flirtymeetings.com Open in urlscan Pro
2606:4700:4400::6812:22ea Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url2446.flirtymeetings.com/ls/click?upn=u001.bdvdIbFObo6WgKcLCbj1DJuGWiqig-2Bv9O2dgdrBqsKGBfSNxRCxrYbhVbR3eHnLSMvybGc-2FR2q...
Effective URL:
https://flirtymeetings.com/payment
Submission: On August 18 via api (August 18th 2024, 6:45:20 pm UTC) from BE — Scanned from DE

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 52 HTTP transactions. The main IP is 2606:4700:4400::6812:22ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is flirtymeetings.com.
TLS certificate: Issued by WE1 on August 12th 2024. Valid for: 3 months.

This is the only time flirtymeetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.95 167.89.118.95	11377 (SENDGRID) (SENDGRID)
4 23	2606:4700:440... 2606:4700:4400::6812:22ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.18.27.64 104.18.27.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
52	12

1 167.89.118.95 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x95.outbound-mail.sendgrid.net

url2446.flirtymeetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:4400::6812:22ea (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

go.flirtymeetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flirtymeetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

s03.ndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.27.64 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.rocketgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-2.rocketgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	flirtymeetings.com 5 redirects url2446.flirtymeetings.com go.flirtymeetings.com flirtymeetings.com	642 KB
10	ndcdn.com s03.ndcdn.com — Cisco Umbrella Rank: 633523	467 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 534	32 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 3773	88 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	408 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	2 KB
3	rocketgate.com 1 redirects secure.rocketgate.com — Cisco Umbrella Rank: 393482 secure-2.rocketgate.com — Cisco Umbrella Rank: 573968	12 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6716	127 B
2	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 567	103 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
52	10

	Domain	Requested by
22	flirtymeetings.com	3 redirects flirtymeetings.com
10	s03.ndcdn.com	flirtymeetings.com
6	bat.bing.com	flirtymeetings.com bat.bing.com
4	www.googletagmanager.com	flirtymeetings.com www.googletagmanager.com
2	www.google.de
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google.com	1 redirects
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	maps.googleapis.com	flirtymeetings.com maps.googleapis.com
2	secure-2.rocketgate.com	flirtymeetings.com secure.rocketgate.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	secure.rocketgate.com	1 redirects
1	go.flirtymeetings.com	1 redirects
1	url2446.flirtymeetings.com	1 redirects
52	15

This site contains links to these domains. Also see Links.

Domain
www.rocketgate.com

Subject Issuer	Validity	Valid
flirtymeetings.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
ndcdn.com WE1	`2024-06-24` - `2024-09-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.rocketgate.com Go Daddy Secure Certificate Authority - G2	`2024-06-26` - `2025-07-28`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://flirtymeetings.com/payment
Frame ID: 3E37C34B00F4B1E61DB62382D70AC48C
Requests: 51 HTTP requests in this frame

Frame: https://flirtymeetings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js
Frame ID: 10DD6DA3CD99A6F53F4DAB975B67270B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Flirty Meetings: Meet Someone Tonight!

Page URL History Show full URLs

http://url2446.flirtymeetings.com/ls/click?upn=u001.bdvdIbFObo6WgKcLCbj1DJuGWiqig-2Bv9O2dgdrBqsKGBfSNxRCxrYbhV... HTTP 307
https://url2446.flirtymeetings.com/ls/click?upn=u001.bdvdIbFObo6WgKcLCbj1DJuGWiqig-2Bv9O2dgdrBqsKGBfSNxRCxrYbhV... HTTP 302
https://go.flirtymeetings.com/t/c/213db9744f90e140e1f3d3879cea172b.cf028f8adc8f7731ad8607df1cf9a14f?id=aHR... HTTP 302
http://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX... HTTP 307
https://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX... HTTP 301
https://flirtymeetings.com/payment HTTP 307
http://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX... HTTP 307
https://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX... HTTP 301
https://flirtymeetings.com/payment Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

