flirtooy.info Open in urlscan Pro
2606:4700:3037::6815:215b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://biaapodlaska.inwestowaniepogodzinach.pl/
Effective URL:
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b...
Submission: On December 25 via api (December 25th 2023, 12:44:58 pm UTC) from US — Scanned from US

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 21 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3037::6815:215b, located in United States and belongs to CLOUDFLARENET, US. The main domain is flirtooy.info.
TLS certificate: Issued by GTS CA 1P5 on December 9th 2023. Valid for: 3 months.

This is the only time flirtooy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3036::ac43:d18e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::ac43:bcd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.230.163.9 54.230.163.9	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::6815:3025	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	173.0.157.204 173.0.157.204	7979 (SERVERS-COM) (SERVERS-COM)
13	2606:4700:303... 2606:4700:3037::6815:215b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3035::ac43:bd7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
53	11

5 2606:4700:3036::ac43:d18e (United States)

ASN13335 (CLOUDFLARENET, US)

biaapodlaska.inwestowaniepogodzinach.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inwestowaniepogodzinach.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:bcd (United States)

ASN13335 (CLOUDFLARENET, US)

thumbs.img-sprzedajemy.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.163.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-9.ewr53.r.cloudfront.net

ocdn.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:3025 (United States)

ASN13335 (CLOUDFLARENET, US)

motormania.com.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:18 (United States)

ASN13335 (CLOUDFLARENET, US)

img.styl.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.0.157.204 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

go.gkrtmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::6815:215b (United States)

ASN13335 (CLOUDFLARENET, US)

flirtooy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.flirtooy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::ac43:bd7c (United States)

ASN13335 (CLOUDFLARENET, US)

api.flirtooy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	flirtooy.info flirtooy.info api.flirtooy.info	212 KB
5	inwestowaniepogodzinach.pl biaapodlaska.inwestowaniepogodzinach.pl inwestowaniepogodzinach.pl	62 KB
3	gkrtmc.com 2 redirects go.gkrtmc.com — Cisco Umbrella Rank: 583405	4 KB
3	ocdn.eu ocdn.eu — Cisco Umbrella Rank: 33151	247 KB
3	img-sprzedajemy.pl thumbs.img-sprzedajemy.pl — Cisco Umbrella Rank: 656023	24 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	styl.fm img.styl.fm	37 KB
1	motormania.com.pl motormania.com.pl	297 KB
0	yadro.ru Failed counter.yadro.ru Failed
0	mamotoja.pl Failed s.mamotoja.pl Failed
0	tarnowlokalnie.pl Failed tarnowlokalnie.pl Failed
0	plodnosc.pl Failed plodnosc.pl Failed
0	kt24.pl Failed www.kt24.pl Failed
0	wpcdn.pl Failed sf-administracja.wpcdn.pl Failed
0	tarnow.net.pl Failed www.tarnow.net.pl Failed
0	czarnysezam.pl Failed tarnow.czarnysezam.pl Failed
0	azureedge.net Failed mamazonecdn.azureedge.net Failed
0	poradynazdrowie.pl Failed www.poradynazdrowie.pl Failed
0	smcloud.net Failed cdn16.poradnikzdrowie.smcloud.net Failed cdn21.dlarodzinki.smcloud.net Failed cdn.galleries.smcloud.net Failed
0	dziennik.pl Failed s1.dziennik.pl Failed 0.s.dziennik.pl Failed
53	21

	Domain	Requested by
10	api.flirtooy.info	flirtooy.info
8	flirtooy.info	go.gkrtmc.com flirtooy.info
4	biaapodlaska.inwestowaniepogodzinach.pl	biaapodlaska.inwestowaniepogodzinach.pl
3	go.gkrtmc.com	2 redirects biaapodlaska.inwestowaniepogodzinach.pl
3	ocdn.eu	biaapodlaska.inwestowaniepogodzinach.pl
3	thumbs.img-sprzedajemy.pl	biaapodlaska.inwestowaniepogodzinach.pl
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	flirtooy.info
1	inwestowaniepogodzinach.pl	biaapodlaska.inwestowaniepogodzinach.pl
1	img.styl.fm	biaapodlaska.inwestowaniepogodzinach.pl
1	motormania.com.pl	biaapodlaska.inwestowaniepogodzinach.pl
0	counter.yadro.ru Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	s.mamotoja.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	tarnowlokalnie.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	plodnosc.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	www.kt24.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	cdn.galleries.smcloud.net Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	sf-administracja.wpcdn.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	www.tarnow.net.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	cdn21.dlarodzinki.smcloud.net Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	tarnow.czarnysezam.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	mamazonecdn.azureedge.net Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	www.poradynazdrowie.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	cdn16.poradnikzdrowie.smcloud.net Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	0.s.dziennik.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
0	s1.dziennik.pl Failed	biaapodlaska.inwestowaniepogodzinach.pl
53	26

This site contains no links.

Subject Issuer	Validity	Valid
inwestowaniepogodzinach.pl GTS CA 1P5	`2023-11-10` - `2024-02-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-30` - `2024-04-29`	a year	crt.sh
*.ocdn.eu GeoTrust TLS RSA CA G1	`2023-12-21` - `2024-12-20`	a year	crt.sh
motormania.com.pl E1	`2023-12-18` - `2024-03-17`	3 months	crt.sh
styl.fm E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
track.cpamatica.com R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
flirtooy.info GTS CA 1P5	`2023-12-09` - `2024-03-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784&source=66979&aff_sub=&aff_sub2=seo-sem
Frame ID: 2AAD184592692B44934E978DC26F5B9F
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dating Service

Page URL History Show full URLs

https://biaapodlaska.inwestowaniepogodzinach.pl/ Page URL
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c Page URL
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c HTTP 302
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fab... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-
vue[.-]([\d.]*\d)[^/]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

53
Requests

66 %
HTTPS

80 %
IPv6

21
Domains

26
Subdomains

11
IPs

1
Countries

913 kB
Transfer

1539 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://biaapodlaska.inwestowaniepogodzinach.pl/ Page URL
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c Page URL
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c HTTP 302
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784&source=66979&aff_sub=&aff_sub2=seo-sem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem HTTP 302
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
biaapodlaska.inwestowaniepogodzinach.pl/ 325 KB
60 KB 384ms
290ms Document
text/html 2606:4700:3036::ac43:d18e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d18e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: dc26b01db2355ad02cb06dd968473e60fdd9fe57b266f34f394049505ae01d69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b12d8469824bcd-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 12:44:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSEZL0jJOkiI7zB30iI4Wj0TY3CocL7YgABb1lA7nMM6ZXOX0WSTf4fAohOxR9T9Kl46KqkJxUxF1eR3y6JAwzglxJXtyg8FBn1eVIwPDykiQ1kYtW3SUlvLb2CadmFWIS%2B0U76QoDT7ITMqR9IfLSGem6ZG0WAc73jjAn1%2F2ttobS5hw3s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40

