flirtooy.info Open in urlscan Pro
2606:4700:3035::ac43:bd7c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gniezno.mobdev.pl/
Effective URL:
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df...
Submission: On November 22 via api (November 22nd 2023, 5:20:37 pm UTC) from US — Scanned from US

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 22 domains to perform 73 HTTP transactions. The main IP is 2606:4700:3035::ac43:bd7c, located in United States and belongs to CLOUDFLARENET, US. The main domain is flirtooy.info.
TLS certificate: Issued by GTS CA 1P5 on October 11th 2023. Valid for: 3 months.

This is the only time flirtooy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3031::ac43:a0bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3038::6815:e991	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	212.77.100.83 212.77.100.83	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
1	212.77.98.9 212.77.98.9	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
1	2606:4700:303... 2606:4700:3037::6815:5ec5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c08::77	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::84	15169 (GOOGLE) (GOOGLE)
3	91.185.190.165 91.185.190.165	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
1	193.17.41.93 193.17.41.93	31080 (O2-AS) (O2-AS)
1 2	2606:4700:20:... 2606:4700:20::ac43:44ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.214.115 13.224.214.115	16509 (AMAZON-02) (AMAZON-02)
2	146.75.28.193 146.75.28.193	54113 (FASTLY) (FASTLY)
1 2	79.96.4.21 79.96.4.21	12824 (HOMEPL-AS) (HOMEPL-AS)
1	2606:4700:303... 2606:4700:3038::6815:ebcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:92a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.75.207.5 62.75.207.5	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2 3	173.0.157.204 173.0.157.204	7979 (SERVERS-COM) (SERVERS-COM)
14	2606:4700:303... 2606:4700:3035::ac43:bd7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::6815:215b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
73	22

13 2606:4700:3031::ac43:a0bd (United States)

ASN13335 (CLOUDFLARENET, US)

gniezno.mobdev.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mobdev.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3038::6815:e991 (United States)

ASN13335 (CLOUDFLARENET, US)

mamuski.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.77.100.83 (Poland) 1 redirects

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: www.kariera-wakacje.pl

b4.pinger.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.77.98.9 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: www.wp.pl

www.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5ec5 (United States)

ASN13335 (CLOUDFLARENET, US)

img-ovh-cloud.zszywka.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::77 (Ashburn, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.185.190.165 (Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ap10.aptus.pl

www.e-zikoapteka.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.17.41.93 (Poland)

ASN31080 (O2-AS, PL)
PTR: rev-93.go2.pl

e2.pudelek.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:44ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

znamlek.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.znamlek.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-115.phl50.r.cloudfront.net

content.internetvideoarchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.28.193 (Ashburn, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.96.4.21 (Poland) 1 redirects

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver051837.home.pl

apteka.cosmedica.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adresy.cosmedica.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ebcf (United States)

ASN13335 (CLOUDFLARENET, US)

www.sexeo.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:92a3 (United States)

ASN13335 (CLOUDFLARENET, US)

paczaizm.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.75.207.5 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: static-ip-62-75-207-5.inaddr.ip-pool.com

starsze.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.0.157.204 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

go.gkrtmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3035::ac43:bd7c (United States)

ASN13335 (CLOUDFLARENET, US)

flirtooy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.flirtooy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:215b (United States)

ASN13335 (CLOUDFLARENET, US)

api.flirtooy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	flirtooy.info flirtooy.info api.flirtooy.info	977 KB
13	mobdev.pl gniezno.mobdev.pl mobdev.pl	830 KB
7	mamuski.de mamuski.de	222 KB
3	gkrtmc.com 2 redirects go.gkrtmc.com — Cisco Umbrella Rank: 510172	4 KB
3	e-zikoapteka.pl www.e-zikoapteka.pl	118 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11595	2 KB
2	cosmedica.pl 1 redirects apteka.cosmedica.pl adresy.cosmedica.pl	91 B
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 7022	119 KB
2	znamlek.pl 1 redirects znamlek.pl www.znamlek.pl	569 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	starsze.icu starsze.icu	16 KB
1	paczaizm.pl paczaizm.pl	107 KB
1	sexeo.pl www.sexeo.pl	106 KB
1	internetvideoarchive.com content.internetvideoarchive.com — Cisco Umbrella Rank: 223673	14 KB
1	pudelek.pl e2.pudelek.pl	48 KB
1	blogspot.com 2.bp.blogspot.com — Cisco Umbrella Rank: 13790	23 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	22 KB
1	zszywka.pl img-ovh-cloud.zszywka.pl	76 KB
1	wp.pl www.wp.pl — Cisco Umbrella Rank: 33484
1	pinger.pl 1 redirects b4.pinger.pl	95 B
0	xxxfilmyporno.com Failed xxxfilmyporno.com Failed
73	22

	Domain	Requested by
10	flirtooy.info	go.gkrtmc.com flirtooy.info
8	api.flirtooy.info	flirtooy.info
8	mobdev.pl	gniezno.mobdev.pl mobdev.pl
7	mamuski.de	gniezno.mobdev.pl
5	gniezno.mobdev.pl	gniezno.mobdev.pl
3	go.gkrtmc.com	2 redirects gniezno.mobdev.pl
3	www.e-zikoapteka.pl	gniezno.mobdev.pl
2	fonts.gstatic.com	fonts.googleapis.com
2	counter.yadro.ru	1 redirects gniezno.mobdev.pl
2	i.imgur.com	gniezno.mobdev.pl
1	fonts.googleapis.com	flirtooy.info
1	starsze.icu	gniezno.mobdev.pl
1	paczaizm.pl	gniezno.mobdev.pl
1	www.sexeo.pl	gniezno.mobdev.pl
1	adresy.cosmedica.pl	gniezno.mobdev.pl
1	apteka.cosmedica.pl	1 redirects
1	content.internetvideoarchive.com	gniezno.mobdev.pl
1	www.znamlek.pl	gniezno.mobdev.pl
1	znamlek.pl	1 redirects
1	e2.pudelek.pl	gniezno.mobdev.pl
1	2.bp.blogspot.com	gniezno.mobdev.pl
1	i.ytimg.com	gniezno.mobdev.pl
1	img-ovh-cloud.zszywka.pl	gniezno.mobdev.pl
1	www.wp.pl	gniezno.mobdev.pl
1	b4.pinger.pl	1 redirects
0	xxxfilmyporno.com Failed	gniezno.mobdev.pl
73	26

This site contains no links.

Subject Issuer	Validity	Valid
mobdev.pl E1	`2023-11-10` - `2024-02-08`	3 months	crt.sh
mamuski.de E1	`2023-11-01` - `2024-01-30`	3 months	crt.sh
zszywka.pl E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
e-zikoapteka.com.pl R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh
*.kafeteria.pl RapidSSL TLS RSA CA G1	`2023-10-11` - `2024-10-24`	a year	crt.sh
*.internetvideoarchive.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-10`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
sexeo.pl GTS CA 1P5	`2023-10-09` - `2024-01-07`	3 months	crt.sh
paczaizm.pl E1	`2023-10-30` - `2024-01-28`	3 months	crt.sh
ar.starsze.icu R3	`2023-10-08` - `2024-01-06`	3 months	crt.sh
track.cpamatica.com R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
flirtooy.info GTS CA 1P5	`2023-10-11` - `2024-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381&source=66979&aff_sub=&aff_sub2=seo-sem
Frame ID: 2172161386BF70D81822FCF9BE48E84A
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dating Service

Page URL History Show full URLs

https://gniezno.mobdev.pl/ Page URL
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c Page URL
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c HTTP 302
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f8... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-
vue[.-]([\d.]*\d)[^/]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

73
Requests

74 %
HTTPS

55 %
IPv6

22
Domains

26
Subdomains

22
IPs

4
Countries

3283 kB
Transfer

3642 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gniezno.mobdev.pl/ Page URL
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c Page URL
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c HTTP 302
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381&source=66979&aff_sub=&aff_sub2=seo-sem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://b4.pinger.pl/fbf639bcb3bd9f263349c88193e3784b/lek_na_wszystko_niepierdol_max_31.jpg HTTP 302
https://www.wp.pl/?404&src01=99f53

Request Chain 14

https://znamlek.pl/upload/39af15f3f424fa0ebef294e7adff6a6a.jpg HTTP 301
https://www.znamlek.pl/upload/39af15f3f424fa0ebef294e7adff6a6a.jpg

Request Chain 17

https://apteka.cosmedica.pl/pol_pm_Opokan-Actigel-Lek-przeciwbolowy-i-przeciwzapalny-50-g-2162_1.png HTTP 301
https://adresy.cosmedica.pl/

Request Chain 44

https://counter.yadro.ru/hit;pldat3?t57.6;r;s1600*1200*24;uhttps%3A//gniezno.mobdev.pl/;hStarsze%20panie%20filmy%20erotyczne%20lek%20przeciwb%F3lowy%20nie%20pierdol;0.8911016818643187 HTTP 302
https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttps%3A//gniezno.mobdev.pl/;hStarsze%20panie%20filmy%20erotyczne%20lek%20przeciwb%F3lowy%20nie%20pierdol;0.8911016818643187