52
Requests

94 %
HTTPS

75 %
IPv6

10
Domains

15
Subdomains

12
IPs

5
Countries

1661 kB
Transfer

4128 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rocketgate.com/rocketpay/
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url2446.flirtymeetings.com/ls/click?upn=u001.bdvdIbFObo6WgKcLCbj1DJuGWiqig-2Bv9O2dgdrBqsKGBfSNxRCxrYbhVbR3eHnLSMvybGc-2FR2qGNCql-2F93wVD6hFkbq-2FiZZaJTGIO4av9Wn13-2BuVNX2ZlXkogR0oUnqXAByvEfPXKG1HrVkB8x4gV9U-2BzAZai4FOGDd-2Bb3P1AnJwqdZyHU8gQgu9d-2FkubtE8OqmQMIjh-2F8-2BPpRKjD2byiiDJ0B-2FLXdYexlhe5XHLwelrMwecz81YO3AU2tFzCC3CxxPHOg8AQXOSUtMpqNXWoXfLwEk2uMdgBbTyL8IOpglB7d77LqPVAfBIcqg-2F2EUYvrVUL1aMHRqPr4GBOG99VkiEBFludEEfqjZClcHGViG6W7zWBSJm6i85TJbSP6-2BE2Fyda87vA9ktPGDfU-2Fi75UTuO3bdU2EYOJGBuDnwPXfh0WimfHjpy-2FQyBE-2F4hVfjiHrlx-2BKg7cfFthxxCn1kBfwpcG88eO5zoTWabdLSwyj6hxgsBUTFf9yDBrADxliHYfzI16TnGbZYPjxorvC1-2Bu4VAnRVEoHcmvZE-2FIvbN1G65F9UBCaEZzzMpKppG77Gl03-2BPjFPZc6tNE6w3UdmnOvoI8pLipZEPUyBhaSRTIAIFePPuSCrWqpBgGnS0Bfy-2BZT16NI-2B4-2BPrgyd7TWS181UcmWRgO3046ZNfWJ1MtwXVoW-2FpMkcBFlx6mUEorGgQGaJx_6n5Op-2B4TjlRp-2Ber6Elmbj15DDsKSsVe0JP8JlG92S-2FYaWPo-2B6Umb5iuvYl1w9dPPwIXhhZt0HKu-2BfsfRpMnEmBta53S-2FNLVQ6Qp79XFiuiyc696IOrMosuA6US-2FHIeW-2Fo39xwCAnVhB142R-2BjtdXQxHIs4LPanZDF6qBp287uVXPJ91GrEllG53w5QEnPvMzqbJr3OcQYVdM44u61rO6DA-3D-3D HTTP 307
https://url2446.flirtymeetings.com/ls/click?upn=u001.bdvdIbFObo6WgKcLCbj1DJuGWiqig-2Bv9O2dgdrBqsKGBfSNxRCxrYbhVbR3eHnLSMvybGc-2FR2qGNCql-2F93wVD6hFkbq-2FiZZaJTGIO4av9Wn13-2BuVNX2ZlXkogR0oUnqXAByvEfPXKG1HrVkB8x4gV9U-2BzAZai4FOGDd-2Bb3P1AnJwqdZyHU8gQgu9d-2FkubtE8OqmQMIjh-2F8-2BPpRKjD2byiiDJ0B-2FLXdYexlhe5XHLwelrMwecz81YO3AU2tFzCC3CxxPHOg8AQXOSUtMpqNXWoXfLwEk2uMdgBbTyL8IOpglB7d77LqPVAfBIcqg-2F2EUYvrVUL1aMHRqPr4GBOG99VkiEBFludEEfqjZClcHGViG6W7zWBSJm6i85TJbSP6-2BE2Fyda87vA9ktPGDfU-2Fi75UTuO3bdU2EYOJGBuDnwPXfh0WimfHjpy-2FQyBE-2F4hVfjiHrlx-2BKg7cfFthxxCn1kBfwpcG88eO5zoTWabdLSwyj6hxgsBUTFf9yDBrADxliHYfzI16TnGbZYPjxorvC1-2Bu4VAnRVEoHcmvZE-2FIvbN1G65F9UBCaEZzzMpKppG77Gl03-2BPjFPZc6tNE6w3UdmnOvoI8pLipZEPUyBhaSRTIAIFePPuSCrWqpBgGnS0Bfy-2BZT16NI-2B4-2BPrgyd7TWS181UcmWRgO3046ZNfWJ1MtwXVoW-2FpMkcBFlx6mUEorGgQGaJx_6n5Op-2B4TjlRp-2Ber6Elmbj15DDsKSsVe0JP8JlG92S-2FYaWPo-2B6Umb5iuvYl1w9dPPwIXhhZt0HKu-2BfsfRpMnEmBta53S-2FNLVQ6Qp79XFiuiyc696IOrMosuA6US-2FHIeW-2Fo39xwCAnVhB142R-2BjtdXQxHIs4LPanZDF6qBp287uVXPJ91GrEllG53w5QEnPvMzqbJr3OcQYVdM44u61rO6DA-3D-3D HTTP 302
https://go.flirtymeetings.com/t/c/213db9744f90e140e1f3d3879cea172b.cf028f8adc8f7731ad8607df1cf9a14f?id=aHR0cDovL2ZsaXJ0eW1lZXRpbmdzLmNvbS9wcm9maWxlcy9zaG93L21hcmllZWNvb2w2NT94bmRhbD1sVjFIc2EzTW9YSHBwdlZOSTVHTlQ5d0ZjTUJGOTdvU2hWM2QycmtvNUlYNnpoV1J1LUdFc0VHMldyaDl0YmVmbWdZbXI5VDZieXVEOXpfQ0VuNm9wOThOaV9wbkZNQVFnSzZBbHJRREdiUmtOSnptelVqUVhlOVY4QkcyckpjZnVKUnQ3SlFFU2FlNXY4dUhhQW45NUE0dlgtLTFOTVAyZTBBRzdZaXdTSzBDcXZWcEFyRC1wbFJIYml6eE1pRWQmdGFyZ2V0PXBheW1lbnQmZW1haWxfdHlwZT1lbWFpbF9jbGlja19mb2xsb3dfdXBfdmFsaWRhdGlvbg HTTP 302
http://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX6zhWRu-GEsEG2Wrh9tbefmgYmr9T6byuD9z_CEn6op98Ni_pnFMAQgK6AlrQDGbRkNJzmzUjQXe9V8BG2rJcfuJRt7JQESae5v8uHaAn95A4vX--1NMP2e0AG7YiwSK0CqvVpArD-plRHbizxMiEd&target=payment&email_type=email_click_follow_up_validation HTTP 307
https://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX6zhWRu-GEsEG2Wrh9tbefmgYmr9T6byuD9z_CEn6op98Ni_pnFMAQgK6AlrQDGbRkNJzmzUjQXe9V8BG2rJcfuJRt7JQESae5v8uHaAn95A4vX--1NMP2e0AG7YiwSK0CqvVpArD-plRHbizxMiEd&target=payment&email_type=email_click_follow_up_validation HTTP 301
https://flirtymeetings.com/payment HTTP 307
http://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX6zhWRu-GEsEG2Wrh9tbefmgYmr9T6byuD9z_CEn6op98Ni_pnFMAQgK6AlrQDGbRkNJzmzUjQXe9V8BG2rJcfuJRt7JQESae5v8uHaAn95A4vX--1NMP2e0AG7YiwSK0CqvVpArD-plRHbizxMiEd&target=payment&email_type=email_click_follow_up_validation HTTP 307
https://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX6zhWRu-GEsEG2Wrh9tbefmgYmr9T6byuD9z_CEn6op98Ni_pnFMAQgK6AlrQDGbRkNJzmzUjQXe9V8BG2rJcfuJRt7JQESae5v8uHaAn95A4vX--1NMP2e0AG7YiwSK0CqvVpArD-plRHbizxMiEd&target=payment&email_type=email_click_follow_up_validation HTTP 301
https://flirtymeetings.com/payment Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://secure.rocketgate.com/hostedpage/EmbeddedFields.jsp?id=706417029&merch=1496440174&amount=1.25&method=CC&purchase=TRUE&email=braekman.freddy%40telenet.be&country=BE&avs=NO&success=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Fsuccess&fail=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Ffail&invoice=2261845701&currency=EUR&mp=106960&udf01=164&udf02=1000275&style=https%3A%2F%2Fpayment.flirtymeetings.com%2Fsite%2F1496440174%2Fnobranding.css&xsell=1496440174%3A706417029%3A10287%3A6471%3A2261845703%3A1.25%3AEUR%3A39.95%3A30%3A7%3A%3Aplaceholder+xsell+text%3A164&xsell=1496440174%3A706417029%3A10287%3A6472%3A2261845705%3A0.00%3AEUR%3A29.95%3A30%3A10%3A%3Aplaceholder+xsell+text%3A164&scrub=YES&lang=de&siteid=10287&prodid=6473&username=0048454009profm&pw=H%3FvO23&rebill-amount=19.63&rebill-freq=30&rebill-start=1&hash=8aFz%2FMz9c%2FwgmRnt9Z%2Bljj7aQEE%3D&customData%5BgiftcardUrl%5D=&customData%5Bkeyword%5D=1000275&customData%5Bsource_id%5D=7&customData%5Bnobranding%5D=0&customData%5Bpool%5D=catchAll&customData%5Brisky%5D=0&customData%5Budf02%5D=1%7CT5d HTTP 302
https://secure-2.rocketgate.com/hostedpage/EmbeddedFields.jsp?id=706417029&merch=1496440174&amount=1.25&method=CC&purchase=TRUE&email=braekman.freddy%40telenet.be&country=BE&avs=NO&success=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Fsuccess&fail=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Ffail&invoice=2261845701&currency=EUR&mp=106960&udf01=164&udf02=1000275&style=https%3A%2F%2Fpayment.flirtymeetings.com%2Fsite%2F1496440174%2Fnobranding.css&xsell=1496440174%3A706417029%3A10287%3A6471%3A2261845703%3A1.25%3AEUR%3A39.95%3A30%3A7%3A%3Aplaceholder+xsell+text%3A164&xsell=1496440174%3A706417029%3A10287%3A6472%3A2261845705%3A0.00%3AEUR%3A29.95%3A30%3A10%3A%3Aplaceholder+xsell+text%3A164&scrub=YES&lang=de&siteid=10287&prodid=6473&username=0048454009profm&pw=H%3FvO23&rebill-amount=19.63&rebill-freq=30&rebill-start=1&hash=8aFz%2FMz9c%2FwgmRnt9Z%2Bljj7aQEE%3D&customData%5BgiftcardUrl%5D=&customData%5Bkeyword%5D=1000275&customData%5Bsource_id%5D=7&customData%5Bnobranding%5D=0&customData%5Bpool%5D=catchAll&customData%5Brisky%5D=0&customData%5Budf02%5D=1%7CT5d