GET
H2 200 gdxwfkw.js Show response
biaapodlaska.inwestowaniepogodzinach.pl/ 1 KB
897 B 234ms
233ms Script
application/javascript 2606:4700:3036::ac43:d18e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biaapodlaska.inwestowaniepogodzinach.pl/gdxwfkw.js?0.17367366248575178&q=c2VrcyBpIGNpYXph
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d18e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 4249cc0c062d48e5e75d3085137b938083a9016eecadb6149c90511b0b62633f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Dec 2023 12:44:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmtADf8hy%2BOlL0O0EgXliSNylSBRlXhzd4x80EXYdRKvcbFvqUWrGRT4SpFyUcvC13hKBke2WMi0Az6Wp5Zd4wQPzx9e%2FmclBViiThsycyHH4XAdc4NbIEDVsTDBObOLanIl5ZkAIJSuJzZJ7hsu%2FHCLGsJ%2FWN3CQ4REulbhLpHT7G2LtwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 83b12d88aaf84bcd-BUF
alt-svc: h3=":443"; ma=86400

GET 4942532-chora-kobieta-w-ciazy-900-668.jpg
s1.dziennik.pl/pliki/4942000/ 0
0

GET 2669791-ciaza-900-666.jpg
0.s.dziennik.pl/pliki/2669000/ 0
0

GET 7169293-malgorzata-kozuchowska-643-385.jpg
0.s.dziennik.pl/pliki/7169000/ 0
0

GET
H2 200 sztyblety-do-jazdy-konno-z-zamkiem-sznurowane-tarnow-205682362.jpg
thumbs.img-sprzedajemy.pl/1000x901c/cf/e6/b3/ 23 KB
23 KB 121ms
35ms Image
image/jpeg 2606:4700:10::ac43:bcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbs.img-sprzedajemy.pl/1000x901c/cf/e6/b3/sztyblety-do-jazdy-konno-z-zamkiem-sznurowane-tarnow-205682362.jpg
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f162240b331a506e7b47ce4a362855e44085338ab1cc22cce02c5bc8e27c2ce0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Dec 2023 12:44:52 GMT
cf-cache-status: HIT
age: 1542
content-length: 23470
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Sun, 30 Sep 2018 23:08:54 GMT
server: cloudflare
etag: 0x8D62729B1B2D6B2
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 834f94f6-c01e-000a-422c-37eb62000000
cache-control: public, max-age=15552000, s-maxage=15552000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83b12d893bcc4bcc-BUF

GET
H2 200 9lxktkuTURBXy81MmM0YzY4NS02OGM3LTQzNjQtYmI3Yi05ZjhhMzQ1MDRkODAuanBlZ5GTBc0EsM0CdA
ocdn.eu/pulscms-transforms/1/ 91 KB
92 KB 354ms
270ms Image
image/jpeg 54.230.163.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ocdn.eu/pulscms-transforms/1/9lxktkuTURBXy81MmM0YzY4NS02OGM3LTQzNjQtYmI3Yi05ZjhhMzQ1MDRkODAuanBlZ5GTBc0EsM0CdA
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-9.ewr53.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 078f1f23cda3bc2aaa94ccce88a00bcd995ad28d00d6f96a00b4140c5857fafe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
via: 1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
x-amz-meta-public-height: 628
alt-svc: h3=":443"; ma=86400
content-length: 93287
x-amz-meta-public-width: 1200
last-modified: Mon, 07 Aug 2023 11:28:46 GMT
server: Ring Publishing - Accelerator
etag: "090eabaed5d9b4b2faf14a3a96be4cc4"
content-type: image/jpeg
x-amz-meta-md5: 090eabaed5d9b4b2faf14a3a96be4cc4
cache-control: max-age=604800, public
accept-ranges: bytes
x-amz-cf-id: AZMVEtS8WgnWeZY9XwdD5iIZfl3qfvB2OPON4qCg7qJmc5XZl3GzVA==

GET seks-w-ciazy-najczestsze-pytania_3285807.jpg
cdn16.poradnikzdrowie.smcloud.net/t/image/t/47158/ 0
0

GET
H2 200 p5_ktkqTURBXy8yYThiZjNkYTRhMjgzMjBkMTliYzY4M2MzYWQ1NTE5YS5qcGVnkpUDAADNEdvNCguTBc0EsM0Cdg
ocdn.eu/pulscms-transforms/1/ 85 KB
85 KB 305ms
222ms Image
image/jpeg 54.230.163.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ocdn.eu/pulscms-transforms/1/p5_ktkqTURBXy8yYThiZjNkYTRhMjgzMjBkMTliYzY4M2MzYWQ1NTE5YS5qcGVnkpUDAADNEdvNCguTBc0EsM0Cdg
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-9.ewr53.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 4eb50a0f2141a8732de59ee22d094ac250910be8761b82c2edaf283bb214d0ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
via: 1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
x-amz-meta-public-height: 630
alt-svc: h3=":443"; ma=86400
content-length: 86838
x-amz-meta-public-width: 1200
last-modified: Fri, 06 Oct 2023 19:09:58 GMT
server: Ring Publishing - Accelerator
etag: "e22904a8957eab9773eccc276d7f0e1f"
content-type: image/jpeg
x-amz-meta-md5: e22904a8957eab9773eccc276d7f0e1f
cache-control: max-age=604800, public
accept-ranges: bytes
x-amz-cf-id: mOmPj7YAQftdb8L6z8sH8bBOGPp-fJWwfD2YWf7LdJGIK1rn0XU13w==

