Submitted URL: http://termybukovina.pl/
Effective URL: https://www.termybukovina.pl/
Submission: On May 20 via api from US — Scanned from PL

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 41 HTTP transactions. The main IP is 164.92.173.214, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is www.termybukovina.pl.
TLS certificate: Issued by R3 on May 18th 2024. Valid for: 3 months.
This is the only time www.termybukovina.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.194.241.55 57367 (ECO-ATMAN...)
9 164.92.173.214 14061 (DIGITALOC...)
1 104.17.24.14 13335 (CLOUDFLAR...)
9 164.92.137.202 14061 (DIGITALOC...)
2 46.101.204.148 14061 (DIGITALOC...)
1 142.250.185.138 15169 (GOOGLE)
5 142.250.185.200 15169 (GOOGLE)
1 86.111.240.133 47544 (IQPL-AS)
5 23.216.155.107 20940 (AKAMAI-ASN1)
2 157.240.253.1 32934 (FACEBOOK)
2 157.240.0.35 32934 (FACEBOOK)
1 23.216.155.123 20940 (AKAMAI-ASN1)
1 142.250.186.34 15169 (GOOGLE)
2 216.239.32.36 15169 (GOOGLE)
41 14
Apex Domain
Subdomains
Transfer
11 profitroom.pl
u.profitroom.pl — Cisco Umbrella Rank: 695549
js.profitroom.pl
24 MB
10 termybukovina.pl
termybukovina.pl
www.termybukovina.pl
428 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 448
p.typekit.net — Cisco Umbrella Rank: 565
119 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
458 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
294 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
377 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
71 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
64 B
1 premiumhotel.pl
cdn.premiumhotel.pl
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
1 KB
41 11
Domain Requested by
9 u.profitroom.pl www.termybukovina.pl
9 www.termybukovina.pl www.termybukovina.pl
5 use.typekit.net ajax.googleapis.com
www.termybukovina.pl
5 www.googletagmanager.com www.termybukovina.pl
www.googletagmanager.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.facebook.com www.termybukovina.pl
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 js.profitroom.pl www.termybukovina.pl
1 pagead2.googlesyndication.com www.googletagmanager.com
1 p.typekit.net
1 cdn.premiumhotel.pl www.termybukovina.pl
1 ajax.googleapis.com www.termybukovina.pl
1 cdnjs.cloudflare.com www.termybukovina.pl
1 termybukovina.pl 1 redirects
41 14
Subject Issuer Validity Valid
www.termybukovina.pl
R3
2024-05-18 -
2024-08-16
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.profitroom.pl
Sectigo RSA Domain Validation Secure Server CA
2024-02-19 -
2025-03-10
a year crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
cdn.premiumhotel.pl
R3
2024-04-27 -
2024-07-26
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-02-28 -
2024-05-28
3 months crt.sh
*.g.doubleclick.net
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.termybukovina.pl/
Frame ID: 606085558A8B89F6F63FC02E8D009127
Requests: 44 HTTP requests in this frame

Frame: https://www.termybukovina.pl/img/blank.gif
Frame ID: 1257B8FC7DDD81C4C16A0E5515D199D2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Termy BUKOVINA | baseny termalne, SPA - Bukowina Tatrzańska

Page URL History Show full URLs

  1. http://termybukovina.pl/ HTTP 307
    https://termybukovina.pl/ HTTP 301
    https://www.termybukovina.pl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

14
IPs

5
Countries

25737 kB
Transfer

27769 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://termybukovina.pl/ HTTP 307
    https://termybukovina.pl/ HTTP 301
    https://www.termybukovina.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.termybukovina.pl/
Redirect Chain
  • http://termybukovina.pl/
  • https://termybukovina.pl/
  • https://www.termybukovina.pl/
143 KB
43 KB
Document
General
Full URL
https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
275b70f34883c35ad6ecbdd41b925e7f06f4606f6524f692d1101f08ca8f8ed8