Request Chain 24

https://flirtymeetings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://flirtymeetings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js

Request Chain 42

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=528111825.1724006716&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81P4W5Z3Zv9132179626za200&auid=539984485.1724006716 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=528111825.1724006716&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81P4W5Z3Zv9132179626za200&auid=539984485.1724006716

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request payment Show response
flirtymeetings.com/
Redirect Chain

http://url2446.flirtymeetings.com/ls/click?upn=u001.bdvdIbFObo6WgKcLCbj1DJuGWiqig-2Bv9O2dgdrBqsKGBfSNxRCxrYbhVbR3eHnLSMvybGc-2FR2qGNCql-2F93wVD6hFkbq-2FiZZaJTGIO4av9Wn13-2BuVNX2ZlXkogR0oUnqXAByvEfP...
https://url2446.flirtymeetings.com/ls/click?upn=u001.bdvdIbFObo6WgKcLCbj1DJuGWiqig-2Bv9O2dgdrBqsKGBfSNxRCxrYbhVbR3eHnLSMvybGc-2FR2qGNCql-2F93wVD6hFkbq-2FiZZaJTGIO4av9Wn13-2BuVNX2ZlXkogR0oUnqXAByvEf...
https://go.flirtymeetings.com/t/c/213db9744f90e140e1f3d3879cea172b.cf028f8adc8f7731ad8607df1cf9a14f?id=aHR0cDovL2ZsaXJ0eW1lZXRpbmdzLmNvbS9wcm9maWxlcy9zaG93L21hcmllZWNvb2w2NT94bmRhbD1sVjFIc2EzTW9YSH...
http://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX6zhWRu-GEsEG2Wrh9tbefmgYmr9T6byuD9z_CEn6op98Ni_pnFMAQgK6AlrQDGbRkNJzmzUjQXe9V8BG2rJcfuJRt7JQESa...
https://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX6zhWRu-GEsEG2Wrh9tbefmgYmr9T6byuD9z_CEn6op98Ni_pnFMAQgK6AlrQDGbRkNJzmzUjQXe9V8BG2rJcfuJRt7JQES...
https://flirtymeetings.com/payment
http://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX6zhWRu-GEsEG2Wrh9tbefmgYmr9T6byuD9z_CEn6op98Ni_pnFMAQgK6AlrQDGbRkNJzmzUjQXe9V8BG2rJcfuJRt7JQESa...
https://flirtymeetings.com/profiles/show/marieecool65?xndal=lV1Hsa3MoXHppvVNI5GNT9wFcMBF97oShV3d2rko5IX6zhWRu-GEsEG2Wrh9tbefmgYmr9T6byuD9z_CEn6op98Ni_pnFMAQgK6AlrQDGbRkNJzmzUjQXe9V8BG2rJcfuJRt7JQES...
https://flirtymeetings.com/payment

182 KB
35 KB

424ms
424ms

Document
text/html

2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/payment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a00c974d03e5dc28157118ded3260261cc6ee004540c1c053ecc91993c659e18

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b540f486884b88b-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 18 Aug 2024 18:45:14 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b540f462dd5b88b-AMS
content-type: text/html; charset=UTF-8
date: Sun, 18 Aug 2024 18:45:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /payment
pragma: no-cache
server: cloudflare

GET
H2 200 payment0016.css
flirtymeetings.com/css/payment/ 29 KB
6 KB 27ms
26ms Stylesheet
text/css 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0293c5aab451c74e43b8224d202da9ca61a3d1b511a1ed4e157d2dd5c29591

Request headers

Referer: https://flirtymeetings.com/payment
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:57:48 GMT
server: cloudflare
age: 209541
etag: W/"66bda6ec-75fc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8b540f4b3bf2b88b-AMS
expires: Tue, 17 Sep 2024 18:45:14 GMT

GET
H3 200 logo-payment.svg
s03.ndcdn.com/sites/flirtymeetings.com/ 9 KB
4 KB 241ms
224ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/sites/flirtymeetings.com/logo-payment.svg?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb871531e4c7cf80098101acbd7e09d8d24c59ceb0ac74c13dc1cae213c34e2

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 07:11:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301285
etag: W/"6479961f-231a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DyEvYmRLI26dYdjm7ydRGPMMkrcerA10Q8k4o2ZbSz1nbkHDWc7K%2FJpr2BMd30gSPqI7Qpy8LO5plRY8SsjAddNF6Kb6lw0fChkpjWF%2FjHZQa3zzEmD43VEcKrEnilG7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 8b540f4c5f6a4d64-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 verified-user-icon.svg
s03.ndcdn.com/members-static-fd/payment/payment0016/ 654 B
903 B 240ms
224ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/members-static-fd/payment/payment0016/verified-user-icon.svg?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 212e8cb869a25f950bc734cf51b6cc3e305478308418c4ff2549c88175f46e32

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:29:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301345
etag: W/"65c377bd-28e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t04IsHYaenVfMh9yKpP%2FE4Nm0W%2BMZ4m8eJ%2FBIMtiqTrdN%2F9JoBGkytfiuDt0oJaKaqxbKzdyJC%2FTMsVfvXD9wxuKvshPvHwZXb%2FY0g8yihCZgs7ZMxXkIEbayC%2F51IG1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 8b540f4c4f5b4d64-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 14 Sep 2024 07:02:49 GMT

GET
H3 200 rate-stars.svg
s03.ndcdn.com/members-static-fd/payment/payment0016/ 2 KB
943 B 36ms
36ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/members-static-fd/payment/payment0016/rate-stars.svg?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4005f016f0e16144a5ab39257c439e4995c9f7201e28a1feca52110193e8f020

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:29:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301345
etag: W/"65c377bd-66f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KH0xZ7hJoZNJR6G7fxxcUeSGyQvfFe31PXUwjB0at3zIpdOWrNnJbK4Kif2c0chmtbp6s%2Bg%2BvRWcRzUJ71b7LDXzrSH%2BotXCvOjG2e%2BT1VuBBYFJUNeh3zvn06SgX11L"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 8b540f4b6e1b4d64-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 14 Sep 2024 07:02:49 GMT

GET
H2

200

EmbeddedFields.jsp Show response
secure-2.rocketgate.com/hostedpage/
Redirect Chain

https://secure.rocketgate.com/hostedpage/EmbeddedFields.jsp?id=706417029&merch=1496440174&amount=1.25&method=CC&purchase=TRUE&email=braekman.freddy%40telenet.be&country=BE&avs=NO&success=https%3A%2...
https://secure-2.rocketgate.com/hostedpage/EmbeddedFields.jsp?id=706417029&merch=1496440174&amount=1.25&method=CC&purchase=TRUE&email=braekman.freddy%40telenet.be&country=BE&avs=NO&success=https%3A...

