urlscan.io logo urlscan.io
SecurityTrails logo

medicalspa2.nfhotel.usermd.net Open in urlscan Pro
212.91.26.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://medicalspa2.nfhotel.usermd.net/
Submission: On May 28 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 59 HTTP transactions. The main IP is 212.91.26.80, located in Poland and belongs to ATMAN-ISP-AS ATM S.A., PL. The main domain is medicalspa2.nfhotel.usermd.net.
TLS certificate: Issued by R3 on May 28th 2024. Valid for: 3 months.
This is the only time medicalspa2.nfhotel.usermd.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 212.91.26.80 15694 (ATMAN-ISP...)
3 216.58.212.138 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.185.200 15169 (GOOGLE)
4 31.186.83.249 57367 (ECO-ATMAN...)
1 4 176.119.42.119 42503 (PL-OKTAWA...)
7 142.250.186.163 15169 (GOOGLE)
5 188.114.97.3 13335 (CLOUDFLAR...)
1 216.239.32.36 15169 (GOOGLE)
1 64.233.184.156 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
59 11
31    212.91.26.80 (Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: web36.mydevil.net
medicalspa2.nfhotel.usermd.net
nerohome.nfhotel.usermd.net
3    216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f10.1e100.net
fonts.googleapis.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
4    31.186.83.249 (Radom, Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: web10.mydevil.net
nfhotel.pl
4    176.119.42.119 (Poland)

ASN42503 (PL-OKTAWAVE-AS, PL)
PTR: poczta.nfhotel.pl
booking.nfhotel.pl
api.nfhotel.pl
7    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
5    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
netfactory.net.pl
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    64.233.184.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.google.pl
Apex Domain
Subdomains		 Transfer
31 usermd.net
medicalspa2.nfhotel.usermd.net
nerohome.nfhotel.usermd.net
4 MB
8 nfhotel.pl
nfhotel.pl
booking.nfhotel.pl
api.nfhotel.pl
129 KB
7 gstatic.com
fonts.gstatic.com
184 KB
5 netfactory.net.pl
netfactory.net.pl
146 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
33 KB
1 google.pl
www.google.pl — Cisco Umbrella Rank: 23477
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
264 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
264 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
94 KB
59 10
Domain Requested by
28 medicalspa2.nfhotel.usermd.net medicalspa2.nfhotel.usermd.net
7 fonts.gstatic.com fonts.googleapis.com
5 netfactory.net.pl medicalspa2.nfhotel.usermd.net
4 nfhotel.pl medicalspa2.nfhotel.usermd.net
3 booking.nfhotel.pl medicalspa2.nfhotel.usermd.net
3 nerohome.nfhotel.usermd.net medicalspa2.nfhotel.usermd.net
3 fonts.googleapis.com medicalspa2.nfhotel.usermd.net
nfhotel.pl
2 cdnjs.cloudflare.com medicalspa2.nfhotel.usermd.net
1 www.google.pl medicalspa2.nfhotel.usermd.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 api.nfhotel.pl 1 redirects
1 www.googletagmanager.com medicalspa2.nfhotel.usermd.net
59 13

This site contains links to these domains. Also see Links.

Domain
nerohome.nfhotel.usermd.net
maps.app.goo.gl
www.facebook.com
nfhotel.pl
Subject Issuer Validity Valid
medicalspa2.nfhotel.usermd.net
R3		 2024-05-28 -
2024-08-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
nerohome.nfhotel.usermd.net
R3		 2024-04-03 -
2024-07-02		 3 months crt.sh
nfhotel.pl
R3		 2024-05-15 -
2024-08-13		 3 months crt.sh
*.nfhotel.pl
Certum Domain Validation CA SHA2		 2024-01-02 -
2025-01-01		 a year crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
netfactory.net.pl
GTS CA 1P5		 2024-04-24 -
2024-07-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.pl
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://medicalspa2.nfhotel.usermd.net/
Frame ID: 2EBA83035ADEEC707336436DE96BD61D
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

O nas - Medical SPA Kwiatowa - Medical SPA Kwiatowa

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <body class=(?:"|')[^"']*oxygen-body
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

4832 kB
Transfer

5405 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://api.nfhotel.pl/imagefly/w500-c/default.jpg HTTP 301
  • https://netfactory.net.pl/nf/w500-c/default.jpg

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medicalspa2.nfhotel.usermd.net/ 		94 KB
94 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx / PHP/8.2.19
Resource Hash
78d3ab17696037b5db00f445e73002b9ceb78795c4ab9c9611801eeb3cb571ef