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 May 2024 21:37:12 GMT
server
nginx
upstream-cache-valid-time
10
vary
Accept-Encoding X-UA-Device

Redirect headers

content-length
162
content-type
text/html
date
Mon, 20 May 2024 21:37:11 GMT
location
https://www.termybukovina.pl/
server
nginx
strict-transport-security
max-age=15552001; includeSubDomains; preload;
upstream-cache-valid-time
10
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles.css
www.termybukovina.pl/dist/css/
275 KB
64 KB
Stylesheet
General
Full URL
https://www.termybukovina.pl/dist/css/styles.css?cfae5cb7964b7f1d03e31bbb1a611130740377f4
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
8e35a3e5e181aa43b6f78c9751bf452c93069b2e40f2d045785a35cc7925bd90

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/css
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Apr 2024 12:52:04 GMT
server
nginx
vary
Accept-Encoding
upstream-cache-valid-time
10
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
255424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
701
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cRk5y0UDwqAGNBC8KP1uL3o2Gl6qI1imwjv8bJbmoMfN%2BezC7CuZWxc6Kjif%2BGyXoSM5f3%2BrAEgIm3bORdQWCCywzc9%2BanjaVXHL4HH1ldmVrHx%2FILTj4T84epljoM%2BP3aYySZGd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
886f77740e0634bb-WAW
expires
Sat, 10 May 2025 21:37:12 GMT
blank.gif
www.termybukovina.pl/img/
43 B
178 B
Image
General
Full URL
https://www.termybukovina.pl/img/blank.gif
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
date
Mon, 20 May 2024 21:37:12 GMT
last-modified
Mon, 28 Oct 2019 10:44:52 GMT
server
nginx
accept-ranges
bytes
content-length
43
upstream-cache-valid-time
10
modal_background.jpg
u.profitroom.pl/2015.termabukowina.pl/uploads/misc/
106 KB
107 KB
Image
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/uploads/misc/modal_background.jpg
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
4c95512cf0944aab65ed655d4c506f7c506bcdac24ca991d40389dd948979e12