25 KB
7 KB

537ms
532ms

Script
text/javascript

104.18.27.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure-2.rocketgate.com/hostedpage/EmbeddedFields.jsp?id=706417029&merch=1496440174&amount=1.25&method=CC&purchase=TRUE&email=braekman.freddy%40telenet.be&country=BE&avs=NO&success=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Fsuccess&fail=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Ffail&invoice=2261845701&currency=EUR&mp=106960&udf01=164&udf02=1000275&style=https%3A%2F%2Fpayment.flirtymeetings.com%2Fsite%2F1496440174%2Fnobranding.css&xsell=1496440174%3A706417029%3A10287%3A6471%3A2261845703%3A1.25%3AEUR%3A39.95%3A30%3A7%3A%3Aplaceholder+xsell+text%3A164&xsell=1496440174%3A706417029%3A10287%3A6472%3A2261845705%3A0.00%3AEUR%3A29.95%3A30%3A10%3A%3Aplaceholder+xsell+text%3A164&scrub=YES&lang=de&siteid=10287&prodid=6473&username=0048454009profm&pw=H%3FvO23&rebill-amount=19.63&rebill-freq=30&rebill-start=1&hash=8aFz%2FMz9c%2FwgmRnt9Z%2Bljj7aQEE%3D&customData%5BgiftcardUrl%5D=&customData%5Bkeyword%5D=1000275&customData%5Bsource_id%5D=7&customData%5Bnobranding%5D=0&customData%5Bpool%5D=catchAll&customData%5Brisky%5D=0&customData%5Budf02%5D=1%7CT5d

Requested by

Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment

Protocol

Server

104.18.27.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de223739c6abb184f3b43abb2fdb3bc64b2d1963fa5c0b9584719b159861082e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
cf-ray: 8b540f4efedb03b0-FRA
x-xss-protection: 1; mode=block
expires: Fri, 30 Oct 1998 14:19:41 GMT

Redirect headers

location: https://secure-2.rocketgate.com/hostedpage/EmbeddedFields.jsp?id=706417029&merch=1496440174&amount=1.25&method=CC&purchase=TRUE&email=braekman.freddy%40telenet.be&country=BE&avs=NO&success=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Fsuccess&fail=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Ffail&invoice=2261845701&currency=EUR&mp=106960&udf01=164&udf02=1000275&style=https%3A%2F%2Fpayment.flirtymeetings.com%2Fsite%2F1496440174%2Fnobranding.css&xsell=1496440174%3A706417029%3A10287%3A6471%3A2261845703%3A1.25%3AEUR%3A39.95%3A30%3A7%3A%3Aplaceholder+xsell+text%3A164&xsell=1496440174%3A706417029%3A10287%3A6472%3A2261845705%3A0.00%3AEUR%3A29.95%3A30%3A10%3A%3Aplaceholder+xsell+text%3A164&scrub=YES&lang=de&siteid=10287&prodid=6473&username=0048454009profm&pw=H%3FvO23&rebill-amount=19.63&rebill-freq=30&rebill-start=1&hash=8aFz%2FMz9c%2FwgmRnt9Z%2Bljj7aQEE%3D&customData%5BgiftcardUrl%5D=&customData%5Bkeyword%5D=1000275&customData%5Bsource_id%5D=7&customData%5Bnobranding%5D=0&customData%5Bpool%5D=catchAll&customData%5Brisky%5D=0&customData%5Budf02%5D=1%7CT5d
date: Sun, 18 Aug 2024 18:45:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b540f4b998f03b0-FRA
content-type: text/html; charset=iso-8859-1

GET
H3 200 norton.png
s03.ndcdn.com/members-static-fd/payment/payment0002/icons/ 3 KB
4 KB 210ms
209ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/members-static-fd/payment/payment0002/icons/norton.png?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6d95fed777811e22a4ae000013fd33f474e45c032b74217e98612dd6f6e517f

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301345
alt-svc: h3=":443"; ma=86400
content-length: 3397
last-modified: Thu, 23 Mar 2023 13:39:42 GMT
server: cloudflare
etag: "641c569e-d45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxSugppDLl8d39xavdsuRKZhJgD6FaWpWxs3VkkSJyB1%2Br%2FGPcDFNWIoAe%2BTw57jXm5expdPEmXGlXHEX6WsFHbg0Y9IoQuglXlLETbJXoUAxPPkRJx0yoQ6H8ZYDMtY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8b540f4c4f574d64-FRA
expires: Sat, 14 Sep 2024 07:02:49 GMT

GET
H3 200 image@2x.png
s03.ndcdn.com/members-static-fd/payment/payment0016/ 438 KB
439 KB 126ms
125ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/members-static-fd/payment/payment0016/image@2x.png?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e180399eff3f9b75e49c5ca2e6b65468cdda4655cdf61b6e57931798efc085

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301345
alt-svc: h3=":443"; ma=86400
content-length: 448865
last-modified: Wed, 07 Feb 2024 12:29:49 GMT
server: cloudflare
etag: "65c377bd-6d961"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKMUWHgd4TnjQna1wBeKe1JpfOVquK3BWGipgauYSTYgOU8HtC%2F4BoLOMZjYI5ImdsHZgH5yk0WlaAHLB6gVdc6TR1A6hW5L9Lb5Xtdf640GLiH1%2BKyKIn72CHff516R"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8b540f4c0efd4d64-FRA
expires: Sat, 14 Sep 2024 07:02:49 GMT

GET
H3 200 logo-1.svg
s03.ndcdn.com/members-static-fd/payment/payment0016/ 18 KB
6 KB 212ms
211ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/members-static-fd/payment/payment0016/logo-1.svg?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58879afe4b4b75bb4a6ab194b904b1ea24a0343514b3fdc366938b38f0706f5

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:29:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301345
etag: W/"65c377be-48e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tax5yLXKX0E%2BttZzuzPrIgAK0eyk6CjwDYctW5Wt8LTHLcUDvNF1Z8kKqQti%2FWxSJojN%2BUOz41UovaEYRUGBwWP4nKhOXeXbih8iHcH3BZqFVRv62cVHFD9c6XI6GPiF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 8b540f4c4f5a4d64-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 14 Sep 2024 07:02:49 GMT

GET
H3 200 logo-2@2x.png
s03.ndcdn.com/members-static-fd/payment/payment0016/ 5 KB
5 KB 176ms
175ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/members-static-fd/payment/payment0016/logo-2@2x.png?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4e6bfe4881734da4cf6530a23b4a48636ef5a2b316a4cfa4fcb274c9243d7d

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301345
alt-svc: h3=":443"; ma=86400
content-length: 4662
last-modified: Wed, 07 Feb 2024 12:29:49 GMT
server: cloudflare
etag: "65c377bd-1236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slvHtc%2B3rfGT4GySp07fztq2CGt0I%2BCi0JKJZse2UvRiK7K%2Bfn70twMZu9iLSgoMuDu7ZZQG75sN294z4zC3aRuixo9LLl0Wz%2BlZGYYk1KOpiyWuEafDypEueU%2Bqas5y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8b540f4c5f6f4d64-FRA
expires: Sat, 14 Sep 2024 07:02:49 GMT

GET
H3 200 logo-3@2x.png
s03.ndcdn.com/members-static-fd/payment/payment0016/ 6 KB
6 KB 176ms
176ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/members-static-fd/payment/payment0016/logo-3@2x.png?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e861a180009ab1dfe0d519c3d907c588311641cad4ec97b9cebc138da1c5d6f6

