urlscan.io logo urlscan.io
SecurityTrails logo

bl.flirthits.com Open in urlscan Pro
156.67.36.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://25-whatsapp.nina-trafficpartner.com/
Effective URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPub...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 03 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 36 HTTP transactions. The main IP is 156.67.36.15, located in Germany and belongs to CQINT-, NL. The main domain is bl.flirthits.com.
TLS certificate: Issued by R10 on July 10th 2024. Valid for: 3 months.
This is the only time bl.flirthits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.13.164.144 34788 (NMM-AS D)
1 1 172.64.153.115 13335 (CLOUDFLAR...)
1 1 172.64.154.2 13335 (CLOUDFLAR...)
2 156.67.36.15 25418 (CQINT-)
23 172.64.152.25 13335 (CLOUDFLAR...)
1 142.250.186.74 15169 (GOOGLE)
6 104.16.160.145 13335 (CLOUDFLAR...)
1 142.250.185.138 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
2 142.250.186.163 15169 (GOOGLE)
36 7
1    85.13.164.144 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd48238.kasserver.com
25-whatsapp.nina-trafficpartner.com
1    172.64.153.115 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
trk.cloudtraff.com
1    172.64.154.2 (None, )

ASN13335 (CLOUDFLARENET, US)
o-2527.prodtraff.com
2    156.67.36.15 (Germany)

ASN25418 (CQINT-, NL)
bl.flirthits.com
23    172.64.152.25 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
lpmedia.servefilesonly.com
imedia.servefilesonly.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
6    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
ajax.googleapis.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
23 servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 241271
imedia.servefilesonly.com — Cisco Umbrella Rank: 241222
358 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5708
onesignal.com — Cisco Umbrella Rank: 1415
img.onesignal.com — Cisco Umbrella Rank: 8171
91 KB
2 gstatic.com
fonts.gstatic.com
83 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
32 KB
2 flirthits.com
bl.flirthits.com
12 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
8 KB
1 prodtraff.com
o-2527.prodtraff.com
884 B
1 cloudtraff.com
trk.cloudtraff.com — Cisco Umbrella Rank: 890113
476 B
1 nina-trafficpartner.com
25-whatsapp.nina-trafficpartner.com
571 B
36 9
Domain Requested by
17 lpmedia.servefilesonly.com bl.flirthits.com
lpmedia.servefilesonly.com
6 imedia.servefilesonly.com bl.flirthits.com
3 onesignal.com cdn.onesignal.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.onesignal.com bl.flirthits.com
cdn.onesignal.com
2 bl.flirthits.com
1 img.onesignal.com
1 maxcdn.bootstrapcdn.com bl.flirthits.com
1 ajax.googleapis.com bl.flirthits.com
1 fonts.googleapis.com bl.flirthits.com
1 o-2527.prodtraff.com 1 redirects
1 trk.cloudtraff.com 1 redirects
1 25-whatsapp.nina-trafficpartner.com 1 redirects
36 13

This site contains no links.

Subject Issuer Validity Valid
*.flirthits.com
R10		 2024-07-10 -
2024-10-08		 3 months crt.sh
servefilesonly.com
E5		 2024-08-06 -
2024-11-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.onesignal.com
WE1		 2024-09-02 -
2024-12-01		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
onesignal.com
WE1		 2024-09-02 -
2024-12-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Frame ID: 45F90097B279337B51734D80E8A5D1F7
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

flirthits.com

Page URL History Show full URLs

  1. http://25-whatsapp.nina-trafficpartner.com/ HTTP 307
    https://25-whatsapp.nina-trafficpartner.com/ HTTP 301
    https://trk.cloudtraff.com/bed7c960-2f8d-4cba-a4e1-19a01bf7cb30?o=2137&subPublisher=25-whatsapp-neu&sou... HTTP 302
    https://o-2527.prodtraff.com/92e7e9cd-bf47-4c73-ac72-5559b4fc3ca8?subPublisher=25-whatsapp-neu&clicktag=%... HTTP 302
    https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