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
last-modified
Monday, 20-May-2024 01:23:20 GMT
server
nginx
etag
W/"5f8570eb-1a997"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
upstream-cache-valid-time
5
cache-control
max-age=3600, public
expires
Mon, 20 May 2024 22:37:12 GMT
f5b70dc7d4f18ba791e7e72a8f06d274.js
www.termybukovina.pl/cache/
889 KB
299 KB
Script
General
Full URL
https://www.termybukovina.pl/cache/f5b70dc7d4f18ba791e7e72a8f06d274.js
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
2e09756af3528c3014e2019dba1942889016fdb8e22c47ad77224991f1ae42e7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
last-modified
Tue, 16 Jun 2020 08:05:05 GMT
server
nginx
vary
Accept-Encoding
upstream-cache-valid-time
10
forms.min.js
www.termybukovina.pl/pl/assets/get/
13 KB
4 KB
Script
General
Full URL
https://www.termybukovina.pl/pl/assets/get/forms.min.js
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
95136f7210a3bd7165c12dc1add6ec2e687384acbeb8a27cfe2ca664bcaa2dc1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/javascript; charset=UTF-8
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, X-UA-Device
upstream-cache-valid-time
10
lang-start.css
js.profitroom.pl/langstart/dist/
25 KB
25 KB
Stylesheet
General
Full URL
https://js.profitroom.pl/langstart/dist/lang-start.css
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.101.204.148 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-2.do.ext.profitroom.net
Software
nginx /
Resource Hash
1082399810648d026a22632cf9c3da2e8901da54783c4fdd5b67fce52a4e8b2e
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:12 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload;
x-content-type-options
nosniff
last-modified
Mon, 03 Apr 2017 12:36:23 GMT
server
nginx
etag
"58e241c7-6350"
access-control-max-age
1y
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=1y
request-id
1E70E9E8-16F1-11EF-A813-9C76DA28DCCA
accept-ranges
bytes
content-length
25424
x-xss-protection
1; mode=block
expires
Tue, 20 May 2025 21:37:12 GMT
lang-start.js
js.profitroom.pl/langstart/dist/
6 KB
6 KB
Script
General
Full URL
https://js.profitroom.pl/langstart/dist/lang-start.js
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.101.204.148 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-2.do.ext.profitroom.net
Software
nginx /
Resource Hash
1b93720429379f013afe1c204a54f85bfd50a4322eb5013e6f7917ebca5784d8
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:12 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload;
x-content-type-options
nosniff
last-modified
Thu, 28 Jun 2018 08:59:22 GMT
server
nginx
etag
"5b34a36a-1818"
access-control-max-age
1y
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=1y
request-id
1E712368-16F1-11EF-BD5A-859EC9FB1936
accept-ranges
bytes
content-length
6168
x-xss-protection
1; mode=block
expires
Tue, 20 May 2025 21:37:12 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.18/
16 KB
7 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 17:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6490
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 May 2025 17:36:51 GMT
gtm.js
www.googletagmanager.com/
287 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHDVZCB
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5c0489c24ec3f6f3cbc9518fcd95b19f7b3ddd4251af73ff16b89916ead24f3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100091
x-xss-protection
0
last-modified
Mon, 20 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 May 2024 21:37:12 GMT
BetasiEKlient.js
cdn.premiumhotel.pl/booking-engine/
9 KB
4 KB
Script
General
Full URL
https://cdn.premiumhotel.pl/booking-engine/BetasiEKlient.js?app=termybukovina.premiumhotel.pl&lang=pl&defaultModule=service&defaultContext=%27_%27
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
86.111.240.133 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
r240-133.iq.pl
Software
Apache /