GET
H2 200 HekktkuTURBXy83ZmM3YWQ2ZC1kNzAyLTRkMjAtOGE0OS1lNTVhNGU5YmEzYTQuanBlZ5KVAwEAzQPSzQImkwXNBLDNAnY
ocdn.eu/pulscms-transforms/1/ 69 KB
70 KB 598ms
515ms Image
image/jpeg 54.230.163.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ocdn.eu/pulscms-transforms/1/HekktkuTURBXy83ZmM3YWQ2ZC1kNzAyLTRkMjAtOGE0OS1lNTVhNGU5YmEzYTQuanBlZ5KVAwEAzQPSzQImkwXNBLDNAnY
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-9.ewr53.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
via: 1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
x-amz-meta-public-height: 630
alt-svc: h3=":443"; ma=86400
content-length: 70888
x-amz-meta-public-width: 1200
last-modified: Fri, 22 Sep 2023 04:19:28 GMT
server: Ring Publishing - Accelerator
etag: "74a1d4eceeb3d31c8b010092c3d6eda2"
content-type: image/jpeg
x-amz-meta-md5: 74a1d4eceeb3d31c8b010092c3d6eda2
cache-control: max-age=604800, public
accept-ranges: bytes
x-amz-cf-id: pwLDqPnYhrKYRFtlazS6ubsDfVe2-Ytm-JVTVt-nOR696wMlk1qVbw==

GET
H2 404 kostki-milosci-smieszna-gra-doroslych-wiek-od-18-tarnow-526385919.jpg
thumbs.img-sprzedajemy.pl/1000x901c/53/84/72/ 215 B
215 B 510ms
426ms Image
application/xml 2606:4700:10::ac43:bcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbs.img-sprzedajemy.pl/1000x901c/53/84/72/kostki-milosci-smieszna-gra-doroslych-wiek-od-18-tarnow-526385919.jpg
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d21bc286bb09b7ff33dc72b0e0be7ff24f18ccea74882233b142a50c73c2fc6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
x-ms-request-id: 46943d58-801e-0079-5530-37b3f1000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 83b12d893bca4bcc-BUF

GET foto_opryszczka_i_ciaza.jpg
www.poradynazdrowie.pl/images/ 0
0

GET Single-13159-ciaza-herbata.jpg
mamazonecdn.azureedge.net/cache/ 0
0

GET
H2 200 Unii-Tarnow-vs-PGE-Marma-Rzeszow-2014-7-fot-Michal-Krupa.jpg
motormania.com.pl/wp-content/uploads/2014/04/ 296 KB
297 KB 117ms
36ms Image
image/jpeg 2606:4700:3031::6815:3025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motormania.com.pl/wp-content/uploads/2014/04/Unii-Tarnow-vs-PGE-Marma-Rzeszow-2014-7-fot-Michal-Krupa.jpg
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0a2d16695dfad684c5d1871495d50542b745d1a38f50732b08e5d71f474b7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1541
alt-svc: h3=":443"; ma=86400
content-length: 303148
last-modified: Tue, 17 Mar 2020 20:38:50 GMT
server: cloudflare
etag: "5e71355a-4a02c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FIgalVmq%2FmoYrEI0gTkOgam39AZ%2FrPBqUo4sMyPtr5%2FijSo%2FJH%2BCDHl9QNDgqeE%2Fdm0eE9FGu%2F6%2FWyAKajWHlArNRI00km8OdNRHJbk2RkP5k2VrRp%2BIhWzt%2FNpH5ElEEFFYHeGbEy1Gatv%2FXTE8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 83b12d89680f4bc0-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ciaza-1.jpg
img.styl.fm/resize/c600x315/newsy/wp-content/uploads/2017/09/ 37 KB
37 KB 118ms
35ms Image
image/jpeg 2606:4700:20::681a:18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.styl.fm/resize/c600x315/newsy/wp-content/uploads/2017/09/ciaza-1.jpg

Requested by

Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf458be59f6261b940ac14c0cc190236ea732118cb24cd65fb5699b6a0991f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1542
content-length: 37570
cf-bgj: h2pri
last-modified: Sat, 10 Oct 2020 12:10:00 GMT
server: cloudflare
etag: "5f81a498-92c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gzazCLQNgu2aIGxHTU3lvEZGEu%2BiYqm4opFMUdvt0LZI%2BXn3FOxZoltYB4WlsGrKIIXNvyfjP2BVD8UiiUSrZtfySsIubTa71qxngSpzei1LyxPiu4eekfq%2BHNTy5zL%2FLki2ngVUf1%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 83b12d896bc54bc9-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET menu_trailer2.jpg
tarnow.czarnysezam.pl/wp-content/uploads/2019/05/ 0
0

GET ciaza_344601.jpg
cdn21.dlarodzinki.smcloud.net/t/photos/t/7228/ 0
0

GET 5ff07485d34cd4c9fa023b4b82b69498024.jpg
www.tarnow.net.pl/uploads/articles/ORGINAL/ 0
0

GET 5f12174dbe93b5_84212850.jpg
sf-administracja.wpcdn.pl/storage2/featured_original/ 0
0

GET
H2 404 kolowrotek-mitchell-avocet-rte-tarnow-532573353.jpg
thumbs.img-sprzedajemy.pl/1000x901c/03/ac/40/ 215 B
215 B 394ms
394ms Image
application/xml 2606:4700:10::ac43:bcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbs.img-sprzedajemy.pl/1000x901c/03/ac/40/kolowrotek-mitchell-avocet-rte-tarnow-532573353.jpg
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7cb9cfbcb95b0e85cd486ddd57828da14dfcbcf8927b6ff37febaf0de906cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
x-ms-request-id: 5b192744-601e-0071-7b30-37a9fe000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 83b12d897bd54bcc-BUF

GET gf-iyPV-bd5A-t5sV_jak-dlugo-trwa-ciaza-1920x1080-nocrop.jpg
cdn.galleries.smcloud.net/t/galleries/ 0
0

GET 129137113_3471828652938113_7275363699136250760_o-768x512.jpg
www.kt24.pl/wp-content/uploads/2020/12/ 0
0

GET 5f33b37d9a9e89_54417788.jpg
sf-administracja.wpcdn.pl/storage2/featured_original/ 0
0

GET 7-tydzie%C5%84-ci%C4%85%C5%BCy-pierwszy-trymestr-ci%C4%85%C5%BCy-kalendarz-ci%C4%85%C5%BCy-750x500.jpg
plodnosc.pl/wp-content/uploads/2018/11/ 0
0

GET big_V7LE2XU7RL99_33305_napalona_niegrzeczna_dziewczynka.jpg
tarnowlokalnie.pl/photos/items/20_10/ 0
0

GET gf-p2wx-q5BU-s8g8_ciaza-pozamaciczna-objawy-jakie-objawy-moga-wskazywac-na-ciaze-ektopowa-1920x1080-nocrop.jpg
cdn.galleries.smcloud.net/t/galleries/ 0
0

