARGE/magdalena-cielecka-pokazala-zdjecie-bez-makijazu-w-dniu-46-urodzin-2401493.jpg
x-cache-status
MISS
x-source
OCS
content-length
48665
x-trans-id
tx6bd97adcf0874e01b2498-006571b2b1
last-modified
Fri, 14 Dec 2018 00:57:31 GMT
server
nginx/1.23.4
x-object-meta-mtime
1537057797.739097
content-type
image/jpeg
x-timestamp
1544749050.00744
cache-control
max-age=3600, public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 12:55:29 GMT
horm.-kob..jpg
diag.pl/katalogi/wp-content/uploads/sites/6/2016/09/
0
0
Image
General
Full URL
https://diag.pl/katalogi/wp-content/uploads/sites/6/2016/09/horm.-kob..jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.118.83.41 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.83.118.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

00095GOAQQJHUSFT-C411-F4.jpg
i.iplsc.com/zofia-zborowska-wybiera-samych-przystojniakow/
40 KB
41 KB
Image
General
Full URL
https://i.iplsc.com/zofia-zborowska-wybiera-samych-przystojniakow/00095GOAQQJHUSFT-C411-F4.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.74.71.140 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS
cv.interia.pl
Software
IPL/2.2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
last-modified
Thu, 07 Dec 2023 11:55:29 GMT
server
IPL/2.2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
41447
expires
Fri, 08 Dec 2023 11:55:29 GMT
seks_przez_cale_zycie.jpg
agnieszka.com.pl/foto/
17 KB
17 KB
Image
General
Full URL
https://agnieszka.com.pl/foto/seks_przez_cale_zycie.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.157.100.46 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
s27-www.ogicom.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 04 Dec 2017 17:56:35 GMT
server
Apache
etag
"4409-55f87707befa7"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17417
expires
Sat, 06 Jan 2024 11:55:29 GMT
89f0e5ea-2041-3414-93a4-6f69fb1fb3d9
zwierciadlo.pl/_resource/res/path/89/f0/
Redirect Chain
  • https://zwierciadlo.pl/wp-content/uploads/2012/09/najlepsze-filmy-erotyczne-342-1024x711.jpg
  • https://zwierciadlo.pl/_resource/res/path/89/f0/89f0e5ea-2041-3414-93a4-6f69fb1fb3d9
224 KB
0
Image
General
Full URL
https://zwierciadlo.pl/_resource/res/path/89/f0/89f0e5ea-2041-3414-93a4-6f69fb1fb3d9
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
HTTP/1.1
Server
2a05:d014:12d2:ad01:321c:4d8d:13a8:4a67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 11:55:29 GMT
Last-Modified
Wed, 28 Apr 2021 08:57:25 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"10c07e-5c1049152f03c"
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=199
Content-Length
1097854

Redirect headers

Date
Thu, 07 Dec 2023 11:55:29 GMT
Server
Apache/2.4.41 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
TEXT/HTML
Location
/_resource/res/path/89/f0/89f0e5ea-2041-3414-93a4-6f69fb1fb3d9
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=1, max=200
Expires
Thu, 01 Jan 1970 00:00:00 GMT
b95bce545224374e2f8604ae0728bf1c_jazda_pociagiem_opowiadania_erotyczne-768-576-c-90.jpg
niezaspokojona.com/wp-content/uploads/freshizer/
0
0

niefortunny-kochanek-429944.jpg
polki.pl/foto/16_9_LARGE_0200/
27 KB
28 KB
Image
General
Full URL
https://polki.pl/foto/16_9_LARGE_0200/niefortunny-kochanek-429944.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.119.51.147 , Poland, ASN42503 (PL-OKTAWAVE-AS, PL),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
x-openstack-request-id
txb7b13d2726574b60b4344-006571b2b1
x-backend
k44s-edip02-04m6kfiat-nf8my99u,k44s-edip02-04m6kfiat-nf8my99u
x-cache-key
polki.pl/foto/16_9_LARGE_0200/niefortunny-kochanek-429944.jpg
x-cache-status
MISS
x-source
OCS
content-length
27996
x-trans-id
txb7b13d2726574b60b4344-006571b2b1
last-modified
Sun, 23 Dec 2018 12:32:51 GMT
server
nginx/1.23.4
x-object-meta-mtime
1536640416.135487
content-type
image/jpeg
x-timestamp
1545568370.26616
cache-control
max-age=3600, public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 12:55:29 GMT
sauna-terma-bania-560x373.jpg
lubiepodroze.eu/wp-content/uploads/
0
0