7
IPs

3
Countries

585 kB
Transfer

1062 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://25-whatsapp.nina-trafficpartner.com/ HTTP 307
    https://25-whatsapp.nina-trafficpartner.com/ HTTP 301
    https://trk.cloudtraff.com/bed7c960-2f8d-4cba-a4e1-19a01bf7cb30?o=2137&subPublisher=25-whatsapp-neu&source={affiliate_sub_id}&clicktag={unique_clickid} HTTP 302
    https://o-2527.prodtraff.com/92e7e9cd-bf47-4c73-ac72-5559b4fc3ca8?subPublisher=25-whatsapp-neu&clicktag=%7Bunique_clickid%7D&source=%7Baffiliate_sub_id%7D&o=2137 HTTP 302
    https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request da2005
bl.flirthits.com/landing/
Redirect Chain
  • http://25-whatsapp.nina-trafficpartner.com/
  • https://25-whatsapp.nina-trafficpartner.com/
  • https://trk.cloudtraff.com/bed7c960-2f8d-4cba-a4e1-19a01bf7cb30?o=2137&subPublisher=25-whatsapp-neu&source={affiliate_sub_id}&clicktag={unique_clickid}
  • https://o-2527.prodtraff.com/92e7e9cd-bf47-4c73-ac72-5559b4fc3ca8?subPublisher=25-whatsapp-neu&clicktag=%7Bunique_clickid%7D&source=%7Baffiliate_sub_id%7D&o=2137
  • https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b...
55 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
156.67.36.15 , Germany, ASN25418 (CQINT-, NL),
Reverse DNS
Software
nginx /
Resource Hash
ea9243c546327f00d56a1a787beb304a2adbe5e7bdc51c345e28e5bdccae325b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Sep 2024 20:32:57 GMT
link
<bl.flirthits.com/landing/da2005?tpcampid=6bed10a3-d244-4d7c-ae2f-3d82f6504b1d>; rel="canonical"
pragma
no-cache
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8bd88311f9f259f5-MXP
content-length
0
date
Tue, 03 Sep 2024 20:32:56 GMT
location
https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-trace-id
e2bed8dace75d342f1c024f93f20bbea
styles.min.css
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/styles.min.css?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Aug 2024 10:39:23 GMT
server
cloudflare
age
467187
etag
W/"66d04fdb-133a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831c2c374c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
styles-1.min.css
lpmedia.servefilesonly.com/build/widgets/loginFormBuilder/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/loginFormBuilder/styles-1.min.css?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6a2a98dc86acf1ff13dc2e621f9b4030025095526ee84a157f3ae20f190ddc

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Aug 2024 10:39:23 GMT
server
cloudflare
age
467186
etag
W/"66d04fdb-1100"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831c2c3b4c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
corner.css
lpmedia.servefilesonly.com/widgets/corner/ 		170 B
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/corner/corner.css?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 29 Aug 2024 10:39:42 GMT
server
cloudflare
age
467187
cf-polished
origSize=246
etag
W/"66d04fee-f6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831c2c3d4c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto+Condensed:400,700&display=swap
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
69a651a30c4b07b36c3f880bec80dc5da8c18b4311dde96caf15319f113d1877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 20:32:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Sep 2024 20:32:58 GMT
style-pink.min.css
lpmedia.servefilesonly.com/build/templates/DigitalAssistant1/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant1/style-pink.min.css?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff817e0f1f6780fc6e1ea756d4eb7accf2aa173bdd2f9b8827fc5f2e2c2fcf

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Aug 2024 10:39:23 GMT
server
cloudflare
age
467147
etag
W/"66d04fdb-44a8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831c2c394c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3150
etag
W/"09282956186c8515ef0d208902803581"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8bd883204cc40e1d-MXP
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 06 Sep 2024 20:32:58 GMT
flirthits.png
lpmedia.servefilesonly.com/img/_logos/ 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_logos/flirthits.png
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
170321f7ecf57de76b8d8db9207d4bdd80464161995293ead84f88edd41d84a4

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2024 10:16:50 GMT
server
cloudflare
age
47087
etag
"66cef912-3b7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8bd8831c2c404c67-MXP
content-length
951
expires
Wed, 11 Sep 2024 20:32:58 GMT
flirthits_w.png
lpmedia.servefilesonly.com/img/_logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_logos/flirthits_w.png
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23d03fe20fccc6dd7bb390ece4a448c072f184b7a5f604b4394b7fcf4b628cb6