GET pozycje-seksualne-w-ciazy-infografika-GALLERY_MAI2-93677.jpg
s.mamotoja.pl/i/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET hit;pldat3
counter.yadro.ru/ 0
0

GET
H2 404 invester1.jpg
inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/ 0
0 221ms
207ms Image
text/html 2606:4700:3036::ac43:d18e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/invester1.jpg
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d18e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 404 fojkakp.gif
biaapodlaska.inwestowaniepogodzinach.pl/ 209 B
209 B 215ms
214ms Image
text/html 2606:4700:3036::ac43:d18e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biaapodlaska.inwestowaniepogodzinach.pl/fojkakp.gif?ref=&url=https%3A//biaapodlaska.inwestowaniepogodzinach.pl/&scr=1600x1200&q=1703508292&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.109%20Safari/537.36&0.14169471264093403
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d18e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a015caa427c7e217eeb53f583e2ec92fd45ef7b05b2950d4ecb0cf82c2ff92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5Uk4JZe7mANCw1xiT2WWJDE5hxWadZL%2BFH65uuyMAqKksX4K3GV4A5S0m4b1BSmFFTiR8odJOxy2OEeEyWvdkXoAfrcLD%2BXcbhSHBdmH87MxBZ8QfQG4giaBB4NQ2rllHN6UFCovqxVXvHukJ3l4GEbnJ2o%2FR6vRG3cyBK6FAVhzW5li1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 83b12d8a2ea24bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 nznlvao.js
biaapodlaska.inwestowaniepogodzinach.pl/ 550 B
833 B 149ms
148ms XHR
application/javascript 2606:4700:3036::ac43:d18e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biaapodlaska.inwestowaniepogodzinach.pl/nznlvao.js?get=1&q=1703508292&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.109%20Safari/537.36&0.5625872435481951
Requested by: Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/gdxwfkw.js?0.17367366248575178&q=c2VrcyBpIGNpYXph
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d18e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Dec 2023 12:44:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUa89%2FLTP%2F7LHO3%2BJisnGbxuCQwBUa%2BMSwPkso5fd69huJVp7E8WoVu6o7Z%2FB%2B%2BVpaHp6oiA38W4%2B%2BVpYhstmxd%2FKcgrUz5gfSFn0%2Fk8rJEVuWTY4Q2oc%2FDBglBtrfDURD1iehMOnAYpuORcDQew3MLCQPTpGyxVqIHsoNWQStW1BJLmMm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 83b12d8b8f374bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

cl
go.gkrtmc.com/
Redirect Chain

https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem
https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c

1 KB
2 KB

52ms
51ms

Document
text/html

173.0.157.204
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c

Requested by

Host: biaapodlaska.inwestowaniepogodzinach.pl
URL: https://biaapodlaska.inwestowaniepogodzinach.pl/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.0.157.204 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://biaapodlaska.inwestowaniepogodzinach.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store no-store, no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Mon, 25 Dec 2023 12:44:52 GMT
ETag: W/"579-0Vsjzx+kUoPTVO57S1z+EjAkaOk"
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

Redirect headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 264
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Mon, 25 Dec 2023 12:44:52 GMT
Location: https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

GET
H2

200

Primary Request / Show response
flirtooy.info/
Redirect Chain

https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784&source=66979&aff_sub=&aff_sub2=seo-sem

6 KB
3 KB

291ms
202ms

Document
text/html

2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784&source=66979&aff_sub=&aff_sub2=seo-sem
Requested by: Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=8666&aff_id=66979&aff_sub=pldat3&aff_sub5=seo-sem&bofc=aff_c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34887f9e88e066996c1b3f93272d6e5479efc53d83d91853264122a608848b75

Request headers

Referer: https://go.gkrtmc.com/cl?offer_id=10170&aff_id=47487&aff_sub=66979&aff_sub5=seo-sem&bofc=aff_c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83b12d8f5d974bc9-BUF
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 25 Dec 2023 12:44:53 GMT
etag: W/"6582df3f-17a9"
expires: 0
last-modified: Wed, 20 Dec 2023 12:34:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydOP77oKKztcZy7ItvzcjbZuqnidxP6tm8DdqCaMZNSpiD7RlPTP%2BxG2VDrVMkhtoxwXQ4%2F%2BCVtyf%2B%2BRZTV7KK%2B583jardfCiKUIt2G5XgwLxB4Oqc69L6UfFMOyKXql4LHMNmRTaUkuI%2BHj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 484
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Mon, 25 Dec 2023 12:44:52 GMT
Location: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784&source=66979&aff_sub=&aff_sub2=seo-sem
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 99ms
39ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784&source=66979&aff_sub=&aff_sub2=seo-sem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 12:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 11:24:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 12:44:53 GMT

GET
H2 200 chunk-vendors.cbd28e82.js Show response
flirtooy.info/js/ 184 KB
67 KB 41ms
40ms Script
application/javascript 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/js/chunk-vendors.cbd28e82.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fefe8ce217d02253225049003a97624b897e4f65b30e793013e4d0f7ff12360

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1207557
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 13:02:01 GMT
server: cloudflare
etag: W/"65770849-2de84"
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oDMkaPHE4mPB1Cwjj9XXjAerI53x3PSdBKQDIjapoptCbuHVv1Und9wToEUDwcyz4jd6qWajrNsgzK07fB9XRENiR9Af63qtLBqnLMMWNUTjFOKEqPRLP%2Fy4elJLt%2Fmj5a6MdFjYmS6YsUl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 83b12d90de064bc9-BUF
expires: Wed, 10 Jan 2024 13:18:56 GMT

GET
H2 200 app.035ebfc1.js Show response
flirtooy.info/js/ 28 KB
8 KB 37ms
36ms Script
application/javascript 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/js/app.035ebfc1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41cccb8335ccc110e1f2873bd174fa4287d3bfec228bb95f58941cb5f8f7e16c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1207557
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 13:02:01 GMT
server: cloudflare
etag: W/"65770849-6fab"
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CnADtsK14o4mh%2FyWoilocJjQ150IyForkcUBBBwvpldvSY3H4PhRUm93kpjBe%2FyYxXZJt1K0JzXycegL1YqM%2Fh%2Fln5zuBdm2YZ91ksnlCoGWqNDnYEKlvs52JcvOWuUnt1Vr%2FB8ojLcjdP2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 83b12d90de074bc9-BUF
expires: Wed, 10 Jan 2024 13:18:56 GMT