69305_01big.jpg
www.sexeo.pl/wp-content/uploads/2016/05/
74 KB
74 KB
Image
General
Full URL
https://www.sexeo.pl/wp-content/uploads/2016/05/69305_01big.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13d85724cffeb5a09e09cb97254825e12ae219863caa606d03ff6b602bfbf71f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Nov 2023 18:25:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"12780-65468cad-145b6d;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUpe05Boc2c94T0hYdU1vXwrq6%2FU47vd3GD9Nz5oXMNOBuTp6%2F8DrJh5EjPdaavL5Pqd%2FARAqDPrvNHkBK3aXtd3u%2BzSguw5M9a5QHmrmMy6CQyGU27X%2F8PbYqJzK8zojel67pMJ3UUrSKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
831c9473a93e3dcd-MIA
alt-svc
h3=":443"; ma=86400
content-length
75648
expires
Thu, 14 Dec 2023 11:55:29 GMT
image
site-images.similarcdn.com/
46 B
46 B
Image
General
Full URL
https://site-images.similarcdn.com/image?url=opowiadania-erotyczne-rodzina-dojrzale-grupowe.oh-grupowy.supper.fajne.infou0026t=1u0026s=10u0026h=4382326280819666354
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-85.ewr53.r.cloudfront.net
Software
/ Express
Resource Hash
02d2ae7ab81b2d65f72d9a44f9515754bb84ecf482f6efe0cec2974cf5f41139

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
via
1.1 92f8ba2eac28a12283a77bc938ff1728.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-powered-by
Express
x-cache
Error from cloudfront
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
0GRUAleVHOJw5lgKUCcVE40NnjTb8vtNuT4-eV9Z1YEjGPUdAowe5g==
Seks-dla-opornych-fot.-z-arch.-Teatr-%C5%BBelazny-1.jpg
slaskietrendy.pl/wp-content/uploads/2019/01/
32 KB
0
Image
General
Full URL
https://slaskietrendy.pl/wp-content/uploads/2019/01/Seks-dla-opornych-fot.-z-arch.-Teatr-%C5%BBelazny-1.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.28.159.195 , Poland, ASN197155 (ARTNET, PL),
Reverse DNS
n126.domenomania.pl
Software
Apache/2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:54:51 GMT
last-modified
Fri, 25 Jan 2019 21:31:25 GMT
server
Apache/2
accept-ranges
bytes
etag
"ee54-5804f0c8ea540"
content-length
61012
content-type
image/jpeg
092-682x1024.jpg
www.pornoblog24.pl/wp-content/uploads/2017/03/
176 KB
177 KB
Image
General
Full URL
https://www.pornoblog24.pl/wp-content/uploads/2017/03/092-682x1024.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2017 12:13:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2c01e-549be5a2bff40"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LH0aeZARAv7gCvkFZgUpyRO00pe7y%2Fy3DFmb3RSPMc3LDWmrKOEhJ8AC67BTvB9TIt3IrSWiV3z62GOZXFuVDL5N2b0%2Fili%2F3wglKL14H7bqquW7mxiD4rqcaZywOEvwlW%2FVyzh2L3ZBXHLbr%2FVE%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
831c9473edd10291-MIA
alt-svc
h3=":443"; ma=86400
content-length
180254
b6ad1fd8a65f92a7a96dbb2a657b3c71.jpg
img.joemonster.org/images/vad/img_43544/
44 KB
44 KB
Image
General
Full URL
https://img.joemonster.org/images/vad/img_43544/b6ad1fd8a65f92a7a96dbb2a657b3c71.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.168.251 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.168.90.157.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
last-modified
Fri, 02 Mar 2018 22:36:15 GMT
server
nginx
etag
"5a99d1df-ae62"
vary
Origin, Origin
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
content-type
image/jpeg
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=1728000
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
44642
expires
Wed, 27 Dec 2023 11:55:29 GMT
7eda2c05841b9b6e265370a3e3c4_o.jpg
d-art.ppstatic.pl/k/r/1/2b/84/
Redirect Chain
  • https://d-tm.ppstatic.pl/kadry/2b/84/7eda2c05841b9b6e265370a3e3c4.1000.jpg
  • https://d-art.ppstatic.pl/k/r/1/2b/84/7eda2c05841b9b6e265370a3e3c4_o.jpg
0
0