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Aug 2024 10:39:24 GMT
server
cloudflare
age
49912
etag
"66d04fdc-5c2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8bd8831c2c424c67-MXP
content-length
1474
expires
Wed, 11 Sep 2024 20:32:58 GMT
bow.svg
lpmedia.servefilesonly.com/img/_btns/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_btns/bow.svg
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1257bc3979e3466a2d7e073925ca9b4a88691ae2620ab637ecd8734b83877c07

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2024 10:16:50 GMT
server
cloudflare
age
87134
etag
W/"66cef912-dc3"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
cf-ray
8bd8831c7cbb4c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
candels.svg
lpmedia.servefilesonly.com/img/_btns/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_btns/candels.svg
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a8a4370fa87bc4906c9309d938c651fa85aed67081601c5a5cdb9548bed32d

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 09:22:06 GMT
server
cloudflare
age
92787
etag
W/"66c7033e-1cf6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
cf-ray
8bd8831cad184c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
parfume.svg
lpmedia.servefilesonly.com/img/_btns/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_btns/parfume.svg
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72ec3f9b09d9b1e82f4f24fba969ac79c496b7d175ba18686cc959d11657363

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2024 10:16:50 GMT
server
cloudflare
age
516731
etag
W/"66cef912-1841"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
cf-ray
8bd8831cfda74c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
champaign.svg
lpmedia.servefilesonly.com/img/_btns/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_btns/champaign.svg
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da34a3b43775b1b28d38270d9c606b15152b7e2fc6c95cf669f5a7462cc38747

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2024 10:16:50 GMT
server
cloudflare
age
76735
etag
W/"66cef912-1d77"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
cf-ray
8bd8831d5e474c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
fe2fa54b-be19-4d54-8aaf-b32801a79766.png
imedia.servefilesonly.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/fe2fa54b-be19-4d54-8aaf-b32801a79766.png
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1cc0ce6cee9b34f82c1e29a3ce6bfd85f1589ada39c00008f960f3b6b9d90e8

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
via
1.1 c02572554c02a87f23aa1896dbdde042.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
64973
x-cache
Hit from cloudfront
content-length
37546
last-modified
Thu, 28 Jul 2022 11:55:02 GMT
server
cloudflare
etag
"33d0c798c9e02cbb4c4f78033995cba0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8bd8831d6e524c67-MXP
x-amz-cf-id
bel97xEx4QwRdLfxFG8qyH-huP1IONCtMSZzXpYqcn_2fI28PaSITQ==
expires
Wed, 11 Sep 2024 20:32:58 GMT
5837550c-1693-4532-af50-58e751e47ee2.png
imedia.servefilesonly.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/5837550c-1693-4532-af50-58e751e47ee2.png
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb5aa910603df66eb0dcb12c28b705b4b12ea3f49896423fdad18d410af5224

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
via
1.1 32174ed4da99d2d74849dd0f1a79aeee.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
36832
x-cache
RefreshHit from cloudfront
content-length
31417
last-modified
Thu, 28 Jul 2022 11:55:07 GMT
server
cloudflare
etag
"bb30e8d00b2872e1635131b75886f17c"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8bd8831d6e664c67-MXP
x-amz-cf-id
daGgs9rqHPTOQSlufeI08p3SMw1tGurIm0z6wfklcIL8TiSquJEqXg==
expires
Wed, 11 Sep 2024 20:32:58 GMT
ca69c307-a8a9-47e8-89af-f89f423bb5f2.png
imedia.servefilesonly.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/ca69c307-a8a9-47e8-89af-f89f423bb5f2.png
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1117f2bd29fad507b667aefac4ccf1047d58a534cbafe3a6f86b326394e437b9