POST
H3 200 client-visit Show response
api.flirtooy.info/v1/public/ 2 B
533 B 206ms
204ms XHR
text/html 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/public/client-visit
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784&source=66979&aff_sub=&aff_sub2=seo-sem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 12:44:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: https://flirtooy.info
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RX%2Bymb9rqaJE%2B7B04v7MPmx1F3Y91sK4Id7%2Fo3eGrLk3TaKelnShqcYSknmR1uTNS3%2BkjA8yS1VvT%2F2qo%2FRHLeNkjjMN7r%2B5A1cGq0p3pL879kki8XJv0skcabf0OxTc0bfip%2FmMToFpUe5F52JdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 83b12d935fad4bc1-BUF
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 client-visit
api.flirtooy.info/v1/public/ 0
0 304ms
210ms Preflight
text/plain 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/public/client-visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b12d920f9b4bbb-BUF
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 25 Dec 2023 12:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiXTYjlhGlWSA0TcUoknQY1Fmh0fM5yQnazFGZTrjyeAIolATWF60liYVWZFKnb3Vhe1TAErhBUOWl0DB28YbX4Ag0Z9if2CNcNZGJ0MNLDdBZt%2FAiPM28pTBlKi%2FBcN0a6XVfjx2WtQEF5W7XytuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 204 auth
api.flirtooy.info/v1/user/ 0
0 251ms
211ms Preflight
text/plain 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b12d920f9c4bbb-BUF
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 25 Dec 2023 12:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BY1eblLSOHEq%2BeFcdWmUYtcMUNnNDa%2FHAGkuJ40NhzWb%2BfNxXBsxa6SaTcJ95FeV%2FTrtmRpTRoSNJRPXsdsO2fvzW0lrOym%2FZVMo%2F14aUoJUvKWv8XuyfreWnNYBODTmX%2FCE68DsOOiPIh8meO2CIw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 201 auth Show response
api.flirtooy.info/v1/user/ 591 B
2 KB 294ms
293ms XHR
application/json 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/auth
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.cbd28e82.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ec1e738b911424bb6a97c1b15053884d7ea5fd836d2e96962cb98e340203e00e

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 25 Dec 2023 12:44:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"24f-iQ5QLAuIwtjz8+UndPoUwEXcNv4"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flirtooy.info
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snzT2%2Fhy%2BWBJymmUSENIKHXEbxtamdjLHjxsv5%2Fs4ouIgVM6VWzUx86H3ELl7YbJYtIHuNImbYpCo11mfVvgspmoyWAvrWipqbQbRmNimtcD7w3srsn8pZMbfRQL9ztLNqN5mRR5Tr5YQ%2BE6bP%2FOrg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 83b12d936fae4bc1-BUF
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
content-length: 591
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 81ms
24ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flirtooy.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 19:41:38 GMT
x-content-type-options: nosniff
age: 493395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 19:41:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 81ms
30ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flirtooy.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 16:45:20 GMT
x-content-type-options: nosniff
age: 331173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 16:45:20 GMT

GET
H3 200 land-LandApiShort-vue~land-LandDirectLong-vue~land-LandDirectShort-vue.e7b2d4e0.css
flirtooy.info/css/ 19 KB
3 KB 44ms
43ms Stylesheet
text/css 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/css/land-LandApiShort-vue~land-LandDirectLong-vue~land-LandDirectShort-vue.e7b2d4e0.css

Requested by

Host: flirtooy.info
URL: https://flirtooy.info/js/app.035ebfc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021996cf3fb711f9ba62075a381a6e5ab0ed85c940f16cd8f7e7e46d35aa5a7b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2500352
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 14:27:14 GMT
server: cloudflare
etag: W/"65577842-4c26"
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8pAFQUALi4RydoaTBrrLT%2BQS%2FvQs%2Fnnfkd1JPYErp2lr8VhWmaSn%2BrQT3n%2FR6rbOzPv0wNFOc4VJvXKGJFKO2vBBatzcSmERpDIWbNTNLZzIRUbmk4975tpxJyrzO15A%2FhZXXf7FjpodayF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 83b12d9548894bc1-BUF
expires: Tue, 26 Dec 2023 14:12:21 GMT

GET
H3 200 land-LandApiShort-vue~land-LandDirectLong-vue~land-LandDirectShort-vue.501d4b8e.js Show response
flirtooy.info/js/ 9 KB
4 KB 71ms
70ms Script
application/javascript 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/js/land-LandApiShort-vue~land-LandDirectLong-vue~land-LandDirectShort-vue.501d4b8e.js

Requested by

Host: flirtooy.info
URL: https://flirtooy.info/js/app.035ebfc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb2b6038e9f6e2bce39654cc263d79cde1fbb6ab4906797d25c810958498a2f7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2500352
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 14:27:14 GMT
server: cloudflare
etag: W/"65577842-23c6"
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eT9AlKKJZYCJs18s3a%2FfGN2bKac08eUj2MfgMiDcfTCjoAK0A8BoyTJET13JmU4G11LFkN2heNxixVSGUwFymtcphTtBZ%2FUnFHZmPcCApmu90El3Ue0WCnVpx9y9AAGIkekO236hb4aIizJB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 83b12d95488a4bc1-BUF
expires: Tue, 26 Dec 2023 14:12:21 GMT

GET
H3 200 land-LandDirectShort-vue.54e99cb8.css
flirtooy.info/css/ 13 KB
2 KB 45ms
44ms Stylesheet
text/css 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/css/land-LandDirectShort-vue.54e99cb8.css

Requested by

Host: flirtooy.info
URL: https://flirtooy.info/js/app.035ebfc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ded3335243b7d5bd06efa3271dc62bf78003b8ea7ecfcbe7b5726c011e419f00

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209215
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 13:36:24 GMT
server: cloudflare
etag: W/"65673e58-35f3"
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znMZU7OZCijT9MZVwqtbi%2Fd9pfUl%2BjZU5yfHv89axsqn%2B%2FIDIc%2BRrjLRgq%2FT9ZYKoHtl2ZcFHkVzInKHE56%2Fdo2xUNcfz6G2KE8MBaesgVkEuaJW97je3EoBj2ADZRr5KeDsIz2L0wCQWq2z"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 83b12d95488c4bc1-BUF
expires: Wed, 10 Jan 2024 12:51:18 GMT

GET
H3 200 land-LandDirectShort-vue.201ef874.js Show response
flirtooy.info/js/ 19 KB
8 KB 45ms
45ms Script
application/javascript 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtooy.info/js/land-LandDirectShort-vue.201ef874.js