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=2592000
content-type
text/html; charset=UTF-8
date
Tue, 28 May 2024 12:56:20 GMT
expires
Thu, 27 Jun 2024 12:56:20 GMT
link
<https://medicalspa2.nfhotel.usermd.net/wp-json/>; rel="https://api.w.org/" <https://medicalspa2.nfhotel.usermd.net/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://medicalspa2.nfhotel.usermd.net/>; rel=shortlink
server
nginx
x-powered-by
PHP/8.2.19
css
fonts.googleapis.com/ 		78 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Cormorant:100,200,300,400,500,600,700,800,900|Crimson+Pro:100,200,300,400,500,600,700,800,900|Josefin+Sans:100,200,300,400,500,600,700,800,900|Herr+Von+Muellerhoff:100,200,300,400,500,600,700,800,900|rage-italic-regular:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
ESF /
Resource Hash
daa47bb0c2d44c63d12519e99f3f6c44f6ca68312ae650ce7b717538523061d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 May 2024 12:56:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 May 2024 12:56:21 GMT
wpsol_5966c8c537a979f7019b5a59a4bc67f5.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		111 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_5966c8c537a979f7019b5a59a4bc67f5.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
e961ae968620ba227d417778901add81cce0bcb9580f1e83868d650a66701f1b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-1ba8f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
113295
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_804dab74b95ff2452ab9274d9674d7e4.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		291 B
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_804dab74b95ff2452ab9274d9674d7e4.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-123"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
291
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_9176acc7c155991454ba3efdf46590b4.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_9176acc7c155991454ba3efdf46590b4.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
88bf4a7fc4d36b212eac7059f67409e58d4230333d9cd1d911414cf02aea16af

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-211d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
8477
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_847da8fca8060ca1a70f976aab1210b9.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		25 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_847da8fca8060ca1a70f976aab1210b9.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-65c5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
26053
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_1b9220b26278263afa7bdc2f8c159090.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_1b9220b26278263afa7bdc2f8c159090.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
cc631a4986ad10da836cfb7739bc5072ad80c7e1d740e0e75efde2d8752de2f6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-43e2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
17378
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_0d81b507f95c303912803e971b415ccb.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		297 B
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_0d81b507f95c303912803e971b415ccb.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
f1b0758d894a21fa591f1d07b6a3aa91515e2d5b2f923b2574f9dd6b583a1abc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-129"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
297
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_d1559939a7c81b448f9ae0d630819876.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_d1559939a7c81b448f9ae0d630819876.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
302ccd42b955f8fee7fd413ca491970e374644789b6711ed5d6d7717cfc1660b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-8c3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
2243
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_7461f6eedb5adb3d5685c753e7bcd7c3.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_7461f6eedb5adb3d5685c753e7bcd7c3.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
294f3db9c71d9d9c1ffc281810459a88ec59963992cd13d32460642e65b887c4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-1186"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
4486
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_f508a6b07061c70a807eba87267f2e91.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		768 B
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_f508a6b07061c70a807eba87267f2e91.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
0f476ceb3f7bb95cea5c748b6846c1f3837ebec4b2e8a89727b616e5d5431182

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-300"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
768
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_a99d0830267d67dc8cb5d8b34e513e0a.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		27 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_a99d0830267d67dc8cb5d8b34e513e0a.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
dccf228a150f878a72441e7a959c202a9657d1b5ac8307a42dd65c0e7e4c6d71