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
via
1.1 60fd3afb7c20a7d618acbcbd60640b2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
69610
x-cache
Hit from cloudfront
content-length
27479
last-modified
Thu, 28 Jul 2022 11:55:13 GMT
server
cloudflare
etag
"4596fa0d95a83993f2da68341e3cf6f6"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8bd8831d6e644c67-MXP
x-amz-cf-id
dacGXBIi-g6hVmx23uiclwxb2OB_weAGcdXCOwaDeRZj_R97qBbbfQ==
expires
Wed, 11 Sep 2024 20:32:58 GMT
0e2a7ee2-9197-49e3-8266-ae9a9c7a2876.png
imedia.servefilesonly.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/0e2a7ee2-9197-49e3-8266-ae9a9c7a2876.png
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d75fff2fb96358155b14c945f463172e03142ad17a2463ea4c195c31b3def1f

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
via
1.1 c9be6cfe6ed4878baa6a34e5787d7d3e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
69610
x-cache
Hit from cloudfront
content-length
31257
last-modified
Thu, 28 Jul 2022 11:55:18 GMT
server
cloudflare
etag
"81d1abb7ed0c35eff0072765d85eaa1e"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8bd8831d6e604c67-MXP
x-amz-cf-id
d3qiBAiFNudRO_WDEyySf0fTqjgsCOd9BqkoMhg5unEkFWzcQ8lMhQ==
expires
Wed, 11 Sep 2024 20:32:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 17:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Sep 2025 17:16:56 GMT
scripts.min.js
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/scripts.min.js?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4722954ecc836fc6c7a33cb9165028311707de6a881f263cca72db7308053d04

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Aug 2024 10:39:23 GMT
server
cloudflare
age
467187
etag
W/"66d04fdb-541a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831d4e2b4c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
scripts.min.js
lpmedia.servefilesonly.com/build/widgets/loginFormBuilder/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/loginFormBuilder/scripts.min.js?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d37e562434311caef8e5421351c7432ad680b84739fd104258f88efc25249c7

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Aug 2024 10:39:23 GMT
server
cloudflare
age
467186
etag
W/"66d04fdb-ca2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831d5e404c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
scripts.min.js
lpmedia.servefilesonly.com/build/widgets/conversation/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/conversation/scripts.min.js?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9855ffd7206e3d0fce4cdda2d3a36476745d1f2d70e19b374aa45e18487f9ed9

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Aug 2024 10:39:23 GMT
server
cloudflare
age
467174
etag
W/"66d04fdb-163a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831d5e434c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
scripts.min.js
lpmedia.servefilesonly.com/build/templates/DigitalAssistant1/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant1/scripts.min.js?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66b3dc172a34613a8fbc1944016ca18fc997ba5df3db0c1a68800f75f13475ac

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Aug 2024 10:39:23 GMT
server
cloudflare
age
467169
etag
W/"66d04fdb-1de4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831d5e444c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
popwin.js
lpmedia.servefilesonly.com/js/ 		854 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/popwin.js?1416614
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 29 Aug 2024 10:39:41 GMT
server
cloudflare
age
467187
cf-polished
origSize=1177
etag
W/"66d04fed-499"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8bd8831d5e464c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15802397
cdn-cachedat
10/31/2023 18:48:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1456fb103ad8cdd0fb56078b08e25f96
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8bd8831c3885375c-MXP
cdn-requestpullsuccess
True
78a214d6-c945-46ee-a0c5-d676870fe042.jpg
imedia.servefilesonly.com/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/78a214d6-c945-46ee-a0c5-d676870fe042.jpg
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c3a0ef386fdb87d00bbbe367c2462dd017c8328c1d54a62c3f8a123668ac082

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
via
1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
VIE50-P1
age
53607
x-cache
Miss from cloudfront
content-length
165192
cf-bgj
h2pri
last-modified
Thu, 28 Jul 2022 11:55:34 GMT
server
cloudflare
etag
"6036baf985e34a7486842388b04a0759"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8bd8831def644c67-MXP
x-amz-cf-id
1X6xkjIFayFom0vixidTjyFBoBI6G7sSLDC3Ojw37giz0_wU7Yp0uA==
expires
Wed, 11 Sep 2024 20:32:58 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto+Condensed:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bl.flirthits.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:38:07 GMT
x-content-type-options
nosniff
age
327292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 01:38:07 GMT
arrow_right.svg
lpmedia.servefilesonly.com/img/_btns/ 		1 KB
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_btns/arrow_right.svg
Requested by
Host: lpmedia.servefilesonly.com
URL: https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant1/style-pink.min.css?1416614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca1a1ee4fd0edc1c9bc490bcf24cce4f2104b683baf5b25945774ef8464fc10