Request Chain 52

https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gniezno.mobdev.pl/ 39 KB
11 KB 376ms
279ms Document
text/html 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: a4e914fd8e62849bf47909524b3ee804a77180fa41a2a2c8871486a3ebbd2cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a2d7e6abc67476-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 17:20:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcZ9r%2Fc4knnSom0nb%2FC3Bgd%2Fkzg5B5dYK5V2dbIcWwQjfnilnDSCFlxmx5Dj3H6%2FCnPVMIpcI0rjjurih8I0%2FYeUzvLPSGOmhITNpyTorKDDRk0xRDgL5KQlBPvNp4Y6UY1voUiaGXcRzaYVQoejcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40

GET
H2 200 autoptimize_412f0cea6fbfc8a50f5c1268597d49cc.css
mobdev.pl/wp-content/cache/autoptimize/css/ 224 KB
41 KB 782ms
757ms Stylesheet
text/css 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobdev.pl/wp-content/cache/autoptimize/css/autoptimize_412f0cea6fbfc8a50f5c1268597d49cc.css
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c23a41dacf648c86096307353fbae4eb1ffc7b3eb697b144b17b56211707ffe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Jul 2021 19:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"37e04-5c7569cd6f000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbwCJbbHQdQlJPmQ3fe0ghdiGNhb8AoxiJUARL77lMRU8vMFyPXwTNgaHxDfa%2Bgdgr8gddL5IUzZ0JqPbmXGetX9JeK58T5ahdTwI8URAKyBpIRJQ%2Fs%2FCXjaw%2BmytPOotd3ghm%2FjeLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82a2d7e9383e7476-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 7c0510c48e2f91d8cff9c93fdca80d5e.jpg
mamuski.de/thumbs-mde/400x300/pornhub/ 15 KB
16 KB 469ms
380ms Image
image/jpeg 2606:4700:3038::6815:e991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamuski.de/thumbs-mde/400x300/pornhub/7c0510c48e2f91d8cff9c93fdca80d5e.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8997c1268f4a153732e5a52c89a3eb3a700573ae12b47d214bda8e9c482942

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Sep 2019 14:17:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3db0-5925bcc89753d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9uOU6ldN6mKMA%2BjsV1RSgfy3g97pholQhy4WL2LQdPhMR4RN05b4QcsFRIGtEJZKhGQuPtFWEVMlUhIf%2BOo2dcH%2FxwdSaiMIbmPykqx6htVlIN9NAec7LRHKfuftUUfZk3OHvPVIBff"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 82a2d7e9ab9209d2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 15792
expires: Wed, 06 Dec 2023 17:20:29 GMT

GET
H2 200 d444989647e1506f4aa429c538ff6636.jpg
mamuski.de/thumbs-mde/400x300/sex3/ 32 KB
32 KB 479ms
391ms Image
image/jpeg 2606:4700:3038::6815:e991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamuski.de/thumbs-mde/400x300/sex3/d444989647e1506f4aa429c538ff6636.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba4dcc1618a88246a8505e52a9e70f6f827f96165b9b9c721568a23c1f1a0b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Sep 2019 22:24:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7f1f-5929ef4b19a24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kogKf8QdyS%2Bq818exP7AD6zk52iJJafUsxphXsqC3hwnmUomzxyB8QCvZQrvhO1Hjem5hh1H85dAmXdu%2BDs%2FHZc%2FVVt51wHQVsVWtsAV5jJH9E%2B82jWEUeNF7TtE2zneVh282f8FGpGY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 82a2d7e9ab9309d2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 32543
expires: Wed, 06 Dec 2023 17:20:29 GMT

GET
H2

200

/
www.wp.pl/
Redirect Chain

https://b4.pinger.pl/fbf639bcb3bd9f263349c88193e3784b/lek_na_wszystko_niepierdol_max_31.jpg
https://www.wp.pl/?404&src01=99f53

0
0

792ms
332ms

Image
text/html

212.77.98.9
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wp.pl/?404&src01=99f53
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Server: 212.77.98.9 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: www.wp.pl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

location: http://www.wp.pl/?404&src01=99f53
date: Wed, 22 Nov 2023 17:20:30 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H2 200 5228-nie-masz-ochoty-na-trening-wez-niep.jpg
img-ovh-cloud.zszywka.pl/0/0620/ 76 KB
76 KB 730ms
541ms Image
image/jpeg 2606:4700:3037::6815:5ec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ovh-cloud.zszywka.pl/0/0620/5228-nie-masz-ochoty-na-trening-wez-niep.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d179cac173a7b0c93c30e2971f9a90b7a37ca80a7a4aa601af4ba1aa8468571b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
x-openstack-request-id: txf074f3519c2740e581042-00655e385d
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 50409
alt-svc: h3=":443"; ma=86400
content-length: 77493
x-trans-id: txf074f3519c2740e581042-00655e385d
last-modified: Sat, 17 Jun 2017 23:32:11 GMT
server: cloudflare
x-iplb-request-id: AC46FE43:C2FC_3626E64B:0050_655E385D_485A25:39F7
etag: 3fa6d70b9cbc9aa7c43201fa0ea6d285
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKNgfu%2FfCzCPBsb9QPzC%2FfRbcQYtWQl8f5lXal9BD8dG6J%2B6QmlctXfZiE9lytcFR6nPXlTK%2Bi2uZofigliYn8AGRZhAcfac0k5BEJCgKqsJxHPz%2F9llStkpr%2F9yuC90WucZEtYOZmh%2F8s78M%2B60Llb8B8d1c3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1497742330.86015
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a2d7ea3bbd8dc6-MIA

GET
H2 200 ec1bf4edfff07b931f08064aa7cd2053.jpg
mamuski.de/thumbs-mde/400x300/sexvid/ 31 KB
32 KB 474ms
387ms Image
image/jpeg 2606:4700:3038::6815:e991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamuski.de/thumbs-mde/400x300/sexvid/ec1bf4edfff07b931f08064aa7cd2053.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f0b4f7a03b25695ca9858b6eb9f109d3704576bd406509bf4950f887ba95a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 07 Sep 2019 06:16:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7d03-591f07f5601f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJv160XS4Wx5tutF4TJAgqjyG7PnMkyYL04o2%2FtfecOuv8ogKlw81ZC1pEEHQzhJocXjkr6muRfjPPnvUTHvwXLp5JXNuXVd2iyH83bpy8MXwHeC3VCXbL0vGrI5XDdTDicIy2Ts5cu%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 82a2d7e9ab9409d2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 32003
expires: Wed, 06 Dec 2023 17:20:29 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/pcLA66GzXiY/ 22 KB
22 KB 349ms
168ms Image
image/jpeg 2607:f8b0:4004:c08::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/pcLA66GzXiY/hqdefault.jpg

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::77 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d6fb0350445494df72402210f5b9b168ae1bd10dbfbea43393fe69be48fdc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22477
x-xss-protection: 0
server: sffe
etag: "1575974206"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Nov 2023 19:20:29 GMT

GET
H2 200 1bcac013b81eaa1131711c709f04a633.jpg
mamuski.de/thumbs-mde/400x300/anyporn/ 29 KB
29 KB 503ms
416ms Image
image/jpeg 2606:4700:3038::6815:e991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamuski.de/thumbs-mde/400x300/anyporn/1bcac013b81eaa1131711c709f04a633.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5c19ea06ba0a401062ab509c9d97a97ac976ec364fcef06e090448cb9f1fd3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Sep 2019 08:32:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7295-591de470bf268"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeyxvvRHgkjl1JYBhy9xlqGQ2Dwj1OBbAZbNYagqYIAM3V3M913PgXTIEr7XjS8EREu8W1tBAJfI7%2BxCljqll8XBWmRQiFr2SFiz%2BoHluWQK9EdRyMkfrBvgpam8FG03vSqLsIxzntfO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 82a2d7e9ab9509d2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 29333
expires: Wed, 06 Dec 2023 17:20:29 GMT

GET
H2 200 dexak-25mg.jpg
2.bp.blogspot.com/--rZPIPUJZmQ/V0ds6UO6bhI/AAAAAAAAAgM/VX6Qu05uJPENkozHZJEOybsFcMx1Js8vACLcB/s1600/ 23 KB
23 KB 454ms
274ms Image
image/jpeg 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/--rZPIPUJZmQ/V0ds6UO6bhI/AAAAAAAAAgM/VX6Qu05uJPENkozHZJEOybsFcMx1Js8vACLcB/s1600/dexak-25mg.jpg

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

327e3a04bfe432f01017e44f36d1bb1cb8f4f6f8f109b758c3b18cc3aac552fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v204"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dexak-25mg.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23137
x-xss-protection: 0
expires: Thu, 23 Nov 2023 17:20:30 GMT