people-2576947_1280-1068x712.jpg
www.menopauza.pl/wp-content/uploads/
0
0

flirt-romans.jpg
weblog.infopraca.pl/wp-content/uploads/
0
0

add7ddb9ecb6110856f3bc5df60578ce.jpg
b1.woxcdn.com/pics-final-2/add/7dd/
0
153 B
Image
General
Full URL
https://b1.woxcdn.com/pics-final-2/add/7dd/add7ddb9ecb6110856f3bc5df60578ce.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
cache-control
max-age=18
content-length
0
x-hw
1701950130.cdn4-pxy222-mia02.mi1.evs
z-zycia-wziete-160291.jpg
polki.pl/foto/16_9_LARGE_0200/
31 KB
32 KB
Image
General
Full URL
https://polki.pl/foto/16_9_LARGE_0200/z-zycia-wziete-160291.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.119.51.147 , Poland, ASN42503 (PL-OKTAWAVE-AS, PL),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:30 GMT
x-openstack-request-id
txeefc416f9b7b4d098320e-006571b2b2
x-backend
k44s-edip02-04m6kfiat-ovt2t6v6,k44s-edip02-04m6kfiat-ovt2t6v6
x-cache-key
polki.pl/foto/16_9_LARGE_0200/z-zycia-wziete-160291.jpg
x-cache-status
MISS
x-source
OCS
content-length
32045
x-trans-id
txeefc416f9b7b4d098320e-006571b2b2
last-modified
Sun, 23 Dec 2018 14:06:11 GMT
server
nginx/1.23.4
x-object-meta-mtime
1536757060.316546
content-type
image/jpeg
x-timestamp
1545573970.82162
cache-control
max-age=3600, public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 12:55:30 GMT
e2938329-e74c-3a6c-8939-d88e6f8c5969
zwierciadlo.pl/_resource/res/path/e2/93/
Redirect Chain
  • https://zwierciadlo.pl/wp-content/uploads/2013/02/seks-na-oscarach-czyli-mocne-sceny-w-nagrodzonych-filmach-Untitled-design-2020-06-16T135908.186-600x365.png
  • https://zwierciadlo.pl/_resource/res/path/e2/93/e2938329-e74c-3a6c-8939-d88e6f8c5969
0
0

maxresdefault.jpg
i.ytimg.com/vi/zD0e_SMz1I0/
0
0

hashimoto-podstepny-zabojca-libido-czy-odbiera-ochote-na-seks-2408134.jpg
polki.pl/foto/4_3_LARGE/
0
0

opowiadania-erotyczne-136326.jpg
polki.pl/foto/16_9_LARGE_0200/
0
0

09-14-1024x682.jpg
www.pornoblog24.pl/wp-content/uploads/2017/08/
112 KB
113 KB
Image
General
Full URL
https://www.pornoblog24.pl/wp-content/uploads/2017/08/09-14-1024x682.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:30 GMT
cf-cache-status
MISS
last-modified
Sun, 13 Aug 2017 10:59:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1c110-556a06f52b280"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=683g7pCcyRsGwBr6Jql%2BjBj879MI3aekTSPpiTeBzyHCqrxWwNPspXO7sU2m42N4xJaZmA%2FQ%2B%2FmmBLpJFmbNt0KP8g%2F2pDMoqaNKWP06FabRzhRdHVsvs%2BXTai0J6aUEPy5lI%2BnrdGts%2F5IYDz5upVo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
831c94796ad10291-MIA
alt-svc
h3=":443"; ma=86400
content-length
114960
czekam_na_ruchanie.jpg
niezaspokojona.com/wp-content/uploads/2013/09/
0
0

zycie-singla-to-nie-bajka-412106.jpg
polki.pl/foto/4_3_LARGE_0200/
0
0

truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
hit;pldat3
counter.yadro.ru/
0
0

invester1.jpg
inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/
0
0
Image
General
Full URL
https://inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/invester1.jpg
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