Resource Hash
aa4af2ef6b7a0373e80949dd9e0df1308450f65cd18cdc67d1a84af2e762a99a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
content-length
4008
expires
Thu, 1 Jan 1970 00:00:00 GMT
gtm.js
www.googletagmanager.com/
212 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DJT85K7
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
adf9eb348c859f8aef4a3e3e17bb1bc8f86f5f3f2468511049a38dedca866007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75151
x-xss-protection
0
last-modified
Mon, 20 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 May 2024 21:37:12 GMT
icomoon.woff
www.termybukovina.pl/src/fonts/
14 KB
14 KB
Font
General
Full URL
https://www.termybukovina.pl/src/fonts/icomoon.woff?-q6sksm
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/dist/css/styles.css?cfae5cb7964b7f1d03e31bbb1a611130740377f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
23a3c208d59ba1c51b41d032b5719270bb1a9adc510345a26320a90f3957e3e9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/dist/css/styles.css?cfae5cb7964b7f1d03e31bbb1a611130740377f4
Origin
https://www.termybukovina.pl
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
font/woff
date
Mon, 20 May 2024 21:37:12 GMT
last-modified
Mon, 28 Oct 2019 10:44:52 GMT
server
nginx
accept-ranges
bytes
content-length
13948
upstream-cache-valid-time
10
blank.gif
www.termybukovina.pl/img/ Frame 1257
43 B
178 B
Document
General
Full URL
https://www.termybukovina.pl/img/blank.gif
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://www.termybukovina.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
43
content-type
image/gif
date
Mon, 20 May 2024 21:37:12 GMT
last-modified
Mon, 28 Oct 2019 10:44:52 GMT
server
nginx
upstream-cache-valid-time
10
Comp20.jpg
u.profitroom.pl/2015.termabukowina.pl/thumb/1280x720/uploads/video/
153 KB
154 KB
Image
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/thumb/1280x720/uploads/video/Comp20.jpg
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
4ee6ca7d53c92330966a115cb4050ba14cdc5f39340c9cd608928d2b1fa3805e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
last-modified
Monday, 20-May-2024 15:41:13 GMT
server
nginx
etag
W/"5877b78c-264cf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
upstream-cache-valid-time
5
cache-control
max-age=3600, public
expires
Mon, 20 May 2024 22:37:12 GMT
CeperskoPa-min.jpg
u.profitroom.pl/2015.termabukowina.pl/thumb/1920x1080/uploads/2021/
339 KB
339 KB
Image
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/thumb/1920x1080/uploads/2021/CeperskoPa-min.jpg
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
4f427878fbb6ca129240ee264b1de45e0977104d81abaf364162f09db782ee6c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
last-modified
Monday, 20-May-2024 15:41:13 GMT
server
nginx
etag
W/"65e5c0ba-54b05"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
upstream-cache-valid-time
5
cache-control
max-age=3600, public
expires
Mon, 20 May 2024 22:37:12 GMT
termynastrone_12_1.jpg
u.profitroom.pl/2015.termabukowina.pl/thumb/1280x720/uploads/video/
78 KB
79 KB
Image
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/thumb/1280x720/uploads/video/termynastrone_12_1.jpg
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
98b7c890f26168c6d6b471f871e0d2f39e05345d1b70a2b9da915eb33521fdfc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
last-modified
Monday, 20-May-2024 15:41:13 GMT
server
nginx
etag
W/"5850f9aa-13996"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
upstream-cache-valid-time
5
cache-control
max-age=3600, public
expires
Mon, 20 May 2024 22:37:12 GMT
termynastrone_15_1.jpg
u.profitroom.pl/2015.termabukowina.pl/thumb/1280x720/uploads/video/
79 KB
79 KB
Image
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/thumb/1280x720/uploads/video/termynastrone_15_1.jpg
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
96fbe9916a7fa155ff94d6080245a0ed4783b15474c5e0b941534a1f7f698054