Request headers

Referer
https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant1/style-pink.min.css?1416614
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 09:22:06 GMT
server
cloudflare
age
93257
etag
W/"66c7033e-4bf"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
cf-ray
8bd8831def634c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
quotationmarks.svg
lpmedia.servefilesonly.com/img/_btns/ 		749 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_btns/quotationmarks.svg
Requested by
Host: lpmedia.servefilesonly.com
URL: https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant1/style-pink.min.css?1416614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150784b50aeb11151034be1b7e22d9bfb32c4efe5dc339c6e9d800377c73108a

Request headers

Referer
https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant1/style-pink.min.css?1416614
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Aug 2024 12:17:35 GMT
server
cloudflare
age
82868
etag
W/"66cdc3df-2ed"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
cf-ray
8bd8831def664c67-MXP
expires
Wed, 11 Sep 2024 20:32:58 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto+Condensed:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bl.flirthits.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:28:49 GMT
x-content-type-options
nosniff
age
126250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Sep 2025 09:28:49 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:59 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2123
etag
W/"7e91359b46e1da637080a03b759164fa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8bd88320ed9d0e1d-MXP
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 06 Sep 2024 20:32:59 GMT
web
onesignal.com/api/v1/sync/c55f933e-7981-4646-9886-82d7041313d3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/c55f933e-7981-4646-9886-82d7041313d3/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75976c71114e666523e6d10b3697a66cd8172fbe942881e0269fba017077a549
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:59 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
2343
cf-polished
origSize=3369
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3b7aee10-446d-4c9e-a5b2-e5c1aff5c68c
x-runtime
0.416885
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"a946c683690e01c9b43ca54174f32365"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8bd883251d1d4c6f-MXP
access-control-allow-headers
SDK-Version
expires
Tue, 03 Sep 2024 21:32:59 GMT
5fa24870-092b-445d-b6b7-afc3e32d5bc2.png
imedia.servefilesonly.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/5fa24870-092b-445d-b6b7-afc3e32d5bc2.png
Requested by
Host: bl.flirthits.com
URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222a4b332ab7a986e61b41e371cf9bfa16dc76187c2777be3c64c5c8e53a30f4

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:32:59 GMT
via
1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
32026
x-cache
Hit from cloudfront
content-length
33730
last-modified
Thu, 28 Jul 2022 11:55:35 GMT
server
cloudflare
etag
"bef3fb9c639955c8700271472cfad858"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8bd88323eb354c67-MXP
x-amz-cf-id
UGfCFo5FebBKucLflxMKno4qcFqEK5pCloiV4X0vz1TCyuTw81nhsw==
expires
Wed, 11 Sep 2024 20:32:59 GMT
idates_fav.png
bl.flirthits.com/assets/img/_favicons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bl.flirthits.com/assets/img/_favicons/idates_fav.png?1416614
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
156.67.36.15 , Germany, ASN25418 (CQINT-, NL),
Reverse DNS
Software
nginx /
Resource Hash
02499c6d83848aeef343364bd1e21f99b0f85c44a205f6f32acbabbec3f99f44