nrillfw.gif
staryscz.inwestowaniepogodzinach.pl/
209 B
209 B
Image
General
Full URL
https://staryscz.inwestowaniepogodzinach.pl/nrillfw.gif?ref=&url=https%3A//staryscz.inwestowaniepogodzinach.pl/&scr=1600x1200&q=1701950129&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.62%20Safari/537.36&0.7014436109656601
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc2772899e818c16cf489e3f45e23ee9497a5ac8e3e691472b811b4edf934ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:29 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBM0D4CRhL7SYl8ANk2On%2FIGbIz9WTWlktVYodbN8leC%2BKvpt7ClhbOpdb6tjHNauOnWjKQ7N5L6VW3kZWUR21QQB%2FqwiB8MuUahBKpi37vw9TgMdgHmpRaqM0e7%2FTwEOvexnKkR%2F6GUQWQ6helYNiFwamB0i43eozL4aR%2FsECsgzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
831c94750d7709d6-MIA
alt-svc
h3=":443"; ma=86400
dugazdj.js
staryscz.inwestowaniepogodzinach.pl/
550 B
822 B
XHR
General
Full URL
https://staryscz.inwestowaniepogodzinach.pl/dugazdj.js?get=1&q=1701950129&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.62%20Safari/537.36&0.45560379844308563
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/gdxwfkw.js?0.6375584064782704&q=ZmlsbXkgb3Bvd2lhZGFuaWEgZXJvdHljem5l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:55c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staryscz.inwestowaniepogodzinach.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 11:55:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3GmFQZdQzRvZiShUUM024xrYgIyhZ3Xj%2FDvi5IG%2B1akRfCtcfKrd6aehTnHxgP2eTDibInLTBjOb85Xr%2FNp25LUo5VBUmGrh1kSPjIHRopOYi5MaU%2Fb3NjaJMrpAhz25ugUHL8QFKRAUySVfBjzHJ86K8VxZnBbJkA%2BMUNzE6T6NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
831c9476cec009d6-MIA
alt-svc
h3=":443"; ma=86400
cl
go.gkrtmc.com/
Redirect Chain
  • https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem
  • https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
1 KB
2 KB
Document
General
Full URL
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Requested by
Host: staryscz.inwestowaniepogodzinach.pl
URL: https://staryscz.inwestowaniepogodzinach.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.0.157.204 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://staryscz.inwestowaniepogodzinach.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Thu, 07 Dec 2023 11:55:30 GMT
ETag
W/"579-0Vsjzx+kUoPTVO57S1z+EjAkaOk"
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
264
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Thu, 07 Dec 2023 11:55:30 GMT
Location
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
Primary Request /
flirtooy.info/
Redirect Chain
  • https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
  • https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
6 KB
3 KB
Document
General
Full URL
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
Requested by
Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cbed109a32cff015ae8a3670a2b75527c26cd27273909c591d69f80a2c1e882

Request headers

Referer
https://go.gkrtmc.com/cl?offer_id=10170&aff_id=47487&aff_sub=66979&aff_sub5=seo-sem&bofc=aff_c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, no-transform
cf-cache-status
DYNAMIC
cf-ray
831c947c8815030a-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 11:55:30 GMT
etag
W/"65673e58-17a9"
expires
0
last-modified
Wed, 29 Nov 2023 13:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CamD9uWeZlbyPlRPsGdNOp8IDJCzg3bSUlXF96R4CTTBf9mEEPgZSv%2BdZuIz%2FKe%2B4lYoDeprT3cOAX5XMaYXCz4kKgHJCYygehPH6Yjf1qocrrQ%2FN8fPVbN1%2BUoJSGD3yMbJ3tMg2p5TDXG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