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301345
alt-svc: h3=":443"; ma=86400
content-length: 5713
last-modified: Wed, 07 Feb 2024 12:29:49 GMT
server: cloudflare
etag: "65c377bd-1651"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvcGb3sdkd7HfAgOqRu15lL39EuqZEn5hA9CSuY8%2F1MUfbTH4z8Mtx19CS5UOosXja%2F1UXZMlTDhG6Pux%2FatMpZI7B7YY74Ip%2FT2f%2BGp0FBSAqhsdEspd4%2FeN6OkaUFd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8b540f4c5f724d64-FRA
expires: Sat, 14 Sep 2024 07:02:49 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 316 KB
103 KB 60ms
37ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCjYIb7jx0EvOECrXa8dq4Q5TAhDUj5LAc&libraries=places&language=en&callback=Function.prototype

Requested by

Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

58f104a54e25a11ae2287e4d71267ab4d072861a508f0c65e0cd1287115bd36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105461
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
103 KB 38ms
17ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F7BJXTNBJG

Requested by

Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b329987454a8d50c953d67d02b91cc2f66728856729082fa639237ad673d7b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 18:45:14 GMT

GET
H2 200 config.js Show response
flirtymeetings.com/js/dist/ 3 KB
885 B 29ms
28ms Script
application/javascript 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/js/dist/config.js
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699ef34a55a18e454a65dd2e7e9fa36fa8bb72742890f28205e7f3c5740a558a

Request headers

Referer: https://flirtymeetings.com/payment
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:54:12 GMT
server: cloudflare
age: 209541
etag: W/"66bda614-aff"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 8b540f4b6c72b88b-AMS
expires: Tue, 17 Sep 2024 18:45:14 GMT

GET
H2 200 require.js Show response
flirtymeetings.com/node_modules/requirejs/ 85 KB
21 KB 30ms
29ms Script
application/javascript 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/node_modules/requirejs/require.js
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8215b90000b571bd241d28512c83f59855cecc3158db94b79b2d974c9923b5d2

Request headers

Referer: https://flirtymeetings.com/payment
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
age: 209541
etag: W/"1dc09d84-15232"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 8b540f4b6c74b88b-AMS
expires: Tue, 17 Sep 2024 18:45:14 GMT

GET
H2 200 svg-icons.svg
flirtymeetings.com/img/svg-icons/ 126 KB
36 KB 24ms
23ms Other
image/svg+xml 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/img/svg-icons/svg-icons.svg
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2822275f44bd460b8686ef5355ed7caddad0628067c148a0552f9490e2905903

Request headers

Referer: https://flirtymeetings.com/payment
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:54:12 GMT
server: cloudflare
age: 209479
etag: W/"66bda614-1f9d8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 8b540f4b9cbdb88b-AMS
expires: Tue, 17 Sep 2024 18:45:14 GMT

GET
H2 200 Roboto-Bold.woff2
flirtymeetings.com/fonts/Roboto/ 62 KB
62 KB 25ms
24ms Font
font/woff2 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/fonts/Roboto/Roboto-Bold.woff2
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed8b1167ec0b84e9724010180a1c4e7568b442538cf330c0a23f308c120afd5

Request headers

Referer: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Origin: https://flirtymeetings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:54:12 GMT
server: cloudflare
age: 2283
etag: "66bda614-f894"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b540f4b7c7db88b-AMS
content-length: 63636
expires: Sun, 18 Aug 2024 22:45:14 GMT

GET
H2 200 Roboto-Regular.woff2
flirtymeetings.com/fonts/Roboto/ 62 KB
62 KB 30ms
30ms Font
font/woff2 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/fonts/Roboto/Roboto-Regular.woff2
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5fbb89399a794fabe5aa2d19a6ef8ec6f7c9b2bb1c5e36db55504f728b5248f

Request headers

Referer: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Origin: https://flirtymeetings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:54:12 GMT
server: cloudflare
age: 2283
etag: "66bda614-f808"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b540f4b7c83b88b-AMS
content-length: 63496
expires: Sun, 18 Aug 2024 22:45:14 GMT

GET
H2 200 EmbeddedFieldsLoad.jsp;jsessionid=B47A5D57F01BB0B8CD478A5DCA9F10B0 Show response
secure-2.rocketgate.com/hostedpage/ 13 KB
3 KB 152ms
151ms XHR
text/html 104.18.27.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure-2.rocketgate.com/hostedpage/EmbeddedFieldsLoad.jsp;jsessionid=B47A5D57F01BB0B8CD478A5DCA9F10B0?flag=1724006715349&fields=EMAIL%3AFIRSTNAME%3ALASTNAME%3ACARDNO%3AZIP%3ACOUNTRY

Requested by

Host: secure.rocketgate.com
URL: https://secure.rocketgate.com/hostedpage/EmbeddedFields.jsp?id=706417029&merch=1496440174&amount=1.25&method=CC&purchase=TRUE&email=braekman.freddy%40telenet.be&country=BE&avs=NO&success=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Fsuccess&fail=https%3A%2F%2Fpayment.flirtymeetings.com%2Freturn%2Ffail&invoice=2261845701&currency=EUR&mp=106960&udf01=164&udf02=1000275&style=https%3A%2F%2Fpayment.flirtymeetings.com%2Fsite%2F1496440174%2Fnobranding.css&xsell=1496440174%3A706417029%3A10287%3A6471%3A2261845703%3A1.25%3AEUR%3A39.95%3A30%3A7%3A%3Aplaceholder+xsell+text%3A164&xsell=1496440174%3A706417029%3A10287%3A6472%3A2261845705%3A0.00%3AEUR%3A29.95%3A30%3A10%3A%3Aplaceholder+xsell+text%3A164&scrub=YES&lang=de&siteid=10287&prodid=6473&username=0048454009profm&pw=H%3FvO23&rebill-amount=19.63&rebill-freq=30&rebill-start=1&hash=8aFz%2FMz9c%2FwgmRnt9Z%2Bljj7aQEE%3D&customData%5BgiftcardUrl%5D=&customData%5Bkeyword%5D=1000275&customData%5Bsource_id%5D=7&customData%5Bnobranding%5D=0&customData%5Bpool%5D=catchAll&customData%5Brisky%5D=0&customData%5Budf02%5D=1%7CT5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ad1f33677ad0d1edb2d89200d61d94f30c92e4a841a12e4c5bf845cf1e727b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://flirtymeetings.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8b540f52fc9e03b0-FRA
x-xss-protection: 1; mode=block
expires: Fri, 30 Oct 1998 14:19:41 GMT

GET
H3 200 rate-stars.svg
s03.ndcdn.com/members-static-fd/payment/payment0016/ 2 KB
0 0ms
0ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s03.ndcdn.com/members-static-fd/payment/payment0016/rate-stars.svg?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4005f016f0e16144a5ab39257c439e4995c9f7201e28a1feca52110193e8f020

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:29:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301345
etag: W/"65c377bd-66f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KH0xZ7hJoZNJR6G7fxxcUeSGyQvfFe31PXUwjB0at3zIpdOWrNnJbK4Kif2c0chmtbp6s%2Bg%2BvRWcRzUJ71b7LDXzrSH%2BotXCvOjG2e%2BT1VuBBYFJUNeh3zvn06SgX11L"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 8b540f4b6e1b4d64-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 14 Sep 2024 07:02:49 GMT

GET
H2 200 Roboto-Light.woff2
flirtymeetings.com/fonts/Roboto/ 64 KB
64 KB 31ms
31ms Font
font/woff2 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/fonts/Roboto/Roboto-Light.woff2
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5d9991194e93e2a358c4236664514fe7c32bd06438730a94b244aca56c53e3