GET
H2 200 73299865eecfc3b6172a64416465eb9d.jpg
mamuski.de/thumbs-mde/400x300/hotmovs/ 35 KB
35 KB 502ms
417ms Image
image/jpeg 2606:4700:3038::6815:e991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamuski.de/thumbs-mde/400x300/hotmovs/73299865eecfc3b6172a64416465eb9d.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5ac8664d0703e57e0669c3729b643b75bfd4d42911bb2fbfb534ba624d7eea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 14 Sep 2019 11:16:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8a1b-59281814198ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55P%2BiYLbAiQESuIeRg8cy%2FYCwvU1hl44tGmHhf99qkjul7HW9I5o25KmYQWEKQ45vL6P3COzfDqdtyQZpDSNSJGlvWD3rbL7Rzyq%2F5JRDLGVOw6dwJwkZWwxKACFniGV0rOlvNwgJzfE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 82a2d7e9ab9709d2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 35355
expires: Wed, 06 Dec 2023 17:20:29 GMT

GET
H2 200 ibuprom-max-400-mg-lek-przeciwbolowy-48-tabletek.1.1488894808.jpg
www.e-zikoapteka.pl/ 14 KB
15 KB 1160ms
161ms Image
image/jpeg 91.185.190.165
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.e-zikoapteka.pl/ibuprom-max-400-mg-lek-przeciwbolowy-48-tabletek.1.1488894808.jpg

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.185.190.165 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),

Reverse DNS

ap10.aptus.pl

Software

Apache /

Resource Hash

542fa213a5fb59575baca58d50f022d2a263356cb8d4c0ccc08f7ae36babb2e0

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
last-modified: Thu, 04 Mar 2021 04:29:55 GMT
server: Apache
etag: "39ed-5bcae6b6186dd"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 14829
expires: Tue, 20 Feb 2024 17:20:30 GMT

GET v01068.jpg
xxxfilmyporno.com/media/thumbs/8/ 0
0

GET
H2 200 14722f500010d8304bf312a7
e2.pudelek.pl/p1556/ 48 KB
48 KB 830ms
225ms Image
image/jpeg 193.17.41.93
O2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e2.pudelek.pl/p1556/14722f500010d8304bf312a7
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS: rev-93.go2.pl
Software: nginx /
Resource Hash: 9b04a32f105e36daaa849e650b9482ba391da54b80102774eb790867351e332d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
last-modified: Fri, 08 Mar 2019 20:12:07 GMT
server: nginx
etag: "397f85f7af75601c68382a2dedf169ca"
content-type: image/jpeg
x-rgw-object-type: Normal
x-proxy-type: virtual
accept-ranges: bytes
content-length: 49301

GET
H2

200

39af15f3f424fa0ebef294e7adff6a6a.jpg
www.znamlek.pl/upload/
Redirect Chain

https://znamlek.pl/upload/39af15f3f424fa0ebef294e7adff6a6a.jpg
https://www.znamlek.pl/upload/39af15f3f424fa0ebef294e7adff6a6a.jpg

568 KB
569 KB

727ms
709ms

Image
image/jpeg

2606:4700:20::ac43:44ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.znamlek.pl/upload/39af15f3f424fa0ebef294e7adff6a6a.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Server: 2606:4700:20::ac43:44ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb22a3cca19b97f27644fb2a9c1a4445dbfa7e0cb7798a0898aa644490c70fe2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:31 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2016 12:05:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "56b09b8a-8dea1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8ssi5L9hC%2FJaxFMGJps7FpQfTh5f8b4aGkQglIkhOCafzGWTB3t6ktFmkVFXNQN1WYz%2FJY6cMVIdNYeudRn%2FaGmi0AEjUA8%2FDyJX%2BzgFbcmZswPhNCkXOk2VQLPr8mBA2%2FUggwzBchcIXOa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82a2d7f02cef25b8-MIA
content-length: 581281

Redirect headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfbW6uHTHSQtM%2BBISWV28HB17mS08RcgYaYNvfiy543jdS0vZrcqvS1S9G69Gz2CZK5WUkXgWKoo11CTAHpoo2Dr8u8K7rGYc6A5ndC%2BCByObj%2BNZMN8O4bbHipN2wNA1i5oWVMPJKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.znamlek.pl/upload/39af15f3f424fa0ebef294e7adff6a6a.jpg
cache-control: max-age=86400
cf-ray: 82a2d7ecef7325b8-MIA

GET
H/1.1 200
OK 24521112_.jpg
content.internetvideoarchive.com/content/photos/5838/ 14 KB
14 KB 318ms
158ms Image
image/jpeg 13.224.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.internetvideoarchive.com/content/photos/5838/24521112_.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-115.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66018b9f51b1a0be0abee5ba452eb76066abcabef098185be9742263110f9fcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 17:20:31 GMT
Via: 1.1 aa68d5eaf078dffca4154e55039dbb84.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Sep 2014 19:25:31 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
ETag: "d5b5740ad2e01ff304515a2ba87f2776"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14098
X-Amz-Cf-Id: immBNVdhZ3BXnuN9jA6KuPSQ1L98MsQ-kYeDeswyoW9JQ8aVZ22Ehg==

GET
H2 200 1iiREuv.jpg
i.imgur.com/ 53 KB
54 KB 301ms
162ms Image
image/jpeg 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/1iiREuv.jpg

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6488cfe766bf967833292076ecbed823ef66e63b7f06299cbd4cc7a68202be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 0
x-cache: Miss from cloudfront, MISS
content-length: 54348
x-served-by: cache-iad-kiad7000074-IAD
last-modified: Tue, 24 Mar 2020 11:53:13 GMT
server: cat factory 1.0
x-timer: S1700673630.241072,VS0,VE107
etag: "8cd3e2c534643e7398f5f666b9e4bf76"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VwKWUR9SvcxPV5QB456rWc66RTVP2YDkNa-IT4oxC8f-S0RIaJ-EWA==
x-cache-hits: 0

GET
H2

200

/
adresy.cosmedica.pl/
Redirect Chain

https://apteka.cosmedica.pl/pol_pm_Opokan-Actigel-Lek-przeciwbolowy-i-przeciwzapalny-50-g-2162_1.png
https://adresy.cosmedica.pl/

0
0

299ms
161ms

Image
text/html

79.96.4.21
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adresy.cosmedica.pl/
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Server: 79.96.4.21 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS: cloudserver051837.home.pl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

location: https://adresy.cosmedica.pl
date: Wed, 22 Nov 2023 17:20:30 GMT
server: IdeaWebServer/5.3.0
content-type: text/html

GET
H2 200 pyralgina-500-mg-lek-przeciwbolowy-20-tabletek.2.jpg
www.e-zikoapteka.pl/ 49 KB
50 KB 658ms
161ms Image
image/jpeg 91.185.190.165
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.e-zikoapteka.pl/pyralgina-500-mg-lek-przeciwbolowy-20-tabletek.2.jpg

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.185.190.165 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),

Reverse DNS

ap10.aptus.pl

Software

Apache /

Resource Hash

c8c865cbb497a6f6eac7c8e35c9280c07fb2be5dfea52fb92d7a2b79e8ae9ea3

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
last-modified: Thu, 13 May 2021 06:19:14 GMT
server: Apache
etag: "c453-5c2301b37107f"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 50259
expires: Tue, 20 Feb 2024 17:20:30 GMT

GET
H2 200 161854_01big.jpg
www.sexeo.pl/wp-content/uploads/2016/09/ 106 KB
106 KB 266ms
172ms Image
image/jpeg 2606:4700:3038::6815:ebcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sexeo.pl/wp-content/uploads/2016/09/161854_01big.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39e1d439591503996a3e548490efb6866cb227a3df11e779b2b585264ac02e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 04 Nov 2023 19:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1a68b-65469dd8-863073;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmiKr5I%2FgSea1GMNzsOpC8lXGtY4GbodgIN1%2BpHBiylTemGswWZvNsuG%2BqLRGychlOH4oypuQLXXt4C3TJRjmdNl2MxDbSs2TICIhaIQ8pZgBv%2FG3GGo%2Fk41JspT8z8BscRVvopDNHy9Cc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 82a2d7ece8368db8-MIA
alt-svc: h3=":443"; ma=86400
content-length: 108171
expires: Wed, 29 Nov 2023 17:20:30 GMT

GET
H2 200 eutanazol-lek-na-wszystko-schopenhauer.jpg
paczaizm.pl/content/wp-content/uploads/ 106 KB
107 KB 828ms
587ms Image
image/jpeg 2606:4700:3033::ac43:92a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:92a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b1f19a15b9773b679d43884e6d1ba388cabe54b921a9596f290b7e7d0436bbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 108884
last-modified: Wed, 17 Jan 2018 20:22:21 GMT
server: cloudflare
etag: "1a954-5a5fb07d-daf07e1798a3c058;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxI1VMimjgqDXKdNfiBGlSisWWx8cH537XQPV1pBM67okj1sX%2Fvv9pIPYYWjoChCtzmBPrEjLzYU3gX0eg6iwEAVczfUmAtgUtuhZxEc6PiHuIpBGNRuM%2FtIZQpfql2KRgnPxaiNLKLFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82a2d7ef48d74c20-MIA
expires: Fri, 22 Dec 2023 17:20:30 GMT

GET
H2 200 doEoJdr.jpg
i.imgur.com/ 65 KB
65 KB 81ms
81ms Image
image/jpeg 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/doEoJdr.jpg