Requested by

Host: flirtooy.info
URL: https://flirtooy.info/js/app.035ebfc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c7f95e72e7b2eac05afd9c27dcc8ded5bd2f3dcb4a285ca08eb444ab3eb433

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209215
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 13:36:24 GMT
server: cloudflare
etag: W/"65673e58-4adb"
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lD4Ho1gnifNXrYjIq7eS9WAlmiqrgYdpLCXDGvK5kNjbiJQVBfC38VzKKY6LQ9KRYFIh1W9qYhckUAww1ldZNG8FFVbRUKA%2BbkeL7zj3aIoLsBR%2BMp7qERgBC8AaW3x%2Ft9s2p2GJ7sIupbEE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 83b12d95488d4bc1-BUF
expires: Wed, 10 Jan 2024 12:51:18 GMT

GET
H3 200 anal Show response
api.flirtooy.info/v1/user/ 26 B
621 B 175ms
174ms XHR
application/json 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/anal?event=push_subscription_show
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.cbd28e82.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiNWYzNTYzNDYtZTRhNC00MzNmLTg3NmEtYzJkZjVhMDljZDBjIiwidmlzaXRfaWQiOiI5MWZjMjViNC0xODYwLTQyOTctYWVmMS0xYWE3NmY0YzljODQiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJkaXJlY3Rfc2hvcnQiLCJpYXQiOjE3MDM1MDgyOTMsImV4cCI6MTczNTA2NTg5M30.I_-xCC5susCiGuuTRNWmVeonDQBipfaYy8QKgqkWkPc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flirtooy.info
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waSaYP33IWcKkvKQsAtAMkODfddtyho3y05PQtVqJWlKtKQ2effX4li7qWkiiIjG%2Bd8zTMGNdzRCankw0oHSJcsMCmDl%2B8%2FD8DgJf8ggxLzOq24hOCYXspmNPEmZwRaLrGH9Yqysnw2U0LSm%2FdtJPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 83b12d9658c44bc1-BUF
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device

OPTIONS
H2 204 anal
api.flirtooy.info/v1/user/ 0
0 124ms
123ms Preflight
text/plain 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/anal?event=push_subscription_show
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b12d9548bb4bbb-BUF
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 25 Dec 2023 12:44:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gG32xpCnlMF12HGwzSkQc8q5Ou1bHoU4XKPWh0W2MNbDDaJ6gKhVTUg4a43cRTOzjXpIVf7%2B5XC5%2FhZ0eFANDByrH4%2FZKJHrS3xcWJQXr0fd%2FTBQyMhCh3DG%2Bnm7xjjCHNf3xCBSVAsWq2UXK4PKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 201 push-subscription Show response
api.flirtooy.info/v1/user/ 26 B
612 B 169ms
169ms XHR
application/json 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/push-subscription
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.cbd28e82.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiNWYzNTYzNDYtZTRhNC00MzNmLTg3NmEtYzJkZjVhMDljZDBjIiwidmlzaXRfaWQiOiI5MWZjMjViNC0xODYwLTQyOTctYWVmMS0xYWE3NmY0YzljODQiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJkaXJlY3Rfc2hvcnQiLCJpYXQiOjE3MDM1MDgyOTMsImV4cCI6MTczNTA2NTg5M30.I_-xCC5susCiGuuTRNWmVeonDQBipfaYy8QKgqkWkPc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 25 Dec 2023 12:44:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flirtooy.info
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2F%2BiO2At3lfZmb%2BQoUYzvkKJe%2FwYDIfyrR7KI0km77DL6CrgAUzfO5Fm%2FaJIENacVmnbq0TYdLNY6kWIraJvqFJv6bP8m710spRu%2B2Iqf2VUza4E3FLpsBDXodqeNzBpuUMvXf%2FPfSHP01uH52zakg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 83b12d9658c54bc1-BUF
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
content-length: 26
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 push-subscription
api.flirtooy.info/v1/user/ 0
0 124ms
124ms Preflight
text/plain 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/push-subscription
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b12d9548bc4bbb-BUF
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 25 Dec 2023 12:44:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt5LobY7XfZMgKlHia091dG06NBQkEoVD1sbYbCCI1T03%2BPvSSt%2Bg5P4lqdylhkfTk3iz52PY8H8oAz1eBm8nTaAOONvG2QQJO6bcoEo4P04gJRJpGvxnI0F%2BQb60nAQi9Vvx8XUG1tbh%2Fk4%2FthqAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H3 204 anal
api.flirtooy.info/v1/user/ 0
0 203ms
203ms Preflight
text/plain 2606:4700:3035::ac43:bd7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/anal?event=land_step_visit&attr_1=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://flirtooy.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://flirtooy.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b12d95cbb04bc0-BUF
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 25 Dec 2023 12:44:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEN2IDpkRrStwfG53rRI4eHGXMAgUYEYVemtoggfL9iIa13HtSphwfRRmpUTqMkUAtHySwaBWs9CtN3WLPuegMAIwZjfXuC9lrYxLa0IzhXnCpmE5MqUc%2BIVBdH6NTH0PGlGZ1rohFMcHL43HjRldg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 glasses-girl.cfedad27.svg
flirtooy.info/img/ 294 KB
114 KB 43ms
42ms Image
image/svg+xml 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flirtooy.info/img/glasses-girl.cfedad27.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd15635d4d69fd0c9cf15488dc50c8bd5ac67031f2af7dc281e77b48efdc4a1c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2500352
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 14:27:14 GMT
server: cloudflare
etag: W/"65577842-497ef"
vary: Accept-Encoding
x-frame-options: deny
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXoWbcfBlRS5ooDVVuyQb2BmlN5dgTcxaDD3Cn%2F2%2BZeg7qRRyf6i7NCjozlUlRJHrn3RFi5EddSDY7UBxFK3P4l8FVB4NePLwMfIver8aplVuiQGVaaS3j%2BwMWJuIly%2FCeRjXW22kls7M%2B3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 83b12d95c8aa4bc1-BUF
expires: Mon, 25 Nov 2024 14:12:22 GMT