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-6d1c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
27932
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_09e4585e13c8ab0f7028675cf5854608.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		31 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_09e4585e13c8ab0f7028675cf5854608.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
5688d640a047cda03cb78aaef91b213230d84c54a11c90380a8265f2c3dd970e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-7dab"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
32171
expires
Sun, 18 May 2025 12:56:20 GMT
wpsol_0f71c269425772e5cd8ecc297aee501a.css
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/ 		88 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_0f71c269425772e5cd8ecc297aee501a.css
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
51b1cbb5a9a390d77559625de354d3b45038010ef8c5d599fc08442a5bc561d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-16071"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
90225
expires
Sun, 18 May 2025 12:56:20 GMT
jquery.min.js
medicalspa2.nfhotel.usermd.net/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-includes/js/jquery/jquery.min.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 07:28:22 GMT
server
nginx
etag
"66558796-15601"
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
87553
expires
Thu, 27 Jun 2024 12:56:20 GMT
wpsol_a01f9089e8301e9eacfb9d029dc0ca5c.js
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/js/wpsol_a01f9089e8301e9eacfb9d029dc0ca5c.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-37a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
14243
expires
Sun, 18 May 2025 12:56:20 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
322301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22890
last-modified
Sat, 25 Dec 2021 03:05:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61c68a7c-596a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XiuJFbwmgNoEwsYk1e3rfK0sYB%2Fd37x7esxzaLgrNpWcVk4Ss6Tp8zyK5xUnIUC7IxLNtnZPySQhPBWdUPGYIXmXVuG0CbUEJLQ6p68VVn2NFQaDSkdZLlsv6oveFhNjUsPXdsQc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88ae677a7ffe34aa-WAW
expires
Sun, 18 May 2025 12:56:20 GMT
ScrollTrigger.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ScrollTrigger.min.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068b6cce4ba0c45621e5c2947ebcc3f6701a90c841ce4f210c935f0047a19ead
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
498236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9607
last-modified
Sat, 25 Dec 2021 03:05:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61c68a7c-2587"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KTCXdDYRhro1%2BrfoMMStWaKnMWuQpSndOWn0puJpD%2FghfOYbH3WfGmktHxGiuB%2F7SVjnh8Tc02tpWSlJOF%2BxajDMKYhr5eWbfCbhCEwCnTgYaYodH4g%2F7QwV220DSWVHtlla0o8h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88ae677a880334aa-WAW
expires
Sun, 18 May 2025 12:56:20 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VD5TMJF3YE
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2d3ac21ddece37bb3d3453d6280d9ca6a609d28fcfd24bb4b877f1136436e6be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95584
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 May 2024 12:56:21 GMT
NEROhome-black-transparent-logo.png
nerohome.nfhotel.usermd.net/wp-content/uploads/2024/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nerohome.nfhotel.usermd.net/wp-content/uploads/2024/02/NEROhome-black-transparent-logo.png
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
81b50ea4841702e461c148250ec40850c7ef22edbbcc04a19ce4112a3985963b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 20 Feb 2024 10:07:01 GMT
server
nginx
etag
"65d479c5-10a0"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
4256
expires
Thu, 27 Jun 2024 12:56:21 GMT
292385292_141027498592428_924341611248887328_n-removebg-preview.png
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2023/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2023/12/292385292_141027498592428_924341611248887328_n-removebg-preview.png
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
3fea35ed2edc202eeaf20dd29db84308cce3bbbd676fb476a40e7e2cf48df85f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
last-modified
Tue, 28 May 2024 07:28:16 GMT
server
nginx
etag
"66558790-331e"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
13086
expires
Thu, 27 Jun 2024 12:56:20 GMT
floating-booking.js
nfhotel.pl/nf-be/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nfhotel.pl/nf-be/floating-booking.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.83.249 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web10.mydevil.net
Software
nginx /
Resource Hash
890a08c25ec2196fd0e7b2e048fbe350f20c1aeb0e027bd77191e8d82a946a42

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
content-encoding
gzip
last-modified
Thu, 27 Jul 2023 11:18:57 GMT
server
nginx
etag
W/"64c252a1-5f70"
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 27 Jun 2024 12:56:20 GMT
booking-calendar.js
nfhotel.pl/nf-be/ 		78 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nfhotel.pl/nf-be/booking-calendar.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.83.249 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web10.mydevil.net
Software
nginx /
Resource Hash
b5a07d99ddb51cc636f70717ad540cbe7b922584b7830ff36e3aee40d2dec97e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
content-encoding
gzip
last-modified
Tue, 28 May 2024 08:10:42 GMT
server
nginx
etag
W/"66559182-139bb"
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 27 Jun 2024 12:56:20 GMT
loader.js
booking.nfhotel.pl/new/ 		129 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.nfhotel.pl/new/loader.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.119.42.119 , Poland, ASN42503 (PL-OKTAWAVE-AS, PL),
Reverse DNS
poczta.nfhotel.pl
Software
Apache /
Resource Hash
95ad6bb6f0da92d554a678fab531a0888c0af5b20aa6267d6e6fa50c20c0c846

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 12:56:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 20:12:15 GMT
Server
Apache
ETag
"204bb-609bdd1eb80ed-gzip"
Vary
Accept-Encoding,ETag
Content-Type
application/javascript
Cache-Control
public,max-age=3600
Accept-Ranges
bytes
Content-Length
40705
chunk-vendors.js
nfhotel.pl/nf-be/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nfhotel.pl/nf-be/chunk-vendors.js?ver=6.5.3
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.83.249 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web10.mydevil.net
Software
nginx /
Resource Hash
523b195b029e22ed67c93a9cca8eebf6b7e390b84977f0cd33208a9c99bc02b9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 10:51:36 GMT
server
nginx
etag
W/"636cd7b8-26749"
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 27 Jun 2024 12:56:20 GMT
app.js
nfhotel.pl/nf-be/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nfhotel.pl/nf-be/app.js?ver=6.5.3
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.83.249 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web10.mydevil.net
Software
nginx /
Resource Hash
4ad52273ab7b9f8590c75177ce5efb8d415542dff99ef4fa71dd977fb5a72160