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a5f0d074ab18f672d35f2125c5e9ddbdd8a8cc92ef15280bf096ef3030b3da4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2251068
x-cache: Miss from cloudfront, HIT
content-length: 66454
x-served-by: cache-iad-kiad7000074-IAD
last-modified: Fri, 24 Apr 2020 22:15:40 GMT
server: cat factory 1.0
x-timer: S1700673630.379757,VS0,VE2
etag: "1c53e6b6c84045271485f99dd61f8a5c"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _DWDjrx7kmb8Gjhegthtc020Gd-io94O1wJD1VZAr81cp9IvK4vDiw==
x-cache-hits: 1

GET v17668.jpg
xxxfilmyporno.com/media/thumbs/8/ 0
0

GET
H2 200 e32130623556f47abe99140579cd5e8e.jpg
mamuski.de/thumbs-mde/400x300/winporn/ 40 KB
40 KB 432ms
432ms Image
image/jpeg 2606:4700:3038::6815:e991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamuski.de/thumbs-mde/400x300/winporn/e32130623556f47abe99140579cd5e8e.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691e0f4c7b2e109e7f171755481b4c3ea98a5b7d2d206e91630de169280b2eb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Fri, 27 Sep 2019 22:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9ed8-593903907f24b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ke7LXyl85VZgh8u%2BjY9bzMPxD72vRLb8N43E6cAw719FGcBamq2AW3ES%2FvfxvWA1l4Va7QToiwKHc%2BU6CEiyLWISCqOOVHFYZsW42YH1Rum7a9dfVNu5ps2mbeNxQrvnXfYrysj%2FBKXt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 82a2d7ee09df09d2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 40664
expires: Wed, 06 Dec 2023 17:20:30 GMT

GET
H/1.1 200
OK v07361.jpg
starsze.icu/media/thumbs/1/ 15 KB
16 KB 782ms
290ms Image
image/jpeg 62.75.207.5
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsze.icu/media/thumbs/1/v07361.jpg?1606182086
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.75.207.5 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: static-ip-62-75-207-5.inaddr.ip-pool.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2ca5f156f56a93a7df7696028afdefe2c9e503ed3923ac47b02a46bac743cb35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 17:20:30 GMT
Referrer-Policy: unsafe-url
Last-Modified: Tue, 24 Nov 2020 01:41:26 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5fbc64c6-3cff"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15615
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pyralgina-500-mg-lek-przeciwbolowy-6-tabletek.2.jpg
www.e-zikoapteka.pl/ 54 KB
54 KB 341ms
161ms Image
image/jpeg 91.185.190.165
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.e-zikoapteka.pl/pyralgina-500-mg-lek-przeciwbolowy-6-tabletek.2.jpg

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.185.190.165 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),

Reverse DNS

ap10.aptus.pl

Software

Apache /

Resource Hash

24f2e7453b7e8d501b9cd7b3a922dabc9b584e6491daf42eb7affb67e2c9194d

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
last-modified: Thu, 06 May 2021 09:42:32 GMT
server: Apache
etag: "d69e-5c1a62162316a"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 54942
expires: Tue, 20 Feb 2024 17:20:30 GMT

GET
H2 200 13eb7fe4c16d4578a64e33c3dfa05320.jpg
mamuski.de/thumbs-mde/400x300/xhamster/ 38 KB
38 KB 380ms
379ms Image
image/jpeg 2606:4700:3038::6815:e991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamuski.de/thumbs-mde/400x300/xhamster/13eb7fe4c16d4578a64e33c3dfa05320.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4b4621eb50577d77884637be41368232876cf4a643ae7f7966f478eb68933d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 21 Sep 2019 23:22:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9762-5931876bfcf4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BKRsXT%2FjkgEARwJismF5RzjN9oAH%2BEe0P43EjSTSkAIcVfkFzsomQejM5V42L4qlKsi9AjpxuKxpRm7eMTPC3Uaoz%2FXfKuLyXjPEAKJLYXrtRuy3cRGvdEdFwIgU0sLJx4uyJCr8kQM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 82a2d7ee3a0d09d2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 38754
expires: Wed, 06 Dec 2023 17:20:30 GMT

GET
H3 200 organizer-730x340.jpg
mobdev.pl/wp-content/uploads/2017/03/ 50 KB
51 KB 957ms
956ms Image
image/jpeg 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cda22920dd01b8c2a41e26e65e2b7f44aed4b796f531dbcd7062991d59c5b99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Jul 2021 19:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c9bc-5c7569cd6f000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWJ1XDytZ4J24wOy1bG1JrFAl5NZrrIAo7bdb9UqnEgiHFNIlDYQtHFt%2Be8%2FtzmawCZzCh3OFM4QgngLqtnoKvm3dYmiT4vJK%2BJaxj9SQscb3rYBaHzF7NhpZC7R0bTuISntRSo5Vig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a2d7ee3c59741c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 51644

GET
H3 200 kurs-730x340.png
mobdev.pl/wp-content/uploads/2017/03/ 362 KB
363 KB 1008ms
1007ms Image
image/png 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobdev.pl/wp-content/uploads/2017/03/kurs-730x340.png
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c774a31b4e35e8c9f44328f78776b7756a280b3c9809d195e9896416257edf5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Jul 2021 19:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5a842-5c7569cd6f000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3845ZNRZxxnFSv5%2BpYTrq6XZfLEm1HIXDcSJQIpBSVTrsDsQhAb42Se6YRC2ukFJsLbQ%2F4NbtWdS%2BfDlEU2UZ55X5GHN8t6hEYN5%2BSWfvewjZhRuzVF%2FMVmu5%2FJkQtj6wYomiI3AEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a2d7ee3c5c741c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 370754

GET
H3 200 jee-logo.png
mobdev.pl/wp-content/uploads/2017/03/ 70 KB
70 KB 1329ms
1328ms Image
image/png 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobdev.pl/wp-content/uploads/2017/03/jee-logo.png
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22b238fbf23b3ab5e871c891e01146d528f64e6046afe1c65ae005f097691230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Jul 2021 19:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "11681-5c7569cd6f000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXjKznWXK7OLOQNITBYcfI2uvAWUaTZbcH2DD%2FCk%2FdfdzyUwjUuEXx78mggzFlhEcu2hdYX2jJpe3uJMf%2Bi9m3s%2FfryBnf5XLz%2Fn7itF9jvwwT%2FqAdqASkbqNlm5du%2F7p1zck3bOl54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a2d7ee3c5e741c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 71297

GET
H3 200 20130710_140804-e1488479182296-730x340.jpg
mobdev.pl/wp-content/uploads/2017/03/ 24 KB
24 KB 375ms
375ms Image
image/jpeg 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobdev.pl/wp-content/uploads/2017/03/20130710_140804-e1488479182296-730x340.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ba7f0366f1f56591a9d7004c7fd0e0301195aab9813bf42742392c0d129935

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Jul 2021 19:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e62-5c7569cd6f000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FBC6Y3qmkpe0%2Fps7lDjSCJDl%2FJLtkE5UjbRP7fPbsyjePEqLDMrU7Hl9tqGNP6TzPD1ufVsWSjxTrlNpfyYXMHdJsBHhidQ%2BINYXdSYt167gbA1eAxXK3XpAV3KlJi95we%2BMszU1iM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a2d7ee3c60741c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 24162

GET
H3 200 dsp2017-1-e1487596214193.png
mobdev.pl/wp-content/uploads/2017/02/ 5 KB
6 KB 281ms
280ms Image
image/png 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobdev.pl/wp-content/uploads/2017/02/dsp2017-1-e1487596214193.png
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bda15c58123126e81353caebda2a8277b65a2e6f8e5490dd33c6eee9290ac979

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Jul 2021 19:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1477-5c7569cd6f000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZswNldXFWqZwsXW2s6AY8lxjL5JeV%2BlWc6r%2BNNgRW8sFd2uxnCk2B%2FV%2BvYgIMA1i6SuSBzLYnLQURDsWC%2Bndgy3BjcziJo%2FHsREx3h1uYUGlonvgC2CLCDU2MYXg%2BwTGMm8UVY0AIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a2d7ee3c61741c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 5239

GET
H2 200 email-decode.min.js Show response
gniezno.mobdev.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 32ms
30ms Script
application/javascript 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gniezno.mobdev.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2S0yTRzwX9%2FNK46Qxv1PwCoTH7a4D74MEafyamCKvxm6Ig4F8SfVXOGdi%2FhISb8LA1gVFdXMauBr77OBYG2VwsKUrvVa8imF6b%2Fsv%2FnpgkVvQ7prG0DxTo5ng2ZTMjQrsLW6VL%2BLQIUgglBmFdHGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82a2d7e9383a7476-MIA
expires: Fri, 24 Nov 2023 17:20:29 GMT

GET
H3 200 jvjqoap.js Show response
gniezno.mobdev.pl/ 984 B
945 B 327ms
327ms Script
application/javascript 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gniezno.mobdev.pl/jvjqoap.js?0.7075162587982087&q=[object%20HTMLScriptElement]
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 700a0419b1d522bcda138e12adb341d4a6588768a8ccc0ae4dca77a56903519d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 17:20:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRxCrV9%2FypLRWm5n84Sf9vgOe8xCUIGSoxr9qZMn%2BAATXreQGetwatzt717xxoGlw8H5ydSq9HeFsKUAoVQ8fqQbO8Ay9ez51Ve4miscMkFWOQpKjPOLlvN9KIkBGrpSddpZUSAdnmvx0C%2BXu4Zxgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82a2d7edfbf6741c-MIA
alt-svc: h3=":443"; ma=86400