GET
H3 200 anal Show response
api.flirtooy.info/v1/user/ 26 B
624 B 121ms
120ms XHR
application/json 2606:4700:3037::6815:215b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flirtooy.info/v1/user/anal?event=land_step_visit&attr_1=1
Requested by: Host: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.cbd28e82.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:215b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiNWYzNTYzNDYtZTRhNC00MzNmLTg3NmEtYzJkZjVhMDljZDBjIiwidmlzaXRfaWQiOiI5MWZjMjViNC0xODYwLTQyOTctYWVmMS0xYWE3NmY0YzljODQiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJkaXJlY3Rfc2hvcnQiLCJpYXQiOjE3MDM1MDgyOTMsImV4cCI6MTczNTA2NTg5M30.I_-xCC5susCiGuuTRNWmVeonDQBipfaYy8QKgqkWkPc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:44:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flirtooy.info
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGbVZu%2F8hy88nJCk5lV3H8kVjxpR21sAhU7zFgrRAzrVGVBy%2FLBX8N3fG0wqHZ7t7pMQA%2BGf6pT%2FMObIEsS6iugYa63rQBkvZjBzSyzjqxhZ%2FeYIFEAanqwrTDZnMfegdTgFg96an0HkdNg7G7FaGw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 83b12d9709014bc1-BUF
access-control-allow-headers: Content-Type,Authorization,X-Forwarded-For,Origin,x-client-device

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s1.dziennik.pl
URL: https://s1.dziennik.pl/pliki/4942000/4942532-chora-kobieta-w-ciazy-900-668.jpg

Domain: 0.s.dziennik.pl
URL: https://0.s.dziennik.pl/pliki/2669000/2669791-ciaza-900-666.jpg

Domain: 0.s.dziennik.pl
URL: https://0.s.dziennik.pl/pliki/7169000/7169293-malgorzata-kozuchowska-643-385.jpg

Domain: cdn16.poradnikzdrowie.smcloud.net
URL: https://cdn16.poradnikzdrowie.smcloud.net/t/image/t/47158/seks-w-ciazy-najczestsze-pytania_3285807.jpg

Domain: www.poradynazdrowie.pl
URL: https://www.poradynazdrowie.pl/images/foto_opryszczka_i_ciaza.jpg

Domain: mamazonecdn.azureedge.net
URL: https://mamazonecdn.azureedge.net/cache/Single-13159-ciaza-herbata.jpg

Domain: tarnow.czarnysezam.pl
URL: https://tarnow.czarnysezam.pl/wp-content/uploads/2019/05/menu_trailer2.jpg

Domain: cdn21.dlarodzinki.smcloud.net
URL: https://cdn21.dlarodzinki.smcloud.net/t/photos/t/7228/ciaza_344601.jpg

Domain: www.tarnow.net.pl
URL: https://www.tarnow.net.pl/uploads/articles/ORGINAL/5ff07485d34cd4c9fa023b4b82b69498024.jpg

Domain: sf-administracja.wpcdn.pl
URL: https://sf-administracja.wpcdn.pl/storage2/featured_original/5f12174dbe93b5_84212850.jpg

Domain: cdn.galleries.smcloud.net
URL: https://cdn.galleries.smcloud.net/t/galleries/gf-iyPV-bd5A-t5sV_jak-dlugo-trwa-ciaza-1920x1080-nocrop.jpg

Domain: www.kt24.pl
URL: https://www.kt24.pl/wp-content/uploads/2020/12/129137113_3471828652938113_7275363699136250760_o-768x512.jpg

Domain: sf-administracja.wpcdn.pl
URL: https://sf-administracja.wpcdn.pl/storage2/featured_original/5f33b37d9a9e89_54417788.jpg

Domain: plodnosc.pl
URL: https://plodnosc.pl/wp-content/uploads/2018/11/7-tydzie%C5%84-ci%C4%85%C5%BCy-pierwszy-trymestr-ci%C4%85%C5%BCy-kalendarz-ci%C4%85%C5%BCy-750x500.jpg

Domain: tarnowlokalnie.pl
URL: https://tarnowlokalnie.pl/photos/items/20_10/big_V7LE2XU7RL99_33305_napalona_niegrzeczna_dziewczynka.jpg

Domain: cdn.galleries.smcloud.net
URL: https://cdn.galleries.smcloud.net/t/galleries/gf-p2wx-q5BU-s8g8_ciaza-pozamaciczna-objawy-jakie-objawy-moga-wskazywac-na-ciaze-ektopowa-1920x1080-nocrop.jpg

Domain: s.mamotoja.pl
URL: https://s.mamotoja.pl/i/pozycje-seksualne-w-ciazy-infografika-GALLERY_MAI2-93677.jpg

Domain: counter.yadro.ru
URL: https://counter.yadro.ru/hit;pldat3?t57.6;r;s1600*1200*24;uhttps%3A//biaapodlaska.inwestowaniepogodzinach.pl/;hSeks%20i%20ciaza%20towarzyskie%20tarn%F3w;0.43097402385581884

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackJsonp object| regeneratorRuntime

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.gkrtmc.com/	1970-01-20 17:55:00	Name: language Value: en
.go.gkrtmc.com/	1970-01-20 17:55:00	Name: 8666 Value: 38_66979_8666_b549e4df03c37f485639873a8024ad03
.go.gkrtmc.com/	1970-01-20 17:55:00	Name: op_8666 Value: 0
.go.gkrtmc.com/	1970-01-21 02:47:48	Name: user_id Value: 2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784
api.flirtooy.info/	1970-01-21 01:57:24	Name: authToken Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiNWYzNTYzNDYtZTRhNC00MzNmLTg3NmEtYzJkZjVhMDljZDBjIiwidmlzaXRfaWQiOiI5MWZjMjViNC0xODYwLTQyOTctYWVmMS0xYWE3NmY0YzljODQiLCJmdW5uZWxfaWQiOjMsImFmZl9pZCI6OCwic291cmNlIjoiNjY5NzkiLCJzcGxpdF9pZHMiOlsxXSwicHJlbGFuZF91cmwiOiJkaXJlY3Rfc2hvcnQiLCJpYXQiOjE3MDM1MDgyOTMsImV4cCI6MTczNTA2NTg5M30.I_-xCC5susCiGuuTRNWmVeonDQBipfaYy8QKgqkWkPc