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:20 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 10:51:36 GMT
server
nginx
etag
W/"636cd7b8-3418"
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 27 Jun 2024 12:56:20 GMT
flickity.pkgd.min.js
medicalspa2.nfhotel.usermd.net/wp-content/plugins/oxyextras/components/assets/flickity/ 		53 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/plugins/oxyextras/components/assets/flickity/flickity.pkgd.min.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:34:50 GMT
server
nginx
etag
"6655891a-d32f"
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
54063
expires
Thu, 27 Jun 2024 12:56:21 GMT
wpsol_1e88c5a39ec766524f15dc899c8bf963.js
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/js/wpsol_1e88c5a39ec766524f15dc899c8bf963.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
eb269d5f9c783d3297edf13d1bbe55e73f417788edc9408c923d7b8ea9658d3e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-12bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
4795
expires
Sun, 18 May 2025 12:56:21 GMT
wpsol_9a129aacdcee1c0c66465a25c33b1f6d.js
medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/js/wpsol_9a129aacdcee1c0c66465a25c33b1f6d.js
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
f1028083fecf6fe9eee20afc07ec45f0cec018f33d8a00f3ed2b5cab6d9c3aae

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 12:23:21 GMT
server
nginx
etag
"6655ccb9-3117"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10672000, must-revalidate
accept-ranges
bytes
content-length
12567
expires
Sun, 18 May 2025 12:56:21 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Cormorant:100,200,300,400,500,600,700,800,900|Crimson+Pro:100,200,300,400,500,600,700,800,900|Josefin+Sans:100,200,300,400,500,600,700,800,900|Herr+Von+Muellerhoff:100,200,300,400,500,600,700,800,900|rage-italic-regular:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://medicalspa2.nfhotel.usermd.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 06:41:12 GMT
x-content-type-options
nosniff
age
22509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 06:41:12 GMT
ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
fonts.gstatic.com/s/didactgothic/v20/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/didactgothic/v20/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Cormorant:100,200,300,400,500,600,700,800,900|Crimson+Pro:100,200,300,400,500,600,700,800,900|Josefin+Sans:100,200,300,400,500,600,700,800,900|Herr+Von+Muellerhoff:100,200,300,400,500,600,700,800,900|rage-italic-regular:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
2856dc2d6b95b5d0730624995d877db1dd81fac52ba37420f116f9bc09d43e00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://medicalspa2.nfhotel.usermd.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:59:09 GMT
x-content-type-options
nosniff
age
467832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17824
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:58:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:59:09 GMT
default.jpg
netfactory.net.pl/nf/w500-c/
Redirect Chain
  • https://api.nfhotel.pl/imagefly/w500-c/default.jpg
  • https://netfactory.net.pl/nf/w500-c/default.jpg
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netfactory.net.pl/nf/w500-c/default.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/wp-content/cache/wpsol-minification/css/wpsol_0f71c269425772e5cd8ecc297aee501a.css
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
9c8a7ecaf4e0ed08bea96783988793c50868742e326519be6effead990709390

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://medicalspa2.nfhotel.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168599
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400
content-length
2568
last-modified
Sun, 26 May 2024 14:06:22 GMT
server
cloudflare
vary
Accept,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FIBkn4UAA23x4cQOV0LMukdWYagN5aG4uv9OwqIp%2BkgIuc4jczHnzJVSNNXpEaob4w4ZryylDuSqeQOLskGZAiH4FEFUZPvF2HaZk20EU79ZRmwGgeMo%2B3KJTbjCgvINiCL0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
88ae677e2d345b4f-VIE

Redirect headers

Location
https://netfactory.net.pl/nf/w500-c/default.jpg
Date
Tue, 28 May 2024 12:56:21 GMT
Server
Apache
Content-Length
255
Content-Type
text/html; charset=iso-8859-1
Nero-Home-132-z-165.jpeg
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/03/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/03/Nero-Home-132-z-165.jpeg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
bf45468e29f7b2528ad9c1b6f7ff488ea00dc3bbae2bc8f8fbd3bbca9690daef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:28:16 GMT
server
nginx
etag
"66558790-136f4"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
79604
expires
Thu, 27 Jun 2024 12:56:21 GMT
355290903_231455809649405_8551789299411239376_n.jpg
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2023/12/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2023/12/355290903_231455809649405_8551789299411239376_n.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
c231919e525f491189623dde30972bd6f3514930bf06ef4504a2afaf11c63022