GET organizer-730x340.jpg
mobdev.pl/wp-content/uploads/2017/03/ 0
0

GET kurs-730x340.png
mobdev.pl/wp-content/uploads/2017/03/ 0
0

GET organizer-730x340.jpg
mobdev.pl/wp-content/uploads/2017/03/ 0
0

GET jee-logo.png
mobdev.pl/wp-content/uploads/2017/03/ 0
0

GET organizer-730x340.jpg
mobdev.pl/wp-content/uploads/2017/03/ 0
0

GET kurs-730x340.png
mobdev.pl/wp-content/uploads/2017/03/ 0
0

GET organizer-730x340.jpg
mobdev.pl/wp-content/uploads/2017/03/ 0
0

GET 20130710_140804-e1488479182296-730x340.jpg
mobdev.pl/wp-content/uploads/2017/03/ 0
0

GET dsp2017-1-e1487596214193.png
mobdev.pl/wp-content/uploads/2017/02/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;pldat3
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;pldat3?t57.6;r;s1600*1200*24;uhttps%3A//gniezno.mobdev.pl/;hStarsze%20panie%20filmy%20erotyczne%20lek%20przeciwb%F3lowy%20nie%20pierdol;0.8911016818643187
https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttps%3A//gniezno.mobdev.pl/;hStarsze%20panie%20filmy%20erotyczne%20lek%20przeciwb%F3lowy%20nie%20pierdol;0.8911016818643187

911 B
1 KB

190ms
190ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttps%3A//gniezno.mobdev.pl/;hStarsze%20panie%20filmy%20erotyczne%20lek%20przeciwb%F3lowy%20nie%20pierdol;0.8911016818643187

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 17:20:31 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 911
Expires: Mon, 21 Nov 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 17:20:30 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttps%3A//gniezno.mobdev.pl/;hStarsze%20panie%20filmy%20erotyczne%20lek%20przeciwb%F3lowy%20nie%20pierdol;0.8911016818643187
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 21 Nov 2022 21:00:00 GMT

GET
H3 200 background.jpg
mobdev.pl/wp-content/themes/llorix-one-lite/images/background-images/ 136 KB
136 KB 502ms
502ms Image
image/jpeg 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobdev.pl/wp-content/themes/llorix-one-lite/images/background-images/background.jpg
Requested by: Host: mobdev.pl
URL: https://mobdev.pl/wp-content/cache/autoptimize/css/autoptimize_412f0cea6fbfc8a50f5c1268597d49cc.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b25cac99cbc2931812c9566b7767d725583963bd019a72663825370d6ffd05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mobdev.pl/wp-content/cache/autoptimize/css/autoptimize_412f0cea6fbfc8a50f5c1268597d49cc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Jul 2021 19:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "21fbc-5c7569cd6f000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvEy7tarJbkGz2Kgjua3nc6We%2B%2Bf0L3MWsua1fA72CgriyCdzJ%2FzzsaK7DeAXb6gYedNQHHtx971FHKCsLcOvueiDB7w6dy7dHH0SSk1HjDke0s0kBtyamFMqjkWtBFY2AcXFss2mM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a2d7ee1c1d741c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 139196

GET
H3 200 tlo.jpg
mobdev.pl/wp-content/uploads/2017/02/ 125 KB
126 KB 578ms
578ms Image
image/jpeg 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobdev.pl/wp-content/uploads/2017/02/tlo.jpg
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94af3d2c7ca1cb4c377697fa276a0ac8e1c390f0b83225b80207364d2d1f560b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Jul 2021 19:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1f456-5c7569cd6f000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxUQN5iilrdgUTtop5b0%2BKrEg%2FzepDrV0zS90sqh%2BiGmmX3F0cexSp6r7XfwXKUZqmx0rbf5rmjoyrD4%2BPRJMVhQsShQ5R6CptdcT8EWazm7Bq5zTY9NwoyShScpEMHu5js61VDG7ZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a2d7ee1c1e741c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 128086

GET fontawesome-webfont.woff2
mobdev.pl/wp-content/themes/llorix-one-lite/fonts/ 0
0

GET
H3 404 yozjmgo.gif
gniezno.mobdev.pl/ 209 B
209 B 1068ms
1067ms Image
text/html 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gniezno.mobdev.pl/yozjmgo.gif?ref=&url=https%3A//gniezno.mobdev.pl/&scr=1600x1200&q=1700673630&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.159%20Safari/537.36&0.0233283438574603
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c129bb40f1c98ac6c01f8ccd48a5263829e53c13f495cded7e29d5c86cacd738

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:30 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRy7Qxb1%2F8drLAvv8Eh9HR6kp9La5btYIODMJBkkC183ThXA%2Bn8rW1Hvni5cT8gJfrsV%2FM8RkZtY3IlBob5ZnxjG1nrFFwmvzNlDCmK2wOm3sOQLRoCn33o74hccHPuOiRGJgb5J6NGgUTPGPRMm2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 82a2d7f00ffc741c-MIA
alt-svc: h3=":443"; ma=86400

GET fontawesome-webfont.woff
mobdev.pl/wp-content/themes/llorix-one-lite/fonts/ 0
0

GET fontawesome-webfont.ttf
mobdev.pl/wp-content/themes/llorix-one-lite/fonts/ 0
0

GET
H3 200 jeacskt.js
gniezno.mobdev.pl/ 550 B
798 B 316ms
316ms XHR
application/javascript 2606:4700:3031::ac43:a0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gniezno.mobdev.pl/jeacskt.js?get=1&q=1700673630&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.159%20Safari/537.36&0.4151580983895553
Requested by: Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/jvjqoap.js?0.7075162587982087&q=[object%20HTMLScriptElement]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gniezno.mobdev.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 17:20:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uarGaxsGMLrHqSCqcWGK1GpP4in7RYJcE1pfzukwkr9%2FbVfn%2FsYSRYp49OEgdXtKtyvHuLT9RAIouv6JWNYnWAcJSJ06aBVPMLENb86OHDFNweQQejR3TuuQxGA4NA49pYOdO53Ldb5WajH5QGq5Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82a2d7f6bcd4741c-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

cl
go.gkrtmc.com/
Redirect Chain

https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c

1 KB
2 KB

59ms
58ms

Document
text/html

173.0.157.204
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c

Requested by

Host: gniezno.mobdev.pl
URL: https://gniezno.mobdev.pl/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.0.157.204 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store no-store, no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 22 Nov 2023 17:20:32 GMT
ETag: W/"579-0Vsjzx+kUoPTVO57S1z+EjAkaOk"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

Redirect headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 264
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 22 Nov 2023 17:20:32 GMT
Location: https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

GET
H2

200

Primary Request / Show response
flirtooy.info/
Redirect Chain

https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381&source=66979&aff_sub=&aff_sub2=seo-sem

6 KB
3 KB

330ms
258ms

Document
text/html

2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381&source=66979&aff_sub=&aff_sub2=seo-sem
Requested by: Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdcdb247602cc67f36ec006571e24f14d647f7aaf5a492847710960060d82b09

Request headers

Referer: https://go.gkrtmc.com/cl?offer_id=10170&aff_id=47487&aff_sub=66979&aff_sub5=seo-sem&bofc=aff_c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, no-transform
cf-cache-status: DYNAMIC
cf-ray: 82a2d7fc6e1e8da3-MIA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 17:20:32 GMT
etag: W/"65577842-17a9"
expires: 0
last-modified: Fri, 17 Nov 2023 14:27:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI9uP5IgIJoB7MTTZExRi%2B5PBBgCb9KlUY1q%2F%2BnFALnmqgbadlwpL8j8ag5tfqNzcC9us3fhD%2B%2BlXnobPpVhW%2FlxJefKqhIZgZOBBwY0PCjiYowUatmelOJnNBjL%2BrHpNXP3F%2BT9p5%2BjkCj4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 484
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 22 Nov 2023 17:20:32 GMT
Location: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381&source=66979&aff_sub=&aff_sub2=seo-sem
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 188ms
63ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381&source=66979&aff_sub=&aff_sub2=seo-sem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 17:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 17:01:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 17:20:33 GMT

GET
H2 200 chunk-vendors.0ff68660.js Show response
flirtooy.info/js/ 183 KB
67 KB 54ms
52ms Script
application/javascript 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/js/chunk-vendors.0ff68660.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c4df381ae5daa0a3fd01ba2be0a2fb309728fea5080cec85fdcb12dfc7034c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 366266
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 14:27:14 GMT
server: cloudflare
etag: W/"65577842-2dd30"
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNieL1vEKAW%2BZYfFGKDV8wB7huhbaFabOjaSt2iIa9AUIZq9%2BqDoKsy1wPQc1LjR1%2FgD2mky2vBg2vKs3zY73bfs70t5idttCWKzT%2BhBXt1m5iAbkoeuLZqcHKabIy8ydhaioCairtLsMSbO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 82a2d7fe39558da3-MIA
expires: Mon, 18 Dec 2023 11:36:07 GMT