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
last-modified
Monday, 20-May-2024 15:41:13 GMT
server
nginx
etag
W/"5850f9aa-13c8b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
upstream-cache-valid-time
5
cache-control
max-age=3600, public
expires
Mon, 20 May 2024 22:37:12 GMT
termywiosna.jpg
u.profitroom.pl/2015.termabukowina.pl/thumb/1920x1080/uploads/2021/
562 KB
563 KB
Image
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/thumb/1920x1080/uploads/2021/termywiosna.jpg
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
85f1b159c498a59a38aa6c8bf42397896f26cbd8d03ca78978bc8520e1fa92df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
content-encoding
gzip
last-modified
Monday, 20-May-2024 15:41:13 GMT
server
nginx
etag
W/"623c658d-8c710"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
upstream-cache-valid-time
5
cache-control
max-age=3600, public
expires
Mon, 20 May 2024 22:37:12 GMT
token
www.termybukovina.pl/forms/
15 B
136 B
XHR
General
Full URL
https://www.termybukovina.pl/forms/token
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/cache/f5b70dc7d4f18ba791e7e72a8f06d274.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
5057df103c55b45c0ddbb178273bed951825e1d0a38a72e95aa8d32bf38454b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.termybukovina.pl/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/json; charset=utf-8
date
Mon, 20 May 2024 21:37:12 GMT
server
nginx
vary
X-UA-Device
upstream-cache-valid-time
10
hcv6yme.js
use.typekit.net/
17 KB
7 KB
Script
General
Full URL
https://use.typekit.net/hcv6yme.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.155.107 Dublin, Ireland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-155-107.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d874c6bfa15dd1d0b9cf76e841e988b473e8655c9a9fb1ed9a91971cda6b2336
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 20 May 2024 21:37:13 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6773
Comp2.mp4
u.profitroom.pl/2015.termabukowina.pl/uploads/video/
14 MB
14 MB
Media
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/uploads/video/Comp2.mp4
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
1006e7fdd86133c4e690708739030ae35aa4a8832240d42f61c6c7444b161357