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:28:16 GMT
server
nginx
etag
"66558790-1354a"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
79178
expires
Thu, 27 Jun 2024 12:56:21 GMT
356637755_234845232643796_4559909247599850313_n.jpg
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2023/12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2023/12/356637755_234845232643796_4559909247599850313_n.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
71f89d049b7ccc39b80e87d13e5d39d6c9765d7ca3af4cfa703b8ccfb88fcb4a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:28:16 GMT
server
nginx
etag
"66558790-4e86"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
20102
expires
Thu, 27 Jun 2024 12:56:21 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Cormorant:100,200,300,400,500,600,700,800,900|Crimson+Pro:100,200,300,400,500,600,700,800,900|Josefin+Sans:100,200,300,400,500,600,700,800,900|Herr+Von+Muellerhoff:100,200,300,400,500,600,700,800,900|rage-italic-regular:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://medicalspa2.nfhotel.usermd.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:41:17 GMT
x-content-type-options
nosniff
age
468904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:41:17 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Cormorant:100,200,300,400,500,600,700,800,900|Crimson+Pro:100,200,300,400,500,600,700,800,900|Josefin+Sans:100,200,300,400,500,600,700,800,900|Herr+Von+Muellerhoff:100,200,300,400,500,600,700,800,900|rage-italic-regular:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://medicalspa2.nfhotel.usermd.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:41:04 GMT
x-content-type-options
nosniff
age
468917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38372
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:15:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:41:04 GMT
ahcfv8qz1zt6hCC5G4F_P4ASlUWYpnLl.woff2
fonts.gstatic.com/s/didactgothic/v20/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/didactgothic/v20/ahcfv8qz1zt6hCC5G4F_P4ASlUWYpnLl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Cormorant:100,200,300,400,500,600,700,800,900|Crimson+Pro:100,200,300,400,500,600,700,800,900|Josefin+Sans:100,200,300,400,500,600,700,800,900|Herr+Von+Muellerhoff:100,200,300,400,500,600,700,800,900|rage-italic-regular:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
d318d1bdbd4ffd4e3d77b9f23d97ffe9f5b5dae85be99d62ef4c45f368e11c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://medicalspa2.nfhotel.usermd.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:01:50 GMT
x-content-type-options
nosniff
age
316471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26316
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:57:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 May 2025 21:01:50 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Cormorant:100,200,300,400,500,600,700,800,900|Crimson+Pro:100,200,300,400,500,600,700,800,900|Josefin+Sans:100,200,300,400,500,600,700,800,900|Herr+Von+Muellerhoff:100,200,300,400,500,600,700,800,900|rage-italic-regular:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://medicalspa2.nfhotel.usermd.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:45:12 GMT
x-content-type-options
nosniff
age
468669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:45:12 GMT
nero-home-top.png
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/nero-home-top.png
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
043bba983353f9a66aa34722f9c0ac45fed061036c9deea0bebe6b51bfad6846

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:28:15 GMT
server
nginx
etag
"6655878f-1f4bd8"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
2051032
expires
Thu, 27 Jun 2024 12:56:21 GMT
hotel-3-scaled.jpg
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/ 		368 KB
369 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/hotel-3-scaled.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
d428b77d52c08da38855b347ef318d24af04eb99f059533e4681a00a0a44cd3a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:28:15 GMT
server
nginx
etag
"6655878f-5bfac"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
376748
expires
Thu, 27 Jun 2024 12:56:21 GMT
IMG_1716-scaled.jpeg
nerohome.nfhotel.usermd.net/wp-content/uploads/2024/03/ 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nerohome.nfhotel.usermd.net/wp-content/uploads/2024/03/IMG_1716-scaled.jpeg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
141acaa7226a7dfd81d499ec3f277374f1a00e399bf18603b9bbc6efc7e21ad4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Mon, 04 Mar 2024 13:31:56 GMT
server
nginx
etag
"65e5cd4c-327e0"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
206816
expires
Thu, 27 Jun 2024 12:56:21 GMT
jedzenie-163-scaled.jpg
nerohome.nfhotel.usermd.net/wp-content/uploads/2024/03/ 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nerohome.nfhotel.usermd.net/wp-content/uploads/2024/03/jedzenie-163-scaled.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
8c5bf2a29e52af7b68de5b9bf14fa0e227d6b048564fe45d5fae7c0420e79e58

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Mon, 04 Mar 2024 13:32:58 GMT
server
nginx
etag
"65e5cd8a-32b36"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
207670
expires
Thu, 27 Jun 2024 12:56:21 GMT
css2
fonts.googleapis.com/ 		2 KB
554 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Josefin+Sans:wght@300;400&display=swap
Requested by
Host: nfhotel.pl
URL: https://nfhotel.pl/nf-be/floating-booking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
ESF /
Resource Hash
2375862e5da212f0f9ed06f1a8479c1949e38f98a3788b8fea7819684921149d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 May 2024 12:56:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 May 2024 12:56:21 GMT
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v32/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Didact+Gothic:100,200,300,400,500,600,700,800,900|Cormorant:100,200,300,400,500,600,700,800,900|Crimson+Pro:100,200,300,400,500,600,700,800,900|Josefin+Sans:100,200,300,400,500,600,700,800,900|Herr+Von+Muellerhoff:100,200,300,400,500,600,700,800,900|rage-italic-regular:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://medicalspa2.nfhotel.usermd.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 23:45:59 GMT
x-content-type-options
nosniff
age
47422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28600
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 May 2025 23:45:59 GMT
css2
fonts.googleapis.com/ 		2 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Requested by
Host: nfhotel.pl
URL: https://nfhotel.pl/nf-be/booking-calendar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
ESF /
Resource Hash
6b8a445dbddfb9b7c56ffd4f34b6ca628a0d2c85b6a8f4da1eda376694377c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 May 2024 10:59:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 May 2024 12:56:21 GMT
rooms_description
booking.nfhotel.pl/api2/1439/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.nfhotel.pl/api2/1439/rooms_description
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/wp-includes/js/jquery/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.119.42.119 , Poland, ASN42503 (PL-OKTAWAVE-AS, PL),
Reverse DNS
poczta.nfhotel.pl
Software
Apache /
Resource Hash
7f35c7e967307f71945866c47dd7b5db3080da99cbc09a31a5ca99095b470896