GET
H2 200 app.bfad68f7.js Show response
flirtooy.info/js/ 27 KB
8 KB 49ms
48ms Script
application/javascript 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/js/app.bfad68f7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae30861356eedbe1328aa25508bc6583c079d4ebcd6db1aceb659a2a3a7a499

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95727
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 14:27:14 GMT
server: cloudflare
etag: W/"65577842-6c85"
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pecnZ4ZB8jWPLJPlCo6fkI3ayfczmUY1U2P8Uk7ug3nGQuh2pbIcoLBmz0jA1p4OoZGa6lRLdMqayti5Or0HqmToLkqGEa8B9Ft0ch8Ee%2F4Paa3bNNP7y9xSwgGVkekL6EmRpuAXCfgBgwWk"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 82a2d7fe39598da3-MIA
expires: Thu, 21 Dec 2023 14:45:06 GMT

POST
H3 400 client-visit Show response
api.flirtooy.info/v1/public/ 136 B
637 B 149ms
148ms XHR
application/json 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/public/client-visit
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8b099cb0c9a08569bef7b8f3582549c72e08e01e14ffe5e168188f83aa9630be

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"88-xJWWTWJQ7nvWpgYW8DEMLLScpwM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68jyO%2F2bhIBLBlkr9tV4ZgpfDLJDz12rd70yS3RYEAZsBAIkwB6oJmB27VGi8xYiJ2hjPo6Qs3KkV9xY%2Fs6JeRDHcGZZrXH3xjWlpZ7N2bD0DqXHukkfPBY4wzoOg8lsuJYLV%2BBmmE%2FHEuHOJojapw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flirtooy.info
access-control-allow-credentials: true
cf-ray: 82a2d800cbd70a32-MIA
alt-svc: h3=":443"; ma=86400
content-length: 136

OPTIONS
H2 204 client-visit
api.flirtooy.info/v1/public/ 0
0 223ms
144ms Preflight
text/plain 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/public/client-visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a2d7ffefcd7430-MIA
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 22 Nov 2023 17:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVcOmmTAAGhZNriv9hhuI8UT04lwpAfxTsAkIW%2FmlxDEPzwPgDQzBypVTO7VOrMqOiAwzx4nwPohHbMyrh%2FXVaA%2FqignhGdB6%2Fx%2BdM%2BmQjsdyrCcVDAtf8iNooRC0qo3Ohd7Yk0BowcKcWD2UHYZRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 201 auth Show response
api.flirtooy.info/v1/user/ 596 B
2 KB 241ms
241ms XHR
application/json 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/auth
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.0ff68660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8d0f0265f8220d3847854bfdfeb3d54a1bc1ae58ee0ec880063ad9787f506719

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"254-xReplis6BweUUIlHWcMP7Vp8zSg"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flirtooy.info
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21283VrhKAFLfh1NUCKDtmZ7bvWaNjBwvfnh8CwlOq6Odl%2F%2F1RQe44N71ZKATEdTOQlKE05XLJ9vEHykmTbAMgEpCbCTsFklB1gLdWZLQqYGJu40qtyKoIuIdo3VYGy9q7nSYUoV6OQyY%2F3RLg4vDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 82a2d800cbdf0a32-MIA
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
content-length: 596
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 auth
api.flirtooy.info/v1/user/ 0
0 167ms
147ms Preflight
text/plain 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a2d7ffefd17430-MIA
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 22 Nov 2023 17:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sL84uZCnmgmpnV4RXJiKD3%2FWRPl8vJzRGK6STsaymv3dR%2FncjUzUwcK7B8cVTk5OiDOY8yEF2EX1ZgORu6LYPumTEAbojjjya6Kt3sPXVOGVPdJjG4ptrPPzLh%2FKpOgiFSDFYXmUQ6a7DvLoWhj9NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 166ms
51ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flirtooy.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:32:36 GMT
x-content-type-options: nosniff
age: 28077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 09:32:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 170ms
65ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flirtooy.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:53:43 GMT
x-content-type-options: nosniff
age: 30410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 08:53:43 GMT

GET
H3 200 land-64_2-vue.33f40f84.css
flirtooy.info/css/ 11 KB
3 KB 37ms
36ms Stylesheet
text/css 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/css/land-64_2-vue.33f40f84.css

Requested by

Host: flirtooy.info
URL: https://flirtooy.info/js/app.bfad68f7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bca217950fad63a0001b574e0226ccc2959801c194694a66fc996eff1eaccef

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 520638
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 Nov 2023 14:30:55 GMT
server: cloudflare
etag: W/"6554d61f-2c83"
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86y2Ks4J16td2kyetqsv5iHD6yKa7WjLx9EU%2F%2BBj4RJu2PKXbvHy8iJerHyj2GmTzQW%2FZnpGB3Vy0tADNVscjqwBG%2FIj4DOwphT6XbiUMgNG7uTkHe6BjYdbhps5ydNdR9e0MJTWefClW6rd"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 82a2d8025e670a32-MIA
expires: Sat, 16 Dec 2023 16:43:15 GMT

GET
H3 200 land-64_2-vue.7fc1df1a.js Show response
flirtooy.info/js/ 24 KB
9 KB 41ms
40ms Script
application/javascript 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/js/land-64_2-vue.7fc1df1a.js

Requested by

Host: flirtooy.info
URL: https://flirtooy.info/js/app.bfad68f7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f43077eae23d2fb4b9de5490681e2b35c23c9425ad2ad03add4551a3faf8fb59

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 263346
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 14:27:14 GMT
server: cloudflare
etag: W/"65577842-5fbd"
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=An%2Bc3m%2F62OO18maeBspmFjU4p17AY3hNjfd8bjeRQVfzYjoSFjKSeT0aZrdbnz9NKffvidF3%2FVDpGKywkNRiMkU0Z31YsY24CJkhEk9wtIhDYkOn5bllcjqjK2tNpWlQUWtPf6N7T%2ByxEpKo"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 82a2d8025e6c0a32-MIA
expires: Tue, 19 Dec 2023 16:11:27 GMT

GET
H3 200 anal Show response
api.flirtooy.info/v1/user/ 26 B
628 B 170ms
170ms XHR
application/json 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/anal?event=push_subscription_show
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.0ff68660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiNmVmMDkyNGUtY2JhYi00NDVjLWJjZDItZjk1NjUyYjIyNjM3IiwidmlzaXRfaWQiOiIzYTM0MjFkMS1jODVhLTRjMDYtOGU5NC1iN2NkZjBmNmYxMDMiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOltdLCJwcmVsYW5kX3VybCI6IjY0XzIiLCJpYXQiOjE3MDA2NzM2MzMsImV4cCI6MTczMjIzMTIzM30.HK_8bhqhdgnnwJwNm8ivPm-kl_Loj8OR6-6Y0PgN9vA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flirtooy.info
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFIN3IHDp%2Ba76BxBzUJ9ZxtzeIpbczvX%2BKsk0DwKSDiVaXLdJYZvZBYlTgM%2BG8%2B%2FuWp0xZ%2BpJapwxk%2BGNgM7Jcxd2I1rUt6QX3foahN6robonQEt6NT0ekVsyUF2ytF5r%2F2nxtlQsUe%2F85Ssg6D2xg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 82a2d80358140a32-MIA
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device