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.termybukovina.pl/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
last-modified
Monday, 20-May-2024 19:04:39 GMT
server
nginx
etag
"5798bd8c-e48615"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-14976532/14976533
upstream-cache-valid-time
5
cache-control
max-age=3600, public
Content-Length
14976533
expires
Mon, 20 May 2024 22:37:12 GMT
termynastrone_12_1.mp4
u.profitroom.pl/2015.termabukowina.pl/uploads/video/
5 MB
5 MB
Media
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/uploads/video/termynastrone_12_1.mp4
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
2cbeb2c2e8caeb9ca3683ad1635e32605b2e9ba635ecbd69f261d6efacd94989

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.termybukovina.pl/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
last-modified
Monday, 20-May-2024 19:04:39 GMT
server
nginx
etag
"56f179e2-49734a"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-4813641/4813642
upstream-cache-valid-time
5
cache-control
max-age=3600, public
Content-Length
4813642
expires
Mon, 20 May 2024 22:37:12 GMT
termynastrone_15_1.mp4
u.profitroom.pl/2015.termabukowina.pl/uploads/video/
4 MB
4 MB
Media
General
Full URL
https://u.profitroom.pl/2015.termabukowina.pl/uploads/video/termynastrone_15_1.mp4
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.137.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-cdn-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
3c855797869c8a1626b0cdeb1c67d7d69972cc4ac8be08bc060eeb32510399b5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.termybukovina.pl/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 20 May 2024 21:37:12 GMT
last-modified
Monday, 20-May-2024 19:04:39 GMT
server
nginx
etag
"56f17a52-3da611"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-4040208/4040209
upstream-cache-valid-time
5
cache-control
max-age=3600, public
Content-Length
4040209
expires
Mon, 20 May 2024 22:37:12 GMT
js
www.googletagmanager.com/gtag/
320 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KR8B3KZ3M2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHDVZCB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a6ccfb4a5b57b0410c8d301d37fbb4955c7cb0ef77e34dda268af4db08400e58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106635
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 May 2024 21:37:13 GMT
destination
www.googletagmanager.com/gtag/
230 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-615915407&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHDVZCB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
30c1848d572770a137b84cd4406890cb71c1b2a5b5ec477b40c68296512e68a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84125
x-xss-protection
0
last-modified
Mon, 20 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 May 2024 21:37:13 GMT
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHDVZCB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 20 May 2024 21:37:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1314, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
5MxXy/oZaOnUmzMaTGeMayj0w0eavca3c638G41eFNVESZg+Oi84fNYHiTIJKoYmSULVwMhrtlqeqde7+niTeQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
410641379303312
connect.facebook.net/signals/config/
56 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/410641379303312?v=2.9.156&r=stable&domain=www.termybukovina.pl&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
99bd3395f1d748b625e637124486610ea22553b7a412b4b6861b01cfe7992557
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 20 May 2024 21:37:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=64, mss=1314, tbw=63406, tp=-1, tpl=-1, uplat=62, ullat=0
pragma
public
x-fb-debug
zYfLWIscpNBefkb/saBTdiQjbC3fuUV2KnrShbuokKBdAPiEjCTwpBn8tMo8ia5SrU7ZF8yvrF5qvKhW6XVc7Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=410641379303312&ev=PageView&dl=https%3A%2F%2Fwww.termybukovina.pl%2F&rl=&if=false&ts=1716241033658&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1716241033658.106263756&ler=empty&cdl=API_unavailable&it=1716241033541&coo=false&tm=1&rqm=GET
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1314, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 20 May 2024 21:37:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
l
use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/
28 KB
29 KB
Font
General
Full URL
https://use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/l?primer=9c9eeb12eaa05cb8ab973879985600d3315df37f0a3b710f0572e47583ad4c11&fvd=n7&v=3
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.155.107 Dublin, Ireland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-155-107.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
887999fced64fe054f018ded919869590d949bd4b551509c1391bda1fd7bdabd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Origin
https://www.termybukovina.pl
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:14 GMT
server
nginx
etag
"06f02b13ada8d99d7321806e476c1b9516868692"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28988
l
use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/
27 KB
27 KB
Font
General
Full URL
https://use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/l?primer=9c9eeb12eaa05cb8ab973879985600d3315df37f0a3b710f0572e47583ad4c11&fvd=n4&v=3
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.155.107 Dublin, Ireland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-155-107.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e9ce4bd6ef2de55ba94aff25d71858caed11d96574690ff31f2b58def9c3093a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Origin
https://www.termybukovina.pl
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:14 GMT
server
nginx
etag
"d6bff00eb6df4519557a8f157595367e98827a68"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27776
l
use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/
27 KB
28 KB
Font
General
Full URL
https://use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/l?primer=9c9eeb12eaa05cb8ab973879985600d3315df37f0a3b710f0572e47583ad4c11&fvd=n3&v=3
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.155.107 Dublin, Ireland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-155-107.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8f004dacb749e698bd53a941a3d092d2c4ec8115c6110fd9aa2d9eaaaf92a2fb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Origin
https://www.termybukovina.pl
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:14 GMT
server
nginx
etag
"76924e3958d1caeead857f018e37658171c083c2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28020
l
use.typekit.net/af/fa7eb1/0000000000000000000156f4/27/
28 KB
28 KB
Font
General
Full URL
https://use.typekit.net/af/fa7eb1/0000000000000000000156f4/27/l?primer=9c9eeb12eaa05cb8ab973879985600d3315df37f0a3b710f0572e47583ad4c11&fvd=n7&v=3
Requested by
Host: www.termybukovina.pl
URL: https://www.termybukovina.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.155.107 Dublin, Ireland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-155-107.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8cdf65ab3b2fadc59b8ed4c88d52b574c96f3458b62055a65f514bbd9e613ba