484
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Thu, 07 Dec 2023 11:55:30 GMT
Location
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 11:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 10:44:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 11:55:31 GMT
chunk-vendors.0ff68660.js
flirtooy.info/js/
183 KB
67 KB
Script
General
Full URL
https://flirtooy.info/js/chunk-vendors.0ff68660.js
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1c4df381ae5daa0a3fd01ba2be0a2fb309728fea5080cec85fdcb12dfc7034c
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2503032
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 15:25:32 GMT
server
cloudflare
etag
W/"65411c6c-2dd30"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cld%2FciC4hm4ntMGN1f4%2FdV7zf%2B%2F2irnf%2FIzZWYerzpFzUFiPJQzaELFjmGD2gkUvfGE3Wyy%2FvKIBwz4ZYchcXyycDHmdqsTHRrcUkvR2eMSyHRcBj8JiLI4htLaV%2FVtwvFB1JlPzq5LlRRCl"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
831c947db965030a-MIA
expires
Fri, 08 Dec 2023 12:38:18 GMT
app.0f6d07c1.js
flirtooy.info/js/
28 KB
8 KB
Script
General
Full URL
https://flirtooy.info/js/app.0f6d07c1.js
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0477cb2b106528e6cfa44045c5f6ef5f0e9c50d44df08a277de3cbee2a4ad029
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
684993
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 29 Nov 2023 13:36:24 GMT
server
cloudflare
etag
W/"65673e58-6ec6"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nTtQ6XzutLoupL8EHGoaTuTENEOpM6B3a9MweUWCabvw2K5BL37aA55Mr5OWK5Yn13W7PhIYfpThpoBzcrX9C4jWXIWA%2FlhsEB0DL4aewWwQflQ6N9YpycIuSRtwSRKMBFsmQt2vv%2BQcJaE"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
831c947db96a030a-MIA
expires
Fri, 29 Dec 2023 13:38:57 GMT
client-visit
api.flirtooy.info/v1/public/
2 B
529 B
XHR
General
Full URL
https://api.flirtooy.info/v1/public/client-visit
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Dec 2023 11:55:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://flirtooy.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1QCGAuO6geNeNZc%2FciH1K3%2F8gzWk6fGc3xeb0z6oE57bhEeOQUsJjRUyPawxnvlOySIeLDYeK0jyEEcm10lKQeu6dW1KYrbWmo43yTQ%2Fvb15FYmtvkdjaSMNNRjFJjhql2SrGixVcXgF%2BHoxzYkIA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
831c9482290bd99d-MIA
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
alt-svc
h3=":443"; ma=86400
client-visit
api.flirtooy.info/v1/public/
0
0
Preflight
General
Full URL
https://api.flirtooy.info/v1/public/client-visit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://flirtooy.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://flirtooy.info
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
831c94806b363713-MIA
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 07 Dec 2023 11:55:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmKGlLHmhDkPXtbpPS3j3UMlaCI7MshtYVpFpecj076YJni8JAwqN1KlK7EOGQwN%2Bs2Ipf0kEPXstlYv8s86rJUY3gTMrz2QiI8nJ76gjXdBFAKuntx%2Bh6m8xFOXr7yt6N9O7SQVhiqqxqfxHE3aJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
auth
api.flirtooy.info/v1/user/
685 B
2 KB
XHR
General
Full URL
https://api.flirtooy.info/v1/user/auth
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.0ff68660.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
465d80303fe523d79db49a2af66ce4750dc1b84e4944665119f4f52869e7e06a