OPTIONS
H2 204 anal
api.flirtooy.info/v1/user/ 0
0 150ms
148ms Preflight
text/plain 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/anal?event=push_subscription_show
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a2d8026c0a7430-MIA
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 22 Nov 2023 17:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf1gHY%2Bof467LdexPO%2BhTAxyuWl8XKgGcpVutXNQajX6vOX%2BJ0Nt%2F1kgwUAH815POtkSVf9o6EOa9LF%2FVDMMvJFRRU1kK8QFvZcQZMEI2t8PGBIN7EUx72I%2FcKE2ISFrZ%2BjEkSKc8mNcpb8fiNKZew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 201 push-subscription Show response
api.flirtooy.info/v1/user/ 26 B
604 B 174ms
173ms XHR
application/json 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/push-subscription
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.0ff68660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiNmVmMDkyNGUtY2JhYi00NDVjLWJjZDItZjk1NjUyYjIyNjM3IiwidmlzaXRfaWQiOiIzYTM0MjFkMS1jODVhLTRjMDYtOGU5NC1iN2NkZjBmNmYxMDMiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOltdLCJwcmVsYW5kX3VybCI6IjY0XzIiLCJpYXQiOjE3MDA2NzM2MzMsImV4cCI6MTczMjIzMTIzM30.HK_8bhqhdgnnwJwNm8ivPm-kl_Loj8OR6-6Y0PgN9vA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flirtooy.info
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STdx5JdXWd2yC3GwGtaRJon%2BYmBi1471zdzziI0Eiaut0t7KcZ46hQFHg6VUSdRClHUDIS9yNYV7g0mvhskDANiqubWk4SsvIEtELtqct760Wwd65OIrdB6zloZ8axxNCKIpKual%2BtApS6nfs2hFBw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 82a2d803480b0a32-MIA
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
content-length: 26
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 push-subscription
api.flirtooy.info/v1/user/ 0
0 145ms
144ms Preflight
text/plain 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/push-subscription
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a2d8026c0b7430-MIA
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 22 Nov 2023 17:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m6vrb2YyS6SG2X6Rw3hVTCR%2FYQc6nMn3JQyeikkMFQWlk8uAu%2Bqq%2F3f4YhET6N4usqYuaRIEmBMfUpobE3loXYT%2F4B8s0E6Yhm03xjqzRs4BVYBYerebr2IYvXVOEB7bh8RgmMskgNbWdxMo4VpDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 bg1.64e4ddae.jpg
flirtooy.info/img/ 179 KB
180 KB 41ms
38ms Image
image/jpeg 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flirtooy.info/img/bg1.64e4ddae.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d3616b18ae6d886579db07b3683507f3afc60020d61a3fd247d89f2eed27e4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 227871
alt-svc: h3=":443"; ma=86400
content-length: 183469
last-modified: Fri, 17 Nov 2023 14:27:14 GMT
server: cloudflare
etag: "65577842-2ccad"
x-frame-options: deny
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsNupOcJDMXqvBtBZI1OV7V3W6oiGqsljP05Gp%2BsUg3hOVHSqG1iT%2BCCfgF0DcbVZOvwbGH7uxJRZAB6KkI77b%2F3v6h0EMkPYkgz%2FwDMVRRVCYJvLboYroKNZCU1wLiBWhG3HSQuw9VaX2sL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82a2d8030fb30a32-MIA
expires: Tue, 19 Nov 2024 02:02:42 GMT

GET
H3 200 bg2.05d0bc10.jpg
flirtooy.info/img/ 139 KB
139 KB 137ms
133ms Image
image/jpeg 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flirtooy.info/img/bg2.05d0bc10.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f185c510bcaa781fcbc9e727044cca5616b6099b7e805c81102dba9230933f4d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 692429
alt-svc: h3=":443"; ma=86400
content-length: 141855
last-modified: Tue, 14 Nov 2023 15:42:08 GMT
server: cloudflare
etag: "65539550-22a1f"
x-frame-options: deny
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3dwmQaBIMhA7NLzIl1yT8MzMyeYKK%2FBE8%2BtxnjEOgM0oWxB9U6e3M7wDjAtj%2BYFkLAXjhGJP2zRbhAYSyQeDXljCery6b0XcL%2B7ycKXQTP22h9Q7ucOtjuLet48DsvYoVZhWG%2B9pSQtWj%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82a2d8030fb40a32-MIA
expires: Wed, 13 Nov 2024 17:00:04 GMT

GET
H3 200 bg3.d07e95b6.jpg
flirtooy.info/img/ 185 KB
186 KB 163ms
160ms Image
image/jpeg 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flirtooy.info/img/bg3.d07e95b6.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69daf7aa9f23d2ccb217662a476cae1d680a76c904bd4baa3a18df4115ca663

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 692429
alt-svc: h3=":443"; ma=86400
content-length: 189903
last-modified: Tue, 14 Nov 2023 15:42:08 GMT
server: cloudflare
etag: "65539550-2e5cf"
x-frame-options: deny
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOTF1c0dR350dOMUDcmYttm7iRyzolIRcFb7dYBDuT9wMCyz0C5boYEQC8j0n7xBNkLG20yW19Huh2f5G66kxbeZnRVptuhXhGMFRJ%2F5SRFrPvCC%2Fh8aIh%2Bffe%2BwqezCLDJ1y%2F8qRm1Z6F7J"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82a2d8030fb60a32-MIA
expires: Wed, 13 Nov 2024 17:00:04 GMT

GET
H3 200 bg4.b3d96cd1.jpg
flirtooy.info/img/ 151 KB
151 KB 188ms
187ms Image
image/jpeg 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flirtooy.info/img/bg4.b3d96cd1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb66230615484cf3e13310f3bf4ae449596216ada5354a2ac182cc6934beaba

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 692429
alt-svc: h3=":443"; ma=86400
content-length: 154270
last-modified: Tue, 14 Nov 2023 15:42:08 GMT
server: cloudflare
etag: "65539550-25a9e"
x-frame-options: deny
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8L4Nc8Y5JdQujwMG1jjJtUm2k5hU1dBvowKBxa8JxdlW%2BgmPutyuSaNBwIG1x%2Bn%2F%2B9rewYlEBhUSPyFCqt8NaO%2BXBSi8bS4WEGdFAcpYwwXEf%2FNsF1Ac%2BXEt8fYo3zkohqAMVF2xc4LRF9AA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82a2d8030fb70a32-MIA
expires: Wed, 13 Nov 2024 17:00:04 GMT

GET
H3 200 bg5.e8836e8e.jpg
flirtooy.info/img/ 228 KB
229 KB 193ms
191ms Image
image/jpeg 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flirtooy.info/img/bg5.e8836e8e.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6fce19292367236038efab82aefb5ebd08c5407c486d39ecae02c0e9a509e7f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:20:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 692429
alt-svc: h3=":443"; ma=86400
content-length: 233504
last-modified: Tue, 14 Nov 2023 15:42:08 GMT
server: cloudflare
etag: "65539550-39020"
x-frame-options: deny
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BDxomc7Q9bqf3ssTeSMyilAp0Ffhy11LLl%2BxEOljj174jNy%2Bl8DRZVBoCsojOImBIgKMn7VU7nRjO1IpO%2BvabmdJjrmQiZitph%2F0sCkcdJN9X0naReKNrzmS1%2FyZtX2kYl5IYy9uuEA%2F9xb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82a2d8030fb80a32-MIA
expires: Wed, 13 Nov 2024 17:00:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xxxfilmyporno.com
URL: https://xxxfilmyporno.com/media/thumbs/8/v01068.jpg?1606272721

Domain: xxxfilmyporno.com
URL: https://xxxfilmyporno.com/media/thumbs/8/v17668.jpg?1607311338

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/03/kurs-730x340.png

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/03/jee-logo.png

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/03/kurs-730x340.png

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/03/20130710_140804-e1488479182296-730x340.jpg

Domain: mobdev.pl
URL: http://mobdev.pl/wp-content/uploads/2017/02/dsp2017-1-e1487596214193.png

Domain: mobdev.pl
URL: https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.woff2?v=4.6.3

Domain: mobdev.pl
URL: https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.woff?v=4.6.3

Domain: mobdev.pl
URL: https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.ttf?v=4.6.3

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackJsonp object| regeneratorRuntime

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-21 01:08:56	Name: FTID Value: 1bNZXU2cnPeg1bNZXU0010jg
.wp.pl/	1970-01-21 01:11:36	Name: sgv Value: 1700673631
.wp.pl/	1970-01-20 16:24:35	Name: sgVisitId Value: 4e763367-a75d-4e45-bbd8-c5374beea5a1
.wp.pl/	1970-01-20 16:26:00	Name: ttlStatid Value: 269b402f-278a-4bed-83e8-f7d84748cd56
.yadro.ru/	1970-01-21 01:08:56	Name: VID Value: 3Up8Eq1uxu8g1bNZXV0010lx
.go.gkrtmc.com/	1970-01-20 17:07:45	Name: language Value: en
.go.gkrtmc.com/	1970-01-20 17:07:45	Name: 8666 Value: 38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd
.go.gkrtmc.com/	1970-01-20 17:07:45	Name: op_8666 Value: 0
.go.gkrtmc.com/	1970-01-21 02:00:33	Name: user_id Value: 3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381
api.flirtooy.info/	1970-01-21 01:10:09	Name: authToken Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiNmVmMDkyNGUtY2JhYi00NDVjLWJjZDItZjk1NjUyYjIyNjM3IiwidmlzaXRfaWQiOiIzYTM0MjFkMS1jODVhLTRjMDYtOGU5NC1iN2NkZjBmNmYxMDMiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOltdLCJwcmVsYW5kX3VybCI6IjY0XzIiLCJpYXQiOjE3MDA2NzM2MzMsImV4cCI6MTczMjIzMTIzM30.HK_8bhqhdgnnwJwNm8ivPm-kl_Loj8OR6-6Y0PgN9vA