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://medicalspa2.nfhotel.usermd.net/
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 12:56:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Origin,Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://medicalspa2.nfhotel.usermd.net
Cache-Control
no-store,no-cache,must-revalidate
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Access-Control-Allow-Headers
pragma,cache-control
equipment
booking.nfhotel.pl/api2/1439/ 		1 KB
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.nfhotel.pl/api2/1439/equipment
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/wp-includes/js/jquery/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.119.42.119 , Poland, ASN42503 (PL-OKTAWAVE-AS, PL),
Reverse DNS
poczta.nfhotel.pl
Software
Apache /
Resource Hash
c09e8ec5c45410360fd0813a1ef3075da5a42488468e933f6e38da52ec70e5e5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://medicalspa2.nfhotel.usermd.net/
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 12:56:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Origin,Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://medicalspa2.nfhotel.usermd.net
Cache-Control
no-store,no-cache,must-revalidate
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Access-Control-Allow-Headers
pragma,cache-control
hotel-5.jpg
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/ 		252 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/hotel-5.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
89bf2639ad9456e6a4de312d6e78bc4365254c85089b56befaaaaab32f1b068e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:28:16 GMT
server
nginx
etag
"66558790-3eedc"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
257756
expires
Thu, 27 Jun 2024 12:56:21 GMT
hotel-17-scaled.jpg
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/ 		308 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/hotel-17-scaled.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
5aba667058a183e127dfc5c01b8cc5cb4b28ae021c5078b29107e7d93afab197

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:28:15 GMT
server
nginx
etag
"6655878f-4d1f2"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
315890
expires
Thu, 27 Jun 2024 12:56:21 GMT
hotel-1-scaled.jpg
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2024/02/hotel-1-scaled.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
09b21e56fe890fb959b506a0fa0917c23a418ba712e401537268c2b15eb6b456

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
last-modified
Tue, 28 May 2024 07:28:16 GMT
server
nginx
etag
"66558790-1eae8"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
125672
expires
Thu, 27 Jun 2024 12:56:21 GMT
aaa0d98bda7c37f6.jpg
netfactory.net.pl/nf/w500-c/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netfactory.net.pl/nf/w500-c/aaa0d98bda7c37f6.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
b63d8041720901a96d72151284f9c5bfadc64b549c7d43b2a35bd3265802eb98