Request headers

Referer: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Origin: https://flirtymeetings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:54:12 GMT
server: cloudflare
age: 2283
etag: "66bda614-10034"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b540f531f9db88b-AMS
content-length: 65588
expires: Sun, 18 Aug 2024 22:45:15 GMT

GET
H2 200 Roboto-Medium.woff2
flirtymeetings.com/fonts/Roboto/ 63 KB
63 KB 24ms
24ms Font
font/woff2 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/fonts/Roboto/Roboto-Medium.woff2
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5209181ddb54eef4e0414fdef89ae9c59c2f0ea5f37cbe19774267ca724967d9

Request headers

Referer: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Origin: https://flirtymeetings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:54:12 GMT
server: cloudflare
age: 2283
etag: "66bda614-fb44"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b540f531fa0b88b-AMS
content-length: 64324
expires: Sun, 18 Aug 2024 22:45:15 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 47ms
32ms XHR
application/json 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCjYIb7jx0EvOECrXa8dq4Q5TAhDUj5LAc&libraries=places&language=en&callback=Function.prototype

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flirtymeetings.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 payment.js Show response
flirtymeetings.com/js/dist/ 1 MB
280 KB 33ms
32ms Script
application/javascript 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/js/dist/payment.js?v=2.239.0.master.20240815085658
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/node_modules/requirejs/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb3eab1096f08f89f4043c4251a0c7eb92a026f9c3e048accdd5ce5daec1d4a

Request headers

Referer: https://flirtymeetings.com/payment
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 07:00:21 GMT
server: cloudflare
age: 209559
etag: W/"66bda785-1455b2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 8b540f533fc1b88b-AMS
expires: Tue, 17 Sep 2024 18:45:15 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 52ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F7BJXTNBJG&gtm=45je48e0v9106030578za200&_p=1724006715353&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=126101367.1724006715&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724006715&sct=1&seg=0&dl=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dt=Flirty%20Meetings%3A%20Meet%20Someone%20Tonight!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5109
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7BJXTNBJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flirtymeetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

main.js Show response
flirtymeetings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/ Frame 10DD
Redirect Chain

https://flirtymeetings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://flirtymeetings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?

8 KB
4 KB

26ms
25ms

Script
application/javascript

2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtymeetings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?

Requested by

Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment

Protocol

Server

2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c234651ba494e1378936fa77fdc0fdba2180a5ea61a53756d3c6d0e539a64631

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b540f53882fb88b-AMS

Redirect headers

date: Sun, 18 Aug 2024 18:45:15 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b540f534fdcb88b-AMS
content-length: 0

POST
H2 200 8b540f486884b88b Show response
flirtymeetings.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 10DD 0
598 B 39ms
34ms XHR
text/plain 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/cdn-cgi/challenge-platform/h/g/jsd/r/8b540f486884b88b
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
server: cloudflare
cf-ray: 8b540f5418f0b88b-AMS
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
104 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4W5Z3Z

Requested by

Host: flirtymeetings.com
URL: https://flirtymeetings.com/js/dist/payment.js?v=2.239.0.master.20240815085658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d27cbca12a0d54f335c5b832d9a1aee8555cc928853c28573293663c803308a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105875
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 18:45:15 GMT

GET
H3 200 favicon.png
s03.ndcdn.com/sites/flirtymeetings.com/ 1 KB
2 KB 20ms
19ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s03.ndcdn.com/sites/flirtymeetings.com/favicon.png?v=2.239.0.master.20240815085658
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 010444522a3e9eb4bf2eff388138b47fb6b678aaece5733fd81f7a448b46b370

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
cf-cache-status: HIT
last-modified: Mon, 10 Apr 2023 10:00:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301344
etag: "6433de3e-56b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Hk5iL712DlOhbJXx2UFHBgV0TR9X%2FW2Q9b64O4JlZAT2zOUynJTeaV8C6CuqZFUPUXIb244bqhJrIJxCc6UlxzQ7M3bBKdmz%2B5z9Zfxx3Fu2vM9F%2FHV5XYIFf1uUSDS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8b540f544aa44d64-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1387

GET
H2 200 german.svg
flirtymeetings.com/img/payment/language-flags/ 769 B
469 B 26ms
26ms Image
image/svg+xml 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirtymeetings.com/img/payment/language-flags/german.svg
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ad47d2975ad30c0d467a920ed2c51364572b0141d1dbf653749d27d00f1386

Request headers

Referer: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:54:12 GMT
server: cloudflare
age: 209470
etag: W/"66bda614-301"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 8b540f544954b88b-AMS
expires: Tue, 17 Sep 2024 18:45:15 GMT

GET
H2 200 cards-with-border.svg
flirtymeetings.com/img/payment/credit-card/ 5 KB
2 KB 28ms
28ms Image
image/svg+xml 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirtymeetings.com/img/payment/credit-card/cards-with-border.svg
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b912a2e2bc4d005e11755e569b76d097716dd838b518c6dde74b96f338b0f9

Request headers

Referer: https://flirtymeetings.com/css/payment/payment0016.css?v=2.239.0.master.20240815085658
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 06:54:12 GMT
server: cloudflare
age: 209540
etag: W/"66bda614-148d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 8b540f544957b88b-AMS
expires: Tue, 17 Sep 2024 18:45:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
107 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YEXK0TCJLR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4W5Z3Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9463c29b8bb492a1c1ba36503cfff12846353ecc361ee4f4eff39db5c39f55ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 18:45:15 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 66ms
28ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: flirtymeetings.com
URL: https://flirtymeetings.com/payment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 18 Aug 2024 18:45:14 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C3D64DF29794636ABA7E29AA71902ED Ref B: FRA31EDGE0222 Ref C: 2024-08-18T18:45:15Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 276 KB
94 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-591041862&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4W5Z3Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b198f229401c9c9300229660d915d04e331f338bc913f67d4ddfba883a892955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96250
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 18:45:15 GMT

POST
H2 200 log-actions Show response
flirtymeetings.com/light/ 108 B
267 B 89ms
84ms XHR
application/json 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/light/log-actions
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/js/dist/payment.js?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4faab5b22aaa9ae4ab26cf7257c58eafdd04ec443a29268835912c9cbb2630e8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://flirtymeetings.com/payment
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b540f54ea38b88b-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 log-actions Show response
flirtymeetings.com/light/ 108 B
173 B 98ms
94ms XHR
application/json 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/light/log-actions
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/js/dist/payment.js?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4faab5b22aaa9ae4ab26cf7257c58eafdd04ec443a29268835912c9cbb2630e8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://flirtymeetings.com/payment
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b540f54ea39b88b-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 187084252.js Show response
bat.bing.com/p/action/ 2 KB
970 B 30ms
30ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187084252.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f7cc1e3536dec8b741d54c1190eb2965cb8cd247bd989f753dfdb9c9515f023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 18 Aug 2024 18:45:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 502F47C0320943AAACAE545631C77015 Ref B: FRA31EDGE0222 Ref C: 2024-08-18T18:45:15Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 187084252 Show response
bat.bing.com/p/insights/t/ 713 B
910 B 102ms
102ms Script
application/x-javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/187084252