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://b4.pinger.pl/fbf639bcb3bd9f263349c88193e3784b/lek_na_wszystko_niepierdol_max_31.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://e2.pudelek.pl/p1556/14722f500010d8304bf312a7'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://content.internetvideoarchive.com/content/photos/5838/24521112_.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.sexeo.pl/wp-content/uploads/2016/09/161854_01big.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.e-zikoapteka.pl/pyralgina-500-mg-lek-przeciwbolowy-6-tabletek.2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/03/kurs-730x340.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/03/jee-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/03/kurs-730x340.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/03/20130710_140804-e1488479182296-730x340.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/ Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/02/dsp2017-1-e1487596214193.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://xxxfilmyporno.com/media/thumbs/8/v01068.jpg?1606272721 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://gniezno.mobdev.pl/(Line 587) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://mobdev.pl/'. This endpoint should be made available over a secure connection.
security	warning	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://b4.pinger.pl/fbf639bcb3bd9f263349c88193e3784b/lek_na_wszystko_niepierdol_max_31.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://e2.pudelek.pl/p1556/14722f500010d8304bf312a7'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://content.internetvideoarchive.com/content/photos/5838/24521112_.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.sexeo.pl/wp-content/uploads/2016/09/161854_01big.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://paczaizm.pl/content/wp-content/uploads/eutanazol-lek-na-wszystko-schopenhauer.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.e-zikoapteka.pl/pyralgina-500-mg-lek-przeciwbolowy-6-tabletek.2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/03/kurs-730x340.png'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/03/jee-logo.png'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/03/kurs-730x340.png'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/03/organizer-730x340.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/03/20130710_140804-e1488479182296-730x340.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://gniezno.mobdev.pl/(Line 651) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure image 'http://mobdev.pl/wp-content/uploads/2017/02/dsp2017-1-e1487596214193.png'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://gniezno.mobdev.pl/(Line 658) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/themes/llorix-one-lite/images/background-images/background.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gniezno.mobdev.pl/(Line 658) Message: Mixed Content: The page at 'https://gniezno.mobdev.pl/' was loaded over HTTPS, but requested an insecure element 'http://mobdev.pl/wp-content/uploads/2017/02/tlo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://xxxfilmyporno.com/media/thumbs/8/v17668.jpg?1607311338 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://gniezno.mobdev.pl/ Message: Access to font at 'https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.woff2?v=4.6.3' from origin 'https://gniezno.mobdev.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.woff2?v=4.6.3 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gniezno.mobdev.pl/ Message: Access to font at 'https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.woff?v=4.6.3' from origin 'https://gniezno.mobdev.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.woff?v=4.6.3 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://gniezno.mobdev.pl/yozjmgo.gif?ref=&url=https%3A//gniezno.mobdev.pl/&scr=1600x1200&q=1700673630&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.159%20Safari/537.36&0.0233283438574603 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://gniezno.mobdev.pl/ Message: Access to font at 'https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.ttf?v=4.6.3' from origin 'https://gniezno.mobdev.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mobdev.pl/wp-content/themes/llorix-one-lite/fonts/fontawesome-webfont.ttf?v=4.6.3 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://api.flirtooy.info/v1/public/client-visit Message: Failed to load resource: the server responded with a status of 400 ()
other	error	URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_d38921b64c2a2f59a9eac0acccf172bd&p10=3077f837-7fe8-46b4-816c-df84f90e43e0_b2531eb7dc34d0fc5a7a9bc31edf5381&source=66979&aff_sub=&aff_sub2=seo-sem Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
adresy.cosmedica.pl
api.flirtooy.info
apteka.cosmedica.pl
b4.pinger.pl
content.internetvideoarchive.com
counter.yadro.ru
e2.pudelek.pl
flirtooy.info
fonts.googleapis.com
fonts.gstatic.com
gniezno.mobdev.pl
go.gkrtmc.com
i.imgur.com
i.ytimg.com
img-ovh-cloud.zszywka.pl
mamuski.de
mobdev.pl
paczaizm.pl
starsze.icu
www.e-zikoapteka.pl
www.sexeo.pl
www.wp.pl
www.znamlek.pl
xxxfilmyporno.com
znamlek.pl
mobdev.pl
xxxfilmyporno.com
13.224.214.115
146.75.28.193
173.0.157.204
193.17.41.93
212.77.100.83
212.77.98.9
2606:4700:20::ac43:44ee
2606:4700:3031::ac43:a0bd
2606:4700:3033::ac43:92a3
2606:4700:3035::ac43:bd7c
2606:4700:3037::6815:215b
2606:4700:3037::6815:5ec5
2606:4700:3038::6815:e991
2606:4700:3038::6815:ebcf
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::77
2607:f8b0:4004:c19::84
62.75.207.5
79.96.4.21
88.212.201.198
91.185.190.165
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc
07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07
1bca217950fad63a0001b574e0226ccc2959801c194694a66fc996eff1eaccef
1c23a41dacf648c86096307353fbae4eb1ffc7b3eb697b144b17b56211707ffe
22b238fbf23b3ab5e871c891e01146d528f64e6046afe1c65ae005f097691230
24f2e7453b7e8d501b9cd7b3a922dabc9b584e6491daf42eb7affb67e2c9194d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ca5f156f56a93a7df7696028afdefe2c9e503ed3923ac47b02a46bac743cb35
31b25cac99cbc2931812c9566b7767d725583963bd019a72663825370d6ffd05
31ba7f0366f1f56591a9d7004c7fd0e0301195aab9813bf42742392c0d129935
327e3a04bfe432f01017e44f36d1bb1cb8f4f6f8f109b758c3b18cc3aac552fb
3e4b4621eb50577d77884637be41368232876cf4a643ae7f7966f478eb68933d
542fa213a5fb59575baca58d50f022d2a263356cb8d4c0ccc08f7ae36babb2e0
6488cfe766bf967833292076ecbed823ef66e63b7f06299cbd4cc7a68202be94
64d3616b18ae6d886579db07b3683507f3afc60020d61a3fd247d89f2eed27e4
66018b9f51b1a0be0abee5ba452eb76066abcabef098185be9742263110f9fcf
691e0f4c7b2e109e7f171755481b4c3ea98a5b7d2d206e91630de169280b2eb9
6b1f19a15b9773b679d43884e6d1ba388cabe54b921a9596f290b7e7d0436bbf
700a0419b1d522bcda138e12adb341d4a6588768a8ccc0ae4dca77a56903519d
7cda22920dd01b8c2a41e26e65e2b7f44aed4b796f531dbcd7062991d59c5b99
8b099cb0c9a08569bef7b8f3582549c72e08e01e14ffe5e168188f83aa9630be
8d0f0265f8220d3847854bfdfeb3d54a1bc1ae58ee0ec880063ad9787f506719
94af3d2c7ca1cb4c377697fa276a0ac8e1c390f0b83225b80207364d2d1f560b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b04a32f105e36daaa849e650b9482ba391da54b80102774eb790867351e332d
a39e1d439591503996a3e548490efb6866cb227a3df11e779b2b585264ac02e9
a4e914fd8e62849bf47909524b3ee804a77180fa41a2a2c8871486a3ebbd2cbd
a5f0b4f7a03b25695ca9858b6eb9f109d3704576bd406509bf4950f887ba95a4
a5f0d074ab18f672d35f2125c5e9ddbdd8a8cc92ef15280bf096ef3030b3da4a
a69daf7aa9f23d2ccb217662a476cae1d680a76c904bd4baa3a18df4115ca663
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bda15c58123126e81353caebda2a8277b65a2e6f8e5490dd33c6eee9290ac979
c129bb40f1c98ac6c01f8ccd48a5263829e53c13f495cded7e29d5c86cacd738
c5c19ea06ba0a401062ab509c9d97a97ac976ec364fcef06e090448cb9f1fd3e
c774a31b4e35e8c9f44328f78776b7756a280b3c9809d195e9896416257edf5b
c7d6fb0350445494df72402210f5b9b168ae1bd10dbfbea43393fe69be48fdc9
c8c865cbb497a6f6eac7c8e35c9280c07fb2be5dfea52fb92d7a2b79e8ae9ea3
cdcdb247602cc67f36ec006571e24f14d647f7aaf5a492847710960060d82b09
d179cac173a7b0c93c30e2971f9a90b7a37ca80a7a4aa601af4ba1aa8468571b
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d6fce19292367236038efab82aefb5ebd08c5407c486d39ecae02c0e9a509e7f
dae30861356eedbe1328aa25508bc6583c079d4ebcd6db1aceb659a2a3a7a499
e1c4df381ae5daa0a3fd01ba2be0a2fb309728fea5080cec85fdcb12dfc7034c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb22a3cca19b97f27644fb2a9c1a4445dbfa7e0cb7798a0898aa644490c70fe2
eb8997c1268f4a153732e5a52c89a3eb3a700573ae12b47d214bda8e9c482942
ec5ac8664d0703e57e0669c3729b643b75bfd4d42911bb2fbfb534ba624d7eea
f185c510bcaa781fcbc9e727044cca5616b6099b7e805c81102dba9230933f4d
f43077eae23d2fb4b9de5490681e2b35c23c9425ad2ad03add4551a3faf8fb59
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
fba4dcc1618a88246a8505e52a9e70f6f827f96165b9b9c721568a23c1f1a0b4
fbb66230615484cf3e13310f3bf4ae449596216ada5354a2ac182cc6934beaba

flirtooy.info Open in urlscan Pro 2606:4700:3035::ac43:bd7c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

74 %HTTPS

55 %IPv6

22 Domains

26 Subdomains

22 IPs

4 Countries

3283 kBTransfer

3642 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

flirtooy.info Open in urlscan Pro
2606:4700:3035::ac43:bd7c Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

74 %
HTTPS

55 %
IPv6

22
Domains

26
Subdomains

22
IPs

4
Countries

3283 kB
Transfer

3642 kB
Size

10
Cookies

73 HTTP transactions
1 data transactions