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 07 Dec 2023 11:55:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"2ad-Sbwmimtf+bBwAczy7oP5TktN1vg"
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flirtooy.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UQeNcPdX7B4VrShAE065FZ56rWyHJsOfQuM8jOiww9T2tPTLQyvhKFKtGrGqJKVFqKv16zr9ZL%2FAwjhq3U9j5mxq%2BwdKxouDi94FBt31a7fj7HAMHtfagbiqvV3dmM%2B7kuuV%2FqAcwgPLpK6hQOjhw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
831c94822908d99d-MIA
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
content-length
685
alt-svc
h3=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flirtooy.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:43:22 GMT
x-content-type-options
nosniff
age
58329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:43:22 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flirtooy.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:42:19 GMT
x-content-type-options
nosniff
age
58392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:42:19 GMT
auth
api.flirtooy.info/v1/user/
0
0
Preflight
General
Full URL
https://api.flirtooy.info/v1/user/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://flirtooy.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://flirtooy.info
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
831c94806b3d3713-MIA
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 07 Dec 2023 11:55:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqFsUssG6uG6T4Lg2XEdgq5LuPjY%2Fvl3NveysHi%2BbhI%2FH81ay1gWQ%2B1NnUz8pGESEWO10Da0RXsrFYwgu6XP8eTBOPnGczGz8ZXBEi3GCqHpXn4oG5JzyJSagN0VAP52L72cddI8v3XHKFbxRHXoig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
land-LandSingleStepSexting-vue.41b025ef.css
flirtooy.info/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://flirtooy.info/css/land-LandSingleStepSexting-vue.41b025ef.css
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/app.0f6d07c1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f0284f4928db260738cc306b979a43495045079e8ba9f52b66797279554c4c
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
525155
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 29 Nov 2023 13:36:24 GMT
server
cloudflare
etag
W/"65673e58-16e4"
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ITlSmxM8CvkorD0FV4I0QNL5M9vsTNDG%2BLZRNp1Nu2e8Qf%2BU10JtAkNWDBn29Ep2h1YD5sqvVhe4jo%2BkWfdgnYeKl4XuidZ%2BVD%2FcEUotCw1fMBvfAaWsHXgsOF4Y0nEwP%2FJwhXbuW1OE3mR"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
831c94848aa9d99d-MIA
expires
Sun, 31 Dec 2023 10:02:56 GMT
land-LandSingleStepSexting-vue.2b5fd605.js
flirtooy.info/js/
3 KB
2 KB
Script
General
Full URL
https://flirtooy.info/js/land-LandSingleStepSexting-vue.2b5fd605.js
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/app.0f6d07c1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081c70e4b39846fd8aa58bcecf9d0af0f8154d7634fe849443a6179735657c28
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
514299
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 29 Nov 2023 13:36:24 GMT
server
cloudflare
etag
W/"65673e58-d84"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2%2FYrY5PkSIb5W%2FH7pYzJjkAIXUjw%2B8UCL5zszeglr80jXC15vdCaSd%2FiZdkb9Pr47VQIgdmNOlojPSavAeKofRGG7esb%2Fza939UE39TDH2ylLLLovue76XBxtEUesRJ%2BD7ElSok0Y4j1b3m"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
831c94848aabd99d-MIA
expires
Sun, 31 Dec 2023 13:03:52 GMT
anal
api.flirtooy.info/v1/user/
26 B
623 B
XHR
General
Full URL
https://api.flirtooy.info/v1/user/anal?event=push_subscription_show
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.0ff68660.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-US,en;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiMTc5ZGYzODAtNjA0MC00NmEyLTkwNWItYzA5ZjM4ZmNiMjgzIiwidmlzaXRfaWQiOiJhNDY4OTMxNS04ZTUzLTQ5OWQtYjkwZC0xOTI4NWZmMjQyZDAiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJzZXh0aW5nIiwiaWF0IjoxNzAxOTUwMTMxLCJleHAiOjE3MzM1MDc3MzF9.BLIu0auG395InT9iibFR_7EroXgBllczVqN1jULY7yo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flirtooy.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGAHhoGgev99I7dJb6ysoFRu6we69y23UVZq5dP76RX9vSa%2F1pRacEzSNJsPlic%2BnpqfHU%2BlmbTOBOoLnT1f2WXr%2Fa%2BlUith85Gq104ioqjsm5GJjxruQvgmN0zB3C%2BK79Gx6aKbmw1QH9ZSOQkXdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
831c94858b5fd99d-MIA
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
anal
api.flirtooy.info/v1/user/
0
0
Preflight
General
Full URL
https://api.flirtooy.info/v1/user/anal?event=push_subscription_show
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://flirtooy.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://flirtooy.info