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
158884
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400
content-length
38684
last-modified
Sun, 26 May 2024 16:48:17 GMT
server
cloudflare
vary
Accept,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hf4oo8xHOu7qe%2B5rjz%2Bz%2FNyfW3uEOIdcxCUmTHfay1MtBqPw5jCsdf0410zm5MvgKMP7CGmhJsY%2BJ2nr5yzc3kvk8xpGUSN9DtZbqz%2B%2BsGk%2F6h1qAgsqIYxe9FhW9Yd%2BrGqtQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
88ae677f5eee5b4f-VIE
63301ba0aa225f7f.jpg
netfactory.net.pl/nf/w500-c/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netfactory.net.pl/nf/w500-c/63301ba0aa225f7f.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
70b55ef93d76bf4c3359f7802201a334b4736b2e56abf66ad0294010a2c536a0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
158885
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400
content-length
29131
last-modified
Sun, 26 May 2024 16:48:16 GMT
server
cloudflare
vary
Accept,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKAmK8sarUHGj1r75hFs5PpfI8S%2FjRLi%2BsnYs7fPaeA5tLhKCTmoHXzteMtoSBahnktAMJbddLBCwVb8%2BOI2JYCEyMMBW0vpJXynXnJ%2B8Dh0pKJR7oDw9PnZKYHhaY2579QdTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
88ae677f5ef55b4f-VIE
0f4971dcb5824929.jpg
netfactory.net.pl/nf/w500-c/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netfactory.net.pl/nf/w500-c/0f4971dcb5824929.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
fa78044b3d14e3a0afb5f510bac08533e0d89ab4f07803e6c78fc92821f263b9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
158884
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400
content-length
31325
last-modified
Sun, 26 May 2024 16:48:17 GMT
server
cloudflare
vary
Accept,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGksFNSaNzYmpGpFOwc1BAvAvENrh62m9jOSFpwGhQxS5btBOvfILMs86vpjQKO%2BimrS18lIfGq1pyCfuU4w%2FNkgHhYPnZF1uuMFQFCCVx3H0uwpvpaanTaNcIwgf4I0uaVWrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
88ae677f5ef95b4f-VIE
1fdae6cb9d5e304c.jpg
netfactory.net.pl/nf/w500-c/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netfactory.net.pl/nf/w500-c/1fdae6cb9d5e304c.jpg
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
5b15eea8c9c503d794cce32388458888b56d049d8b4fb301891d9742806d70f3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 26 May 2024 16:48:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
158884
x-powered-by
PHP/7.3.33
vary
Accept,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sEfbxO9%2Bpj95FgS9lo%2B7VmktG3yxSTtaS1TO1V6DpN4x%2FB7c8QiReuFYq3UTDu6xU5Sl9XoI%2BxpkA%2FNz%2FRgoU2CV7am4SPmRwDQzUXbbofl%2FWsAtm6xY%2BNfZI89GsD5ddfFMMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=604800, public
cf-ray
88ae677f5efa5b4f-VIE
alt-svc
h3=":443"; ma=86400
collect
region1.analytics.google.com/g/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VD5TMJF3YE&gtm=45je45m0v884988950za200&_p=1716900981242&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=999398606.1716900982&ul=pl-pl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716900982&sct=1&seg=0&dl=https%3A%2F%2Fmedicalspa2.nfhotel.usermd.net%2F&dt=O%20nas%20-%20Medical%20SPA%20Kwiatowa%20-%20Medical%20SPA%20Kwiatowa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2343
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VD5TMJF3YE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 28 May 2024 12:56:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medicalspa2.nfhotel.usermd.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VD5TMJF3YE&cid=999398606.1716900982&gtm=45je45m0v884988950za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VD5TMJF3YE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 28 May 2024 12:56:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medicalspa2.nfhotel.usermd.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.pl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VD5TMJF3YE&cid=999398606.1716900982&gtm=45je45m0v884988950za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1341285370
Requested by
Host: medicalspa2.nfhotel.usermd.net
URL: https://medicalspa2.nfhotel.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 28 May 2024 12:56:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cropped-292385292_141027498592428_924341611248887328_n-32x32.jpg
medicalspa2.nfhotel.usermd.net/wp-content/uploads/2023/12/ 		766 B
998 B 		Other
General
Check archive.org
Download Go to
Full URL
https://medicalspa2.nfhotel.usermd.net/wp-content/uploads/2023/12/cropped-292385292_141027498592428_924341611248887328_n-32x32.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.91.26.80 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web36.mydevil.net
Software
nginx /
Resource Hash
96bfb0fb54ab0016a2eb878143213dadb5d32d4dcdc455017108c8d58fb4ddf0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://medicalspa2.nfhotel.usermd.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:56:22 GMT
last-modified
Tue, 28 May 2024 07:28:16 GMT
server
nginx
etag
"66558790-2fe"
vary
Accept
content-type
image/webp
cache-control
private, max-age=604800
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
766
expires
Thu, 27 Jun 2024 12:56:22 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery object| AOS object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| ScrollTrigger function| gtag object| dataLayer object| nfHotelBooking function| playAnimation function| appendRoomsToSlider function| oxygen_init_pro_menu function| oxygen_pro_menu_set_static_width function| oxygen_pro_menu_unset_static_width function| oxygen_pro_menu_toggle_dropdown string| selector function| oxygen_offcanvas_menu_init function| oxygen_offcanvas_menu_run boolean| oxygen_offcanvas_menu_toggle_in_progress function| oxygen_offcanvas_menu_toggle object| webpackJsonp function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| oxygen_init_repeater_carousel string| jsVersion function| _classCallCheck function| _defineProperties function| _createClass function| NFLoader object| NFL object| NFLLoadedPromise function| doExtrasCarousel object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Domain/Path Name / Value
.usermd.net/ Name: _ga_VD5TMJF3YE
Value: GS1.1.1716900982.1.0.1716900982.60.0.0
.usermd.net/ Name: _ga
Value: GA1.1.999398606.1716900982