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/187084252.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

be937cb51706e095d4f50111687e3b14c88cd1c4209f98f10dbaaf7fea4e17f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 18 Aug 2024 18:45:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8456CD0A824743B0AEA622637981CEAC Ref B: FRA31EDGE0222 Ref C: 2024-08-18T18:45:15Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-azure-ref: 20240818T184515Z-1548b9d4c5b8dwzxqwn5dkw3z800000002y000000000d7mv
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 611
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
179 B 30ms
30ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187084252&Ver=2&mid=6366439a-1524-4ba1-a65c-ac6bf4e4f46c&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Flirty%20Meetings%3A%20Meet%20Someone%20Tonight!&p=https%3A%2F%2Fflirtymeetings.com%2Fpayment&r=&lt=5178&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=351411

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Aug 2024 18:45:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64B0C3EDCA194848809EB84477FDA37A Ref B: FRA31EDGE0222 Ref C: 2024-08-18T18:45:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.7.44 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 33ms
33ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.44

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/187084252

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0af02a29fef2b9f1bb1cd699d6cac52dc69c6d8f83b0d4f3631d99ac675cde65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 18 Aug 2024 18:45:14 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 15148
last-modified: Sun, 18 Aug 2024 06:44:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CBB2016C64114B7FA4D6DDFBFD45E5E9 Ref B: FRA31EDGE0222 Ref C: 2024-08-18T18:45:15Z
etag: W/"0x8DCBF512A2956E4"
vary: Accept-Encoding
x-azure-ref: 20240818T184515Z-16cbcfc96b5wvjgn3s0zn6c82000000004qg000000004m71
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 45c262b8-c01e-0066-733e-f161fb000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

POST
H2 204 k Show response
bat.bing.com/p/insights/c/ 0
212 B 102ms
101ms XHR
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/k

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.44

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Aug 2024 18:45:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EEC9577292474BAA8C15C030ABD0A1A1 Ref B: FRA31EDGE0222 Ref C: 2024-08-18T18:45:15Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://flirtymeetings.com
access-control-allow-credentials: true
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/591041862/ 3 KB
1 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/591041862/?random=1724006715687&cv=11&fst=1724006715687&bg=ffffff&guid=ON&async=1&gtm=45be48e0v9106789090z89132179626za201zb9132179626&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&hn=www.googleadservices.com&frm=0&tiba=Flirty%20Meetings%3A%20Meet%20Someone%20Tonight!&npa=0&pscdl=noapi&auid=539984485.1724006716&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-591041862&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a6362b29a76e321f060f21b568b91befc8c0a102c9ff6014e4d6cd8bfb9aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1417
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=528111825.1724006716&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81P4W5Z3Zv91...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=528111825.1724006716&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0...

42 B
66 B

20ms
18ms

Ping
image/gif

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=528111825.1724006716&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81P4W5Z3Zv9132179626za200&auid=539984485.1724006716

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=528111825.1724006716&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81P4W5Z3Zv9132179626za200&auid=539984485.1724006716
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 25ms
24ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YEXK0TCJLR&gtm=45je48e0v9117525784za200zb9132179626&_p=1724006715353&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=126101367.1724006715&ecid=1463546985&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1724006715&sct=1&seg=0&dl=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dt=Flirty%20Meetings%3A%20Meet%20Someone%20Tonight!&en=scroll&epn.percent_scrolled=90&_et=1&tfd=5929
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEXK0TCJLR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flirtymeetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 26ms
24ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YEXK0TCJLR&gtm=45je48e0v9117525784z89132179626za200zb9132179626&_p=1724006715353&em=tv.1~em.kqIRgQAr_0vLoAPVq-2Rrf6tMPFtLwK2BGEy3O629bk&_gaz=1&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=126101367.1724006715&ecid=1463546985&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1724006715&sct=1&seg=0&dl=https%3A%2F%2Fflirtymeetings.com%2Fpayment&dt=Flirty%20Meetings%3A%20Meet%20Someone%20Tonight!&en=page_view&_fv=1&_ss=1&tfd=5929
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEXK0TCJLR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flirtymeetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 69ms
23ms Ping
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YEXK0TCJLR&cid=126101367.1724006715&gtm=45je48e0v9117525784z89132179626za200zb9132179626&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEXK0TCJLR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flirtymeetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 59ms
42ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YEXK0TCJLR&cid=126101367.1724006715&gtm=45je48e0v9117525784z89132179626za200zb9132179626&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5&npa=0&frm=0&tag_exp=0&tag_exp=0&z=560219858

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/591041862/ 42 B
64 B 34ms
30ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/591041862/?random=1724006715687&cv=11&fst=1724004000000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v9106789090z89132179626za201zb9132179626&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&hn=www.googleadservices.com&frm=0&tiba=Flirty%20Meetings%3A%20Meet%20Someone%20Tonight!&npa=0&pscdl=noapi&auid=539984485.1724006716&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfFm7_OK2YTQLEwhVDtJOuBuq5AuxW1Q&random=1339173197&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/591041862/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/591041862/?random=1724006715687&cv=11&fst=1724004000000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v9106789090z89132179626za201zb9132179626&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflirtymeetings.com%2Fpayment&hn=www.googleadservices.com&frm=0&tiba=Flirty%20Meetings%3A%20Meet%20Someone%20Tonight!&npa=0&pscdl=noapi&auid=539984485.1724006716&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfFm7_OK2YTQLEwhVDtJOuBuq5AuxW1Q&random=1339173197&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flirtymeetings.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 session-check Show response
flirtymeetings.com/light/ 4 KB
2 KB 216ms
215ms XHR
application/json 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/light/session-check
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/js/dist/payment.js?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367cd27dd0d2049ff47c8279a22b9d8e3573ec3a4a5abb75fa3cd875fe9746ba

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://flirtymeetings.com/payment
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b540f5a8959b88b-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 auth Show response
flirtymeetings.com/light/pusher/ 137 B
186 B 60ms
59ms XHR
text/html 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/light/pusher/auth
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/js/dist/payment.js?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9670534f7ea6e77d3fd610fcbe5997e5bb23513328f4511b5778e0f97de3096e