Request headers

Referer
https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:33:00 GMT
last-modified
Thu, 29 Aug 2024 10:39:24 GMT
server
nginx
etag
"66d04fdc-4c6"
content-type
image/png
cache-control
max-age=172800, public
accept-ranges
bytes
content-length
1222
expires
Thu, 05 Sep 2024 20:33:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:33:00 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1382
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8bd883291b844c6f-MXP
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 03 Oct 2024 20:33:00 GMT
icon
onesignal.com/api/v1/apps/c55f933e-7981-4646-9886-82d7041313d3/ 		184 B
824 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/c55f933e-7981-4646-9886-82d7041313d3/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
922173c43f856650bb0f23197803766165aabd55e18b74db169e5b4fa3f71612
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 20:33:00 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f2e17597-6608-4e68-98b9-7042aafd6234
x-runtime
0.013627
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"922173c43f856650bb0f231978037661"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
8bd8832c6eed5a25-MXP
access-control-allow-headers
SDK-Version
50388984-da7d-4a97-9dc4-9d5f6c043805
img.onesignal.com/permanent/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/50388984-da7d-4a97-9dc4-9d5f6c043805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26626897e533b99491a5f69051350ea0fe8e5ff6b808197b06e7aaeeb41393c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://bl.flirthits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Tue, 03 Sep 2024 20:33:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
939
x-guploader-uploadid
ACJd0NptjXKUR8mhXDv-QesY_A_HxlCYxGm0td9ZIVfnWsGSnroUhDiWu3moDZyht7wQKu4gDVg
x-goog-meta-x-goog-source-etag
"4ca372a09b7a2528ece9018ca438bb2b"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
7471
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:22:11 GMT
server
cloudflare
etag
"-CLSUlcGHlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676344931207732
content-type
application/octet-stream
x-goog-hash
crc32c=aFtu6g==, md5=TKNyoJt6JSjs6QGMpDi7Kw==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
7471
accept-ranges
bytes
cf-ray
8bd8832d49db0e1d-MXP
expires
Fri, 04 Oct 2024 20:33:01 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| OneSignal object| $birthDay object| $birthMonth object| $birthYear object| $birthDate function| eventChangeBirthDate function| disabledSelectOption function| validate18YearOld function| updateBirthDate function| insertParamsToURL string| avatar string| conversationData number| __oneSignalSdkLoadCount function| __jp0 function| $ function| jQuery object| x function| closeAllSelect object| dataCountries number| doneTyping object| countries function| _eventClickAutocomplete function| findCountryCode function| displayCountry function| findCountryName function| buildAutocomplete function| getCurentLocation function| getCurentLocationByIp function| sendCurrentLocation function| sendValidateLocation function| fillLocationValidated function| validateLocation function| validateLocationMessage function| getCurrentLink function| goToStep function| countdownToNextStep function| activeProgressBar function| Validator object| $btnOpenLogin object| $btnCloseLogin object| $loginFormHolder object| $errors object| $formLogin function| loginFormAddRequiredError function| submitHttpRequest function| Conversation object| configs object| conversation function| disableSelectLabel function| handlingCompleteValidateLocation function| showMessageInChat function| handleAfterGoNextStep function| validateUsername function| slideBackground object| Popwin

7 Cookies

Domain/Path Name / Value
.cloudtraff.com/ Name: __cf_bm
Value: rXJfQI0TyWy2sII_mOAVpLa7UdnydV90lIKeRHzjhoI-1725395576-1.0.1.1-trvws4hR6wTwfMyD0bieJN6txQmpgstNhvDLL2dKrw4_L53XmF_ZfEZsqGNq_WpS1gPGNvw3vsHexwjgggnMGQ
o-2527.prodtraff.com/ Name: attrk
Value: yes
.prodtraff.com/ Name: vcid
Value: %7B%22id%22%3A%2247ff62aa-0bae-4a5b-98f9-c872d1dc936e%22%2C%22firstTime%22%3A%22Sep+3%2C+2024%2C+8%3A32%3A56%E2%80%AFPM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Sep+3%2C+2024%2C+8%3A32%3A56%E2%80%AFPM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D
.prodtraff.com/ Name: __cf_bm
Value: AmSYPMOSSgbG04gpWsLtP_MnqE1Om_V311P9zuzF1aE-1725395576-1.0.1.1-oyxp5QFMpRFWEdtLYe4v_vmMbTRCLhou4a37k8RyXcIRyRJkKbxfdCcmu9sgisZwu7AS0bqTqfYHxTAgS_qBrw
bl.flirthits.com/ Name: PHPSESSID
Value: tbc3acretl98mc7afiukavft8g
.servefilesonly.com/ Name: __cf_bm
Value: lnMed7JF2hDYwugRHN1L6TSc9Olg1QvAcH0ySx8gCS4-1725395578-1.0.1.1-Kv.3d5JV2T3XXRt5ojdVD.W0T6U3wppOzoxyBLHcqV1R6BLPGoXpe07rl73HoEjllA_hCz34MYrWl4wA0mygMQ
.onesignal.com/ Name: __cf_bm
Value: NsXXS2OZf_sBCz40p_XZS_KTCa2TYUrLf0rUMF_XTDY-1725395578-1.0.1.1-VKt0hrLD6a45xadjzn5egOfXtnr8TUu8nyGgdK3P3T6BxBHWoBvjV6kWgMRtlZm6rIarmUv6g2rU9onj16220w