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.nfhotel.pl
booking.nfhotel.pl
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
medicalspa2.nfhotel.usermd.net
nerohome.nfhotel.usermd.net
netfactory.net.pl
nfhotel.pl
region1.analytics.google.com
stats.g.doubleclick.net
www.google.pl
www.googletagmanager.com
104.17.24.14
142.250.184.195
142.250.185.200
142.250.186.163
176.119.42.119
188.114.97.3
212.91.26.80
216.239.32.36
216.58.212.138
31.186.83.249
64.233.184.156
043bba983353f9a66aa34722f9c0ac45fed061036c9deea0bebe6b51bfad6846
068b6cce4ba0c45621e5c2947ebcc3f6701a90c841ce4f210c935f0047a19ead
09b21e56fe890fb959b506a0fa0917c23a418ba712e401537268c2b15eb6b456
0f476ceb3f7bb95cea5c748b6846c1f3837ebec4b2e8a89727b616e5d5431182
141acaa7226a7dfd81d499ec3f277374f1a00e399bf18603b9bbc6efc7e21ad4
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
2375862e5da212f0f9ed06f1a8479c1949e38f98a3788b8fea7819684921149d
2856dc2d6b95b5d0730624995d877db1dd81fac52ba37420f116f9bc09d43e00
294f3db9c71d9d9c1ffc281810459a88ec59963992cd13d32460642e65b887c4
2d3ac21ddece37bb3d3453d6280d9ca6a609d28fcfd24bb4b877f1136436e6be
302ccd42b955f8fee7fd413ca491970e374644789b6711ed5d6d7717cfc1660b
3fea35ed2edc202eeaf20dd29db84308cce3bbbd676fb476a40e7e2cf48df85f
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
4ad52273ab7b9f8590c75177ce5efb8d415542dff99ef4fa71dd977fb5a72160
51b1cbb5a9a390d77559625de354d3b45038010ef8c5d599fc08442a5bc561d6
523b195b029e22ed67c93a9cca8eebf6b7e390b84977f0cd33208a9c99bc02b9
5688d640a047cda03cb78aaef91b213230d84c54a11c90380a8265f2c3dd970e
5aba667058a183e127dfc5c01b8cc5cb4b28ae021c5078b29107e7d93afab197
5b15eea8c9c503d794cce32388458888b56d049d8b4fb301891d9742806d70f3
6b8a445dbddfb9b7c56ffd4f34b6ca628a0d2c85b6a8f4da1eda376694377c3c
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
70b55ef93d76bf4c3359f7802201a334b4736b2e56abf66ad0294010a2c536a0
71f89d049b7ccc39b80e87d13e5d39d6c9765d7ca3af4cfa703b8ccfb88fcb4a
78d3ab17696037b5db00f445e73002b9ceb78795c4ab9c9611801eeb3cb571ef
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f35c7e967307f71945866c47dd7b5db3080da99cbc09a31a5ca99095b470896
81b50ea4841702e461c148250ec40850c7ef22edbbcc04a19ce4112a3985963b
88bf4a7fc4d36b212eac7059f67409e58d4230333d9cd1d911414cf02aea16af
890a08c25ec2196fd0e7b2e048fbe350f20c1aeb0e027bd77191e8d82a946a42
89bf2639ad9456e6a4de312d6e78bc4365254c85089b56befaaaaab32f1b068e
8c5bf2a29e52af7b68de5b9bf14fa0e227d6b048564fe45d5fae7c0420e79e58
95ad6bb6f0da92d554a678fab531a0888c0af5b20aa6267d6e6fa50c20c0c846
96bfb0fb54ab0016a2eb878143213dadb5d32d4dcdc455017108c8d58fb4ddf0
9c8a7ecaf4e0ed08bea96783988793c50868742e326519be6effead990709390
b5a07d99ddb51cc636f70717ad540cbe7b922584b7830ff36e3aee40d2dec97e
b63d8041720901a96d72151284f9c5bfadc64b549c7d43b2a35bd3265802eb98
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf45468e29f7b2528ad9c1b6f7ff488ea00dc3bbae2bc8f8fbd3bbca9690daef
c09e8ec5c45410360fd0813a1ef3075da5a42488468e933f6e38da52ec70e5e5
c231919e525f491189623dde30972bd6f3514930bf06ef4504a2afaf11c63022
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
cc631a4986ad10da836cfb7739bc5072ad80c7e1d740e0e75efde2d8752de2f6
d318d1bdbd4ffd4e3d77b9f23d97ffe9f5b5dae85be99d62ef4c45f368e11c9a
d428b77d52c08da38855b347ef318d24af04eb99f059533e4681a00a0a44cd3a
daa47bb0c2d44c63d12519e99f3f6c44f6ca68312ae650ce7b717538523061d8
dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32
dccf228a150f878a72441e7a959c202a9657d1b5ac8307a42dd65c0e7e4c6d71
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e961ae968620ba227d417778901add81cce0bcb9580f1e83868d650a66701f1b
eb269d5f9c783d3297edf13d1bbe55e73f417788edc9408c923d7b8ea9658d3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1028083fecf6fe9eee20afc07ec45f0cec018f33d8a00f3ed2b5cab6d9c3aae
f1b0758d894a21fa591f1d07b6a3aa91515e2d5b2f923b2574f9dd6b583a1abc
fa78044b3d14e3a0afb5f510bac08533e0d89ab4f07803e6c78fc92821f263b9