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
831c94849d943713-MIA
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 07 Dec 2023 11:55:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTaJ%2BR%2BpU%2BsuGMBHEaKkQO6brhFv%2Fpp5Yaq%2Bu%2FkPIcLF2ZfeBa0jtsEDcwAdaziGJDhUa5eMyGS6oLz7pYG5lIDmU3Oz4f1u%2BJSKhS%2BHdAWuuiuGz5a3AS2ck1F96l8hhFOr0v%2BC2kLilQZth%2FOKIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
push-subscription
api.flirtooy.info/v1/user/
26 B
609 B
XHR
General
Full URL
https://api.flirtooy.info/v1/user/push-subscription
Requested by
Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.0ff68660.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-US,en;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiMTc5ZGYzODAtNjA0MC00NmEyLTkwNWItYzA5ZjM4ZmNiMjgzIiwidmlzaXRfaWQiOiJhNDY4OTMxNS04ZTUzLTQ5OWQtYjkwZC0xOTI4NWZmMjQyZDAiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJzZXh0aW5nIiwiaWF0IjoxNzAxOTUwMTMxLCJleHAiOjE3MzM1MDc3MzF9.BLIu0auG395InT9iibFR_7EroXgBllczVqN1jULY7yo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 07 Dec 2023 11:55:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flirtooy.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BCWoK3KjiEjajqddxgVOQDw%2BUTbn3XB80K7naxdSmR5%2FgimK5nFBe3qulMjnYmZDmPkeidiRqJh5nYaDyjiv9M89OeFRSFyxybOnV6u6cHJq875IDPYWxkN0%2B%2FBNhxnoD9FXKpRsf7gWNEbdFMEDA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
831c94858b60d99d-MIA
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
content-length
26
alt-svc
h3=":443"; ma=86400
push-subscription
api.flirtooy.info/v1/user/
0
0
Preflight
General
Full URL
https://api.flirtooy.info/v1/user/push-subscription
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://flirtooy.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://flirtooy.info
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
831c94849d9a3713-MIA
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 07 Dec 2023 11:55:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdkxpQ133yC7JzcUA8KRZetXuU3L4LDLRJ2PgQdvZE5VDr5Ad1YMUuL7kiLqh5ihkqHaPJfAAKW60v66U15ewga2oZ%2B44LID9LjWGpP6VPewpizuVArEVZm4HmcvlNZuV%2B3bRWmwcB%2BGiYhBgPv8MA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pht_0127.67867235.jpg
flirtooy.info/img/
26 KB
26 KB
Image
General
Full URL
https://flirtooy.info/img/pht_0127.67867235.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60330a35ac8500608f5bcfccf4c2985e5d41868535620a64776455b8092e9001
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
694888
alt-svc
h3=":443"; ma=86400
content-length
26505
last-modified
Mon, 27 Nov 2023 13:52:41 GMT
server
cloudflare
etag
"65649f29-6789"
x-frame-options
deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kt%2BjVXn%2BLgwfGfAkt8RPnHQQ%2BLaoND4fxT4mrNYEQfl6v8R1%2FBINBXKkd3kLs0iTtzNH7Ek2zCvdsbUB0%2FgOtjgQB7p1Ls%2BtX3Cem4pORXX7StvGSzSJ1MV0AiLsjVuyWNK658sENi3KEtlZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
831c9484dad6d99d-MIA
expires
Thu, 28 Nov 2024 10:54:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flirtooy.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:32:51 GMT
x-content-type-options
nosniff
age
58960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:32:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
niezaspokojona.com
URL
https://niezaspokojona.com/wp-content/uploads/freshizer/b95bce545224374e2f8604ae0728bf1c_jazda_pociagiem_opowiadania_erotyczne-768-576-c-90.jpg
Domain
lubiepodroze.eu
URL
https://lubiepodroze.eu/wp-content/uploads/sauna-terma-bania-560x373.jpg
Domain
d-art.ppstatic.pl
URL
https://d-art.ppstatic.pl/k/r/1/2b/84/7eda2c05841b9b6e265370a3e3c4_o.jpg
Domain
www.menopauza.pl
URL
https://www.menopauza.pl/wp-content/uploads/people-2576947_1280-1068x712.jpg
Domain
weblog.infopraca.pl
URL
https://weblog.infopraca.pl/wp-content/uploads/flirt-romans.jpg
Domain
zwierciadlo.pl
URL
https://zwierciadlo.pl/_resource/res/path/e2/93/e2938329-e74c-3a6c-8939-d88e6f8c5969
Domain
i.ytimg.com
URL
https://i.ytimg.com/vi/zD0e_SMz1I0/maxresdefault.jpg
Domain
polki.pl
URL
https://polki.pl/foto/4_3_LARGE/hashimoto-podstepny-zabojca-libido-czy-odbiera-ochote-na-seks-2408134.jpg
Domain
polki.pl
URL
https://polki.pl/foto/16_9_LARGE_0200/opowiadania-erotyczne-136326.jpg
Domain
niezaspokojona.com
URL
https://niezaspokojona.com/wp-content/uploads/2013/09/czekam_na_ruchanie.jpg
Domain
polki.pl
URL
https://polki.pl/foto/4_3_LARGE_0200/zycie-singla-to-nie-bajka-412106.jpg
Domain
counter.yadro.ru
URL
https://counter.yadro.ru/hit;pldat3?t57.6;r;s1600*1200*24;uhttps%3A//staryscz.inwestowaniepogodzinach.pl/;hFilmy%20opowiadania%20erotyczne%20seks%20w%20dniu%20owulacji;0.4225516692780442