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Origin
https://www.termybukovina.pl
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:14 GMT
server
nginx
etag
"77242280c3e13c4ed585e677b0d6c54c7143c400"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28680
truncated
/
528 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70d62e3bff65be7f290bbb24afebab865c207efc463781868bf6c80ba872d7a1

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
173 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41031eeff1beb97e7c70db13636f93ffe0d685c9b483f3756fb0971b5e2919d3

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
199 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79a486a94eee24c83e86940bfd0a6f5c3f8bd4f035c46fc6dce795c5ccede58d

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5d0ca174174d3495824ca9c661ba0a7abc6ae7ab393f4743c859e2eef4d2177

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
p.gif
p.typekit.net/
35 B
205 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=hcv6yme&ht=tk&h=www.termybukovina.pl&f=139.175.5474.24409&a=3882295&js=1.21.0&app=typekit&e=js&_=1716241034278
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.155.123 Dublin, Ireland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-155-123.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:14 GMT
last-modified
Fri, 28 Jul 2023 12:42:20 GMT
server
nginx
etag
"64c3b7ac-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
js
www.googletagmanager.com/gtag/
302 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EV89EJZGB2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DJT85K7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f745649c2ed0c353a08a2cf3d74af54dcba603dca43400aa5a3ae55ac37b3db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:37:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102514
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 May 2024 21:37:14 GMT
/
www.facebook.com/tr/
0
103 B
Image
General
Full URL
https://www.facebook.com/tr/?id=410641379303312&ev=PageView&dl=https%3A%2F%2Fwww.termybukovina.pl%2F&rl=&if=false&ts=1716241034296&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1716241033658.106263756&ler=empty&cdl=API_unavailable&it=1716241033541&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1314, tbw=3128, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 20 May 2024 21:37:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
www.termybukovina.pl/
31 KB
4 KB
Other
General
Full URL
https://www.termybukovina.pl/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.173.214 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb-www-3.do.ext.profitroom.net
Software
nginx /
Resource Hash
343fd3f7b962bc63a359497c05abf51a4b83470b744e7c9d7371f34b8fdb6fd6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/x-icon
date
Mon, 20 May 2024 21:37:14 GMT
content-encoding
gzip
last-modified
Mon, 28 Oct 2019 10:44:52 GMT
server
nginx
vary
Accept-Encoding
upstream-cache-valid-time
10
landing
pagead2.googlesyndication.com/pagead/
42 B
64 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=1533011294.1716241037&url=https%3A%2F%2Fwww.termybukovina.pl%2F&dma_cps=-&dma=1&npa=1&gtm=45He45f0n81NHDVZCBv831869503za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHDVZCB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 20 May 2024 21:37:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KR8B3KZ3M2&gtm=45je45f0v878817917z8831869503za200&_p=1716241032404&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=1622971150.1716241037&ul=pl-pl&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1716241033&sct=1&seg=0&dl=https%3A%2F%2Fwww.termybukovina.pl%2F&dt=Termy%20BUKOVINA%20%7C%20baseny%20termalne%2C%20SPA%20-%20Bukowina%20Tatrza%C5%84ska&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5538
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KR8B3KZ3M2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 20 May 2024 21:37:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.termybukovina.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
249 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EV89EJZGB2&gtm=45je45f0v9170599471z89170588700za200&_p=1716241032404&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=1622971150.1716241037&ul=pl-pl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=1&sid=1716241034&sct=1&seg=0&dl=https%3A%2F%2Fwww.termybukovina.pl%2F&dt=Termy%20BUKOVINA%20%7C%20baseny%20termalne%2C%20SPA%20-%20Bukowina%20Tatrza%C5%84ska&en=page_view&_fv=1&_ss=1&ep.clientId=clientId&tfd=5547
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EV89EJZGB2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.termybukovina.pl/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 20 May 2024 21:37:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.termybukovina.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| WebFontConfig function| Cookies object| dataLayer string| jezyk function| dodajSkrypt string| swal_locale object| swal_messages function| videojs object| vSlickData object| imgLiquid function| head function| $ function| jQuery object| vttjs function| VTTRegion function| WebVTT function| swal function| sweetAlert object| skrollr object| AOS object| jQuery111308167474339691709 function| Color function| Chart object| locale_messages string| locale function| resizePatterns object| $siteOverlay function| openNav function| closeNav function| toggleNav undefined| livefeedPlayer undefined| mapOptions string| geoLat string| geoLng function| initializeProfitMap function| initGoogleOptions object| $videos number| scrollifyPrevious function| _typeof object| $homeAttractions undefined| cookiesTrackManager function| gtag function| gtagConsent function| getCookie function| _acceptCookiesPolicy function| _checkCookiesPolicy function| showCookieDiv function| isLocalStorage function| openCookieModal function| acceptOnlyRequiredCookies object| Lang object| BetasiEKlient object| $siteTop object| $siteModal object| WebFont object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| _fbq_gtm_ids function| onYouTubeIframeAPIReady object| Typekit object| gaGlobal

2 Cookies

Domain/Path Name / Value
www.termybukovina.pl/ Name: laravel_session
Value: 84fe0908f629f52aaf31af3f6ba7fecb6ed2a446%2B3WdaZc5pBCHfBLTHmStaicN0abHXhMMLWKuRxgch
.termybukovina.pl/ Name: _fbp
Value: fb.1.1716241033658.106263756