Request headers

Referer: https://flirtymeetings.com/payment
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b540f5c9bfbb88b-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 registration-event-check Show response
flirtymeetings.com/light/ 108 B
196 B 52ms
51ms XHR
application/json 2606:4700:4400::6812:22ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtymeetings.com/light/registration-event-check
Requested by: Host: flirtymeetings.com
URL: https://flirtymeetings.com/js/dist/payment.js?v=2.239.0.master.20240815085658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4faab5b22aaa9ae4ab26cf7257c58eafdd04ec443a29268835912c9cbb2630e8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://flirtymeetings.com/payment
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 18:45:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b540f623b8eb88b-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.flirtymeetings.com/	1970-01-20 22:53:28	Name: __cf_bm Value: b_sDjmmtrPktEIFc75mXQ5Xe8JaUW2ARyFeUfzppGnw-1724006711-1.0.1.1-jPND01qyDxX6gQzcbze0ai.PBojZj3W1BFtsGVwSURVbnVBrhFLNJAhhN24KP6Mn8zWRrRb3cvB4ICoWWrw6Vw
.flirtymeetings.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2a8ccj1d0ristmriu0h1j5tdv0
flirtymeetings.com/	1969-12-31 23:59:59	Name: SERVERID Value: wbs13
.flirtymeetings.com/	1970-01-20 23:36:38	Name: remember_me Value: 7-VBQ2zSUH5D7YR7T01gqort3YWGFg1EudU4Pvg2EjofuKQNeyqtJUrpMCPs0SgLTJiZwV5j2Cui-kvZxhBqgrhLWGynUhMYCM0W0TrHgLPpgDU9hFpQQPs2YLMh-FaEgKjWu9_m-k8MgmT6KoDAaW5eVsQ0wD3Xxcf2_PDXeuE
secure.rocketgate.com/	1970-01-20 22:54:49	Name: __cflb Value: 02DiuJ5a6kbt39fo1KNTGJD7sutD5g8J1dRYPo941RNwv
.flirtymeetings.com/	1970-01-21 08:29:26	Name: _ga Value: GA1.1.126101367.1724006715
.flirtymeetings.com/	1970-01-21 08:29:26	Name: _ga_F7BJXTNBJG Value: GS1.1.1724006715.1.0.1724006715.0.0.0
.flirtymeetings.com/	1970-01-21 07:39:02	Name: cf_clearance Value: ps5kM6zy0ui.B.kGGHPSeq_DAJJShM66OglfFaZpxrc-1724006715-1.2.1.1-A0v1oSfDnf9k9rg9k9bTIsApzDg0_YTqEO7RgdI1UMiaYdqb17V.jmOT1CrGtVBcnSirBnFiPyYVEKgUfDVxOQpz4ACEsjv.JDm3Bgdi9pVc3FOaO.ai3JOhRCws_VSzp381nvwBV0P7kdIyEwwRR_30cZ2BZ6j.BZ3n99gNU.eLJOFZ260iT4jpAHtRaRft6zE1RuvESNj6nypL464f5D5eOXudKk_wIQj4wSKa1iRUfsrOpmXbw0P_VzLYkNVMzoOv7cswoHiYx7md2IcQcJhLA.VhYtR.YEniQWORyGUXYmSws1vWmMozgmAWwX2q.wHzf6CCjdXvNLWA0o9g677mYn7fA610rkg6EVQjnygJCqRLCLpIZX5eA5AUiJza
.flirtymeetings.com/	1970-01-21 01:03:02	Name: _gcl_au Value: 1.1.539984485.1724006716
.flirtymeetings.com/	1970-01-21 08:29:26	Name: _ga_YEXK0TCJLR Value: GS1.1.1724006715.1.0.1724006715.60.0.1463546985
.doubleclick.net/	1970-01-21 08:15:02	Name: IDE Value: AHWqTUmwqzi_xrtDzNb1DJ5r26OKedQXk1Uar0WdCcCalHryKGuvSV6RZpkC-9-b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
flirtymeetings.com
go.flirtymeetings.com
googleads.g.doubleclick.net
maps.googleapis.com
region1.analytics.google.com
region1.google-analytics.com
s03.ndcdn.com
secure-2.rocketgate.com
secure.rocketgate.com
stats.g.doubleclick.net
url2446.flirtymeetings.com
www.google.com
www.google.de
www.googletagmanager.com
104.18.27.64
167.89.118.95
188.114.97.3
2001:4860:4802:34::36
2606:4700:4400::6812:22ea
2620:1ec:c11::237
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:81d::2008
2a00:1450:4001:827::2003
2a00:1450:400c:c09::9c
010444522a3e9eb4bf2eff388138b47fb6b678aaece5733fd81f7a448b46b370
0af02a29fef2b9f1bb1cd699d6cac52dc69c6d8f83b0d4f3631d99ac675cde65
212e8cb869a25f950bc734cf51b6cc3e305478308418c4ff2549c88175f46e32
2822275f44bd460b8686ef5355ed7caddad0628067c148a0552f9490e2905903
2d5d9991194e93e2a358c4236664514fe7c32bd06438730a94b244aca56c53e3
2f7cc1e3536dec8b741d54c1190eb2965cb8cd247bd989f753dfdb9c9515f023
367cd27dd0d2049ff47c8279a22b9d8e3573ec3a4a5abb75fa3cd875fe9746ba
3d0293c5aab451c74e43b8224d202da9ca61a3d1b511a1ed4e157d2dd5c29591
4005f016f0e16144a5ab39257c439e4995c9f7201e28a1feca52110193e8f020
48ad47d2975ad30c0d467a920ed2c51364572b0141d1dbf653749d27d00f1386
4faab5b22aaa9ae4ab26cf7257c58eafdd04ec443a29268835912c9cbb2630e8
5209181ddb54eef4e0414fdef89ae9c59c2f0ea5f37cbe19774267ca724967d9
58f104a54e25a11ae2287e4d71267ab4d072861a508f0c65e0cd1287115bd36a
5d4e6bfe4881734da4cf6530a23b4a48636ef5a2b316a4cfa4fcb274c9243d7d
699ef34a55a18e454a65dd2e7e9fa36fa8bb72742890f28205e7f3c5740a558a
75e180399eff3f9b75e49c5ca2e6b65468cdda4655cdf61b6e57931798efc085
8215b90000b571bd241d28512c83f59855cecc3158db94b79b2d974c9923b5d2
8ad1f33677ad0d1edb2d89200d61d94f30c92e4a841a12e4c5bf845cf1e727b1
8ed8b1167ec0b84e9724010180a1c4e7568b442538cf330c0a23f308c120afd5
9463c29b8bb492a1c1ba36503cfff12846353ecc361ee4f4eff39db5c39f55ab
9670534f7ea6e77d3fd610fcbe5997e5bb23513328f4511b5778e0f97de3096e
a00c974d03e5dc28157118ded3260261cc6ee004540c1c053ecc91993c659e18
a3b912a2e2bc4d005e11755e569b76d097716dd838b518c6dde74b96f338b0f9
a4a6362b29a76e321f060f21b568b91befc8c0a102c9ff6014e4d6cd8bfb9aa2
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b198f229401c9c9300229660d915d04e331f338bc913f67d4ddfba883a892955
b329987454a8d50c953d67d02b91cc2f66728856729082fa639237ad673d7b92
be937cb51706e095d4f50111687e3b14c88cd1c4209f98f10dbaaf7fea4e17f7
c234651ba494e1378936fa77fdc0fdba2180a5ea61a53756d3c6d0e539a64631
c5fbb89399a794fabe5aa2d19a6ef8ec6f7c9b2bb1c5e36db55504f728b5248f
c6d95fed777811e22a4ae000013fd33f474e45c032b74217e98612dd6f6e517f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb3eab1096f08f89f4043c4251a0c7eb92a026f9c3e048accdd5ce5daec1d4a
cfb871531e4c7cf80098101acbd7e09d8d24c59ceb0ac74c13dc1cae213c34e2
d27cbca12a0d54f335c5b832d9a1aee8555cc928853c28573293663c803308a8
de223739c6abb184f3b43abb2fdb3bc64b2d1963fa5c0b9584719b159861082e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e861a180009ab1dfe0d519c3d907c588311641cad4ec97b9cebc138da1c5d6f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f58879afe4b4b75bb4a6ab194b904b1ea24a0343514b3fdc366938b38f0706f5

flirtymeetings.com Open in urlscan Pro 2606:4700:4400::6812:22ea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

94 %HTTPS

75 %IPv6

10 Domains

15 Subdomains

12 IPs

5 Countries

1661 kBTransfer

4128 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

flirtymeetings.com Open in urlscan Pro
2606:4700:4400::6812:22ea Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

94 %
HTTPS

75 %
IPv6

10
Domains

15
Subdomains

12
IPs

5
Countries

1661 kB
Transfer

4128 kB
Size

11
Cookies

52 HTTP transactions
1 data transactions