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://bl.flirthits.com/landing/da2005?clickId=2889d60a-60a2-4d0b-969b-c2ab015f347b&tracker=SGM_Pro&publisher=433&subPublisher=25-whatsapp-neu&4&zz=true&hit_id=2889d60a-60a2-4d0b-969b-c2ab015f347b&tp_redirect_id=2889d60a-60a2-4d0b-969b-c2ab015f347b
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25-whatsapp.nina-trafficpartner.com
ajax.googleapis.com
bl.flirthits.com
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
imedia.servefilesonly.com
img.onesignal.com
lpmedia.servefilesonly.com
maxcdn.bootstrapcdn.com
o-2527.prodtraff.com
onesignal.com
trk.cloudtraff.com
104.16.160.145
104.18.11.207
142.250.185.138
142.250.186.163
142.250.186.74
156.67.36.15
172.64.152.25
172.64.153.115
172.64.154.2
85.13.164.144
02499c6d83848aeef343364bd1e21f99b0f85c44a205f6f32acbabbec3f99f44
02ff817e0f1f6780fc6e1ea756d4eb7accf2aa173bdd2f9b8827fc5f2e2c2fcf
0c3a0ef386fdb87d00bbbe367c2462dd017c8328c1d54a62c3f8a123668ac082
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299
1117f2bd29fad507b667aefac4ccf1047d58a534cbafe3a6f86b326394e437b9
11a8a4370fa87bc4906c9309d938c651fa85aed67081601c5a5cdb9548bed32d
1257bc3979e3466a2d7e073925ca9b4a88691ae2620ab637ecd8734b83877c07
150784b50aeb11151034be1b7e22d9bfb32c4efe5dc339c6e9d800377c73108a
170321f7ecf57de76b8d8db9207d4bdd80464161995293ead84f88edd41d84a4
1ca1a1ee4fd0edc1c9bc490bcf24cce4f2104b683baf5b25945774ef8464fc10
1d6a2a98dc86acf1ff13dc2e621f9b4030025095526ee84a157f3ae20f190ddc
222a4b332ab7a986e61b41e371cf9bfa16dc76187c2777be3c64c5c8e53a30f4
23d03fe20fccc6dd7bb390ece4a448c072f184b7a5f604b4394b7fcf4b628cb6
3d75fff2fb96358155b14c945f463172e03142ad17a2463ea4c195c31b3def1f
4722954ecc836fc6c7a33cb9165028311707de6a881f263cca72db7308053d04
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5d37e562434311caef8e5421351c7432ad680b84739fd104258f88efc25249c7
66b3dc172a34613a8fbc1944016ca18fc997ba5df3db0c1a68800f75f13475ac
69a651a30c4b07b36c3f880bec80dc5da8c18b4311dde96caf15319f113d1877
75976c71114e666523e6d10b3697a66cd8172fbe942881e0269fba017077a549
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
922173c43f856650bb0f23197803766165aabd55e18b74db169e5b4fa3f71612
92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895
9855ffd7206e3d0fce4cdda2d3a36476745d1f2d70e19b374aa45e18487f9ed9
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181
b26626897e533b99491a5f69051350ea0fe8e5ff6b808197b06e7aaeeb41393c
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cbb5aa910603df66eb0dcb12c28b705b4b12ea3f49896423fdad18d410af5224
da34a3b43775b1b28d38270d9c606b15152b7e2fc6c95cf669f5a7462cc38747
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e72ec3f9b09d9b1e82f4f24fba969ac79c496b7d175ba18686cc959d11657363
ea9243c546327f00d56a1a787beb304a2adbe5e7bdc51c345e28e5bdccae325b
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
f1cc0ce6cee9b34f82c1e29a3ce6bfd85f1589ada39c00008f960f3b6b9d90e8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e