2 Console Messages

Source Level URL
Text
deprecation warning URL: https://www.termybukovina.pl/cache/f5b70dc7d4f18ba791e7e72a8f06d274.js(Line 1454)
Message:
Listener added for a 'DOMNodeRemoved' mutation event. This event type is deprecated, and will be removed from this browser very soon. Usage of this event listener will cause performance issues today, and represents a large risk of future site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
other warning URL: https://connect.facebook.net/signals/config/410641379303312?v=2.9.156&r=stable&domain=www.termybukovina.pl&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.premiumhotel.pl
cdnjs.cloudflare.com
connect.facebook.net
js.profitroom.pl
p.typekit.net
pagead2.googlesyndication.com
region1.google-analytics.com
termybukovina.pl
u.profitroom.pl
use.typekit.net
www.facebook.com
www.googletagmanager.com
www.termybukovina.pl
104.17.24.14
142.250.185.138
142.250.185.200
142.250.186.34
157.240.0.35
157.240.253.1
164.92.137.202
164.92.173.214
216.239.32.36
23.216.155.107
23.216.155.123
46.101.204.148
85.194.241.55
86.111.240.133
1006e7fdd86133c4e690708739030ae35aa4a8832240d42f61c6c7444b161357
1082399810648d026a22632cf9c3da2e8901da54783c4fdd5b67fce52a4e8b2e
1b93720429379f013afe1c204a54f85bfd50a4322eb5013e6f7917ebca5784d8
23a3c208d59ba1c51b41d032b5719270bb1a9adc510345a26320a90f3957e3e9
275b70f34883c35ad6ecbdd41b925e7f06f4606f6524f692d1101f08ca8f8ed8
2cbeb2c2e8caeb9ca3683ad1635e32605b2e9ba635ecbd69f261d6efacd94989
2e09756af3528c3014e2019dba1942889016fdb8e22c47ad77224991f1ae42e7
30c1848d572770a137b84cd4406890cb71c1b2a5b5ec477b40c68296512e68a2
343fd3f7b962bc63a359497c05abf51a4b83470b744e7c9d7371f34b8fdb6fd6
3c855797869c8a1626b0cdeb1c67d7d69972cc4ac8be08bc060eeb32510399b5
41031eeff1beb97e7c70db13636f93ffe0d685c9b483f3756fb0971b5e2919d3
4c95512cf0944aab65ed655d4c506f7c506bcdac24ca991d40389dd948979e12
4ee6ca7d53c92330966a115cb4050ba14cdc5f39340c9cd608928d2b1fa3805e
4f427878fbb6ca129240ee264b1de45e0977104d81abaf364162f09db782ee6c
5057df103c55b45c0ddbb178273bed951825e1d0a38a72e95aa8d32bf38454b2
5c0489c24ec3f6f3cbc9518fcd95b19f7b3ddd4251af73ff16b89916ead24f3e
70d62e3bff65be7f290bbb24afebab865c207efc463781868bf6c80ba872d7a1
79a486a94eee24c83e86940bfd0a6f5c3f8bd4f035c46fc6dce795c5ccede58d
85f1b159c498a59a38aa6c8bf42397896f26cbd8d03ca78978bc8520e1fa92df
887999fced64fe054f018ded919869590d949bd4b551509c1391bda1fd7bdabd
8e35a3e5e181aa43b6f78c9751bf452c93069b2e40f2d045785a35cc7925bd90
8f004dacb749e698bd53a941a3d092d2c4ec8115c6110fd9aa2d9eaaaf92a2fb
95136f7210a3bd7165c12dc1add6ec2e687384acbeb8a27cfe2ca664bcaa2dc1
96fbe9916a7fa155ff94d6080245a0ed4783b15474c5e0b941534a1f7f698054
98b7c890f26168c6d6b471f871e0d2f39e05345d1b70a2b9da915eb33521fdfc
99bd3395f1d748b625e637124486610ea22553b7a412b4b6861b01cfe7992557
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a6ccfb4a5b57b0410c8d301d37fbb4955c7cb0ef77e34dda268af4db08400e58
aa4af2ef6b7a0373e80949dd9e0df1308450f65cd18cdc67d1a84af2e762a99a
adf9eb348c859f8aef4a3e3e17bb1bc8f86f5f3f2468511049a38dedca866007
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c8cdf65ab3b2fadc59b8ed4c88d52b574c96f3458b62055a65f514bbd9e613ba
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d5d0ca174174d3495824ca9c661ba0a7abc6ae7ab393f4743c859e2eef4d2177
d874c6bfa15dd1d0b9cf76e841e988b473e8655c9a9fb1ed9a91971cda6b2336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
e9ce4bd6ef2de55ba94aff25d71858caed11d96574690ff31f2b58def9c3093a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f745649c2ed0c353a08a2cf3d74af54dcba603dca43400aa5a3ae55ac37b3db5