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://biaapodlaska.inwestowaniepogodzinach.pl/(Line 822) Message: Mixed Content: The page at 'https://biaapodlaska.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://0.s.dziennik.pl/pliki/2669000/2669791-ciaza-900-666.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://biaapodlaska.inwestowaniepogodzinach.pl/(Line 822) Message: Mixed Content: The page at 'https://biaapodlaska.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://0.s.dziennik.pl/pliki/7169000/7169293-malgorzata-kozuchowska-643-385.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://biaapodlaska.inwestowaniepogodzinach.pl/(Line 822) Message: Mixed Content: The page at 'https://biaapodlaska.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://cdn16.poradnikzdrowie.smcloud.net/t/image/t/47158/seks-w-ciazy-najczestsze-pytania_3285807.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://biaapodlaska.inwestowaniepogodzinach.pl/(Line 822) Message: Mixed Content: The page at 'https://biaapodlaska.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.poradynazdrowie.pl/images/foto_opryszczka_i_ciaza.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://biaapodlaska.inwestowaniepogodzinach.pl/(Line 822) Message: Mixed Content: The page at 'https://biaapodlaska.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://cdn21.dlarodzinki.smcloud.net/t/photos/t/7228/ciaza_344601.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://biaapodlaska.inwestowaniepogodzinach.pl/(Line 822) Message: Mixed Content: The page at 'https://biaapodlaska.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.kt24.pl/wp-content/uploads/2020/12/129137113_3471828652938113_7275363699136250760_o-768x512.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://biaapodlaska.inwestowaniepogodzinach.pl/(Line 822) Message: Mixed Content: The page at 'https://biaapodlaska.inwestowaniepogodzinach.pl/' was loaded over HTTPS, but requested an insecure element 'http://tarnowlokalnie.pl/photos/items/20_10/big_V7LE2XU7RL99_33305_napalona_niegrzeczna_dziewczynka.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://mamazonecdn.azureedge.net/cache/Single-13159-ciaza-herbata.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/invester1.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://biaapodlaska.inwestowaniepogodzinach.pl/fojkakp.gif?ref=&url=https%3A//biaapodlaska.inwestowaniepogodzinach.pl/&scr=1600x1200&q=1703508292&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.109%20Safari/537.36&0.14169471264093403 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://thumbs.img-sprzedajemy.pl/1000x901c/53/84/72/kostki-milosci-smieszna-gra-doroslych-wiek-od-18-tarnow-526385919.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://thumbs.img-sprzedajemy.pl/1000x901c/03/ac/40/kolowrotek-mitchell-avocet-rte-tarnow-532573353.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://flirtooy.info/?aff_id=8&click_id=38_66979_8666_b549e4df03c37f485639873a8024ad03&p10=2d5fabed-6d5d-43cd-a9fe-5b7b182ee81b_6caf0b875f30504ef8b8322d9c7c9784&source=66979&aff_sub=&aff_sub2=seo-sem Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.s.dziennik.pl
api.flirtooy.info
biaapodlaska.inwestowaniepogodzinach.pl
cdn.galleries.smcloud.net
cdn16.poradnikzdrowie.smcloud.net
cdn21.dlarodzinki.smcloud.net
counter.yadro.ru
flirtooy.info
fonts.googleapis.com
fonts.gstatic.com
go.gkrtmc.com
img.styl.fm
inwestowaniepogodzinach.pl
mamazonecdn.azureedge.net
motormania.com.pl
ocdn.eu
plodnosc.pl
s.mamotoja.pl
s1.dziennik.pl
sf-administracja.wpcdn.pl
tarnow.czarnysezam.pl
tarnowlokalnie.pl
thumbs.img-sprzedajemy.pl
www.kt24.pl
www.poradynazdrowie.pl
www.tarnow.net.pl
0.s.dziennik.pl
cdn.galleries.smcloud.net
cdn16.poradnikzdrowie.smcloud.net
cdn21.dlarodzinki.smcloud.net
counter.yadro.ru
mamazonecdn.azureedge.net
plodnosc.pl
s.mamotoja.pl
s1.dziennik.pl
sf-administracja.wpcdn.pl
tarnow.czarnysezam.pl
tarnowlokalnie.pl
www.kt24.pl
www.poradynazdrowie.pl
www.tarnow.net.pl
173.0.157.204
2606:4700:10::ac43:bcd
2606:4700:20::681a:18
2606:4700:3031::6815:3025
2606:4700:3035::ac43:bd7c
2606:4700:3036::ac43:d18e
2606:4700:3037::6815:215b
2607:f8b0:4006:81d::2003
2607:f8b0:4006:822::200a
54.230.163.9
021996cf3fb711f9ba62075a381a6e5ab0ed85c940f16cd8f7e7e46d35aa5a7b
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc
078f1f23cda3bc2aaa94ccce88a00bcd995ad28d00d6f96a00b4140c5857fafe
0fefe8ce217d02253225049003a97624b897e4f65b30e793013e4d0f7ff12360
34887f9e88e066996c1b3f93272d6e5479efc53d83d91853264122a608848b75
41cccb8335ccc110e1f2873bd174fa4287d3bfec228bb95f58941cb5f8f7e16c
4249cc0c062d48e5e75d3085137b938083a9016eecadb6149c90511b0b62633f
4eb50a0f2141a8732de59ee22d094ac250910be8761b82c2edaf283bb214d0ff
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a7cb9cfbcb95b0e85cd486ddd57828da14dfcbcf8927b6ff37febaf0de906cb
5e0a2d16695dfad684c5d1871495d50542b745d1a38f50732b08e5d71f474b7a
73c7f95e72e7b2eac05afd9c27dcc8ded5bd2f3dcb4a285ca08eb444ab3eb433
99a015caa427c7e217eeb53f583e2ec92fd45ef7b05b2950d4ecb0cf82c2ff92
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bd15635d4d69fd0c9cf15488dc50c8bd5ac67031f2af7dc281e77b48efdc4a1c
bf458be59f6261b940ac14c0cc190236ea732118cb24cd65fb5699b6a0991f3f
d21bc286bb09b7ff33dc72b0e0be7ff24f18ccea74882233b142a50c73c2fc6e
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
dc26b01db2355ad02cb06dd968473e60fdd9fe57b266f34f394049505ae01d69
ded3335243b7d5bd06efa3271dc62bf78003b8ea7ecfcbe7b5726c011e419f00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2b6038e9f6e2bce39654cc263d79cde1fbb6ab4906797d25c810958498a2f7
ec1e738b911424bb6a97c1b15053884d7ea5fd836d2e96962cb98e340203e00e
f162240b331a506e7b47ce4a362855e44085338ab1cc22cce02c5bc8e27c2ce0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

flirtooy.info Open in urlscan Pro 2606:4700:3037::6815:215b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

66 %HTTPS

80 %IPv6

21 Domains

26 Subdomains

11 IPs

1 Countries

913 kBTransfer

1539 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flirtooy.info Open in urlscan Pro
2606:4700:3037::6815:215b Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

66 %
HTTPS

80 %
IPv6

21
Domains

26
Subdomains

11
IPs

1
Countries

913 kB
Transfer

1539 kB
Size

5
Cookies

53 HTTP transactions
1 data transactions