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackJsonp object| regeneratorRuntime

5 Cookies

Domain/Path Name / Value
.go.gkrtmc.com/ Name: language
Value: en
.go.gkrtmc.com/ Name: 8666
Value: 38_66979_8666_9552d785ccf10c88ef77ff66b42ce330
.go.gkrtmc.com/ Name: op_8666
Value: 0
.go.gkrtmc.com/ Name: user_id
Value: 4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96
api.flirtooy.info/ Name: authToken
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiMTc5ZGYzODAtNjA0MC00NmEyLTkwNWItYzA5ZjM4ZmNiMjgzIiwidmlzaXRfaWQiOiJhNDY4OTMxNS04ZTUzLTQ5OWQtYjkwZC0xOTI4NWZmMjQyZDAiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJzZXh0aW5nIiwiaWF0IjoxNzAxOTUwMTMxLCJleHAiOjE3MzM1MDc3MzF9.BLIu0auG395InT9iibFR_7EroXgBllczVqN1jULY7yo

12 Console Messages

Source Level URL
Text
security warning URL: https://staryscz.inwestowaniepogodzinach.pl/(Line 822)
Message:
Mixed Content: The page at 'https://staryscz.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://lubiepodroze.eu/wp-content/uploads/sauna-terma-bania-560x373.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://staryscz.inwestowaniepogodzinach.pl/(Line 822)
Message:
Mixed Content: The page at 'https://staryscz.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.sexeo.pl/wp-content/uploads/2016/05/69305_01big.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://staryscz.inwestowaniepogodzinach.pl/(Line 822)
Message:
Mixed Content: The page at 'https://staryscz.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://slaskietrendy.pl/wp-content/uploads/2019/01/Seks-dla-opornych-fot.-z-arch.-Teatr-%C5%BBelazny-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://staryscz.inwestowaniepogodzinach.pl/(Line 822)
Message:
Mixed Content: The page at 'https://staryscz.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://weblog.infopraca.pl/wp-content/uploads/flirt-romans.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://staryscz.inwestowaniepogodzinach.pl/(Line 822)
Message:
Mixed Content: The page at 'https://staryscz.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://b1.woxcdn.com/pics-final-2/add/7dd/add7ddb9ecb6110856f3bc5df60578ce.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://staryscz.inwestowaniepogodzinach.pl/(Line 822)
Message:
Mixed Content: The page at 'https://staryscz.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://polki.pl/foto/16_9_LARGE_0200/z-zycia-wziete-160291.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://site-images.similarcdn.com/image?url=opowiadania-erotyczne-rodzina-dojrzale-grupowe.oh-grupowy.supper.fajne.infou0026t=1u0026s=10u0026h=4382326280819666354
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/invester1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://staryscz.inwestowaniepogodzinach.pl/nrillfw.gif?ref=&url=https%3A//staryscz.inwestowaniepogodzinach.pl/&scr=1600x1200&q=1701950129&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.62%20Safari/537.36&0.7014436109656601
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://b1.woxcdn.com/pics-final-2/add/7dd/add7ddb9ecb6110856f3bc5df60578ce.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://diag.pl/katalogi/wp-content/uploads/sites/6/2016/09/horm.-kob..jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_9552d785ccf10c88ef77ff66b42ce330&p10=4d03d571-90b4-4955-ae17-ec3d65bc515f_28d8458e8c1c4e49c2cfd1f016606a96&source=66979&aff_sub=&aff_sub2=seo-sem
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agnieszka.com.pl
api.flirtooy.info
b1.woxcdn.com
counter.yadro.ru
d-art.ppstatic.pl
diag.pl
flirtooy.info
fonts.googleapis.com
fonts.gstatic.com
go.gkrtmc.com
i.iplsc.com
i.ytimg.com
img.joemonster.org
inwestowaniepogodzinach.pl
lubiepodroze.eu
niezaspokojona.com
polki.pl
site-images.similarcdn.com
slaskietrendy.pl
staryscz.inwestowaniepogodzinach.pl
weblog.infopraca.pl
www.menopauza.pl
www.pornoblog24.pl
www.sexeo.pl
zwierciadlo.pl
counter.yadro.ru
d-art.ppstatic.pl
i.ytimg.com
lubiepodroze.eu
niezaspokojona.com
polki.pl
weblog.infopraca.pl
www.menopauza.pl
zwierciadlo.pl
13.225.63.85
157.90.168.251
173.0.157.204
176.119.51.147
217.74.71.140
2606:4700:3035::ac43:bd7c
2606:4700:3037::6815:215b
2606:4700:3037::6815:55c1
2606:4700:3037::6815:63
2606:4700:3038::6815:ebcf
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::200a
2a05:d014:12d2:ad01:321c:4d8d:13a8:4a67
34.118.83.41
37.28.159.195
69.16.175.42
93.157.100.46
02d2ae7ab81b2d65f72d9a44f9515754bb84ecf482f6efe0cec2974cf5f41139
0477cb2b106528e6cfa44045c5f6ef5f0e9c50d44df08a277de3cbee2a4ad029
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc
081c70e4b39846fd8aa58bcecf9d0af0f8154d7634fe849443a6179735657c28
13d85724cffeb5a09e09cb97254825e12ae219863caa606d03ff6b602bfbf71f
25c18a5a305f541f280370c3edb7722a071f61b3dc0551c2a9a8361e0db032de
2fc2772899e818c16cf489e3f45e23ee9497a5ac8e3e691472b811b4edf934ed
465d80303fe523d79db49a2af66ce4750dc1b84e4944665119f4f52869e7e06a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
60330a35ac8500608f5bcfccf4c2985e5d41868535620a64776455b8092e9001
6cbed109a32cff015ae8a3670a2b75527c26cd27273909c591d69f80a2c1e882
946ad6f11a0ff9603c89c4c9ae1aebdd919063cd9e3a6b691b612a6f74a28f02
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3f0284f4928db260738cc306b979a43495045079e8ba9f52b66797279554c4c
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
e1c4df381ae5daa0a3fd01ba2be0a2fb309728fea5080cec85fdcb12dfc7034c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615