otdykhgaz.buzz Open in urlscan Pro
38.180.150.131  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request vCWQgv6F Show response otdykhgaz.buzz/	940 B 2 KB	1426ms 960ms	Document text/html	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Full URL https://otdykhgaz.buzz/vCWQgv6F Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / PHP/7.4.33 Resource Hash 5a6f6193d71f57cb9f8d2b4c3f30468b5ead20f62a15a25c060473ccc753f3fb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 940 Content-Type text/html; charset=utf-8 Date Sat, 23 Nov 2024 16:58:33 GMT Expires Sat, 23 Nov 2024 16:58:32 GMT Server nginx/1.23.4 Vary Accept-Encoding X-Powered-By PHP/7.4.33
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	202ms 70ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/vCWQgv6F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/ Response headers content-encoding gzip etag W/"28feccc0-15d84" age 2780516 x-cache HIT, HIT date Sat, 23 Nov 2024 16:58:33 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding x-cache-hits 10, 476929 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-served-by cache-lga21981-LGA, cache-vie6349-VIE cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1732381114.582789,VS0,VE0 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30879 server nginx
GET H/1.1	200 OK	/ Show response otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/ Frame 272D	41 KB 41 KB	1059ms 1059ms	Document text/html	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/vCWQgv6F Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 30623352d511b14597d2e0bdef83ee707b45a72bef9ec95feb24076927a34531 Request headers Referer https://otdykhgaz.buzz/vCWQgv6F Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sat, 23 Nov 2024 16:58:34 GMT Server nginx/1.23.4 Transfer-Encoding chunked
GET H/1.1	200 OK	intlphone.css otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/ Frame 272D	19 KB 19 KB	1106ms 1103ms	Stylesheet text/css	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/intlphone.css Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash a44365a62a07c9ea7fb4248d56ac45adc8511132e16f0032acc0490084a92712 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-4ae9" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:35 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 19177 Date Sat, 23 Nov 2024 16:58:35 GMT Content-Type text/css Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	reset.css otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/ Frame 272D	7 KB 7 KB	1158ms 689ms	Stylesheet text/css	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/reset.css Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 194a0a1a9bee1bb744e8a9e03b5e741da426e1112dc0b55423b7db3bf585b03f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-1ba7" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:35 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 7079 Date Sat, 23 Nov 2024 16:58:35 GMT Content-Type text/css Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	bootstrap-grid.min.css otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/ Frame 272D	52 KB 52 KB	1756ms 1285ms	Stylesheet text/css	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/bootstrap-grid.min.css Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 9abd3f5a7973251d6b17cccd16652859f722a145f3e74272a5d31923c18f22c7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://otdykhgaz.buzz Referer Response headers Cache-Control max-age=864000 ETag "6723a4e3-ce45" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:35 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 52805 Date Sat, 23 Nov 2024 16:58:36 GMT Content-Type text/css Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H2	200	css2 fonts.googleapis.com/ Frame 272D	10 KB 1 KB	190ms 77ms	Stylesheet text/css	216.58.206.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&display=swap Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzfraa-aa-in-f10.1e100.net Software ESF / Resource Hash b7a3ea81b9fbecf11d1d7ef30a165cb2819d0374d5767e91b28723a6d9237349 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/ Response headers content-encoding gzip x-content-type-options nosniff expires Sat, 23 Nov 2024 16:58:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 23 Nov 2024 16:58:34 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sat, 23 Nov 2024 16:58:34 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	style.css otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/ Frame 272D	16 KB 17 KB	1486ms 1011ms	Stylesheet text/css	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/style.css Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash d686c44ef552e40649e9f394a54f042700f0b8df4571b40ae9b77fcf16c83a4f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-4143" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:35 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 16707 Date Sat, 23 Nov 2024 16:58:35 GMT Content-Type text/css Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	styles.min.css otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/ Frame 272D	19 KB 19 KB	1630ms 1135ms	Stylesheet text/css	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/styles.min.css Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash b84818dd36e1b4fdaf23b57f1a9a356ca629642e7d9fc09bc2195bb8646bb550 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-4b75" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:35 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 19317 Date Sat, 23 Nov 2024 16:58:35 GMT Content-Type text/css Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	logo.svg otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	9 KB 9 KB	2142ms 654ms	Image image/svg+xml	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Show image Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/logo.svg Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 6f81edda9e8f6f79fea1fd2b59309015527a68aba0113dc7118c4aaa7ba33adb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-239d" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:36 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 9117 Date Sat, 23 Nov 2024 16:58:36 GMT Content-Type image/svg+xml Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	plus.svg otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	228 B 572 B	1703ms 619ms	Image image/svg+xml	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Show image Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/plus.svg Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 6aa865c53c70f5ff1c4e748bbacf2be4c086bf7f5c6b14f6d75a60c62f2dec4b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-e4" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:36 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 228 Date Sat, 23 Nov 2024 16:58:36 GMT Content-Type image/svg+xml Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	play.svg otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	407 B 752 B	1793ms 659ms	Image image/svg+xml	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Show image Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/play.svg Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 52a6c075889e597e0cdbc77ee4a07b6d163c373f6f283a53f03f236cf6aaf0eb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-197" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:36 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 407 Date Sat, 23 Nov 2024 16:58:36 GMT Content-Type image/svg+xml Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	baltic-bubbles.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	13 KB 14 KB	688ms 688ms	Image image/png	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Show image Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/baltic-bubbles.png Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 6b2be66a28d202fbcd891943438e295e0180ca38f9d47dcb559e8d02e04711b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-355a" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:36 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 13658 Date Sat, 23 Nov 2024 16:58:37 GMT Content-Type image/png Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	baltic-map.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	16 KB 0	1062ms 1061ms	Image image/png	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Show image Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/baltic-map.png Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-6723" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:36 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 26403 Date Sat, 23 Nov 2024 16:58:37 GMT Content-Type image/png Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET H/1.1	200 OK	graph-bubbles.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	14 KB 14 KB	688ms 688ms	Image image/png	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Show image Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/graph-bubbles.png Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 274286b72a70cbbfdf24320fce94240f19b736ab8db246d483ecbf2e78aa654f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-371c" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:37 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 14108 Date Sat, 23 Nov 2024 16:58:37 GMT Content-Type image/png Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET		graph.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	0 0
GET		feature-1.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	0 0
GET		feature-2.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	0 0
GET		feature-3.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	0 0
GET H/1.1	200 OK	swiper-bundle.min.css otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/ Frame 272D	18 KB 18 KB	1843ms 1331ms	Stylesheet text/css	38.180.150.131 M247 M247 Europe SRL
General Check archive.org Show headers Download Go to Full URL https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/css/swiper-bundle.min.css Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.180.150.131 Hong Kong, Hong Kong, ASN9009 (M247 M247 Europe SRL, RO), Reverse DNS Software nginx/1.23.4 / Resource Hash 8b35c6364fba567362c8d577bc907a05f69de0ed074fc038b821c9392d91c215 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Response headers Cache-Control max-age=864000 ETag "6723a4e3-481b" Connection keep-alive Expires Tue, 03 Dec 2024 16:58:35 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 18459 Date Sat, 23 Nov 2024 16:58:36 GMT Content-Type text/css Last-Modified Thu, 31 Oct 2024 15:40:19 GMT Server nginx/1.23.4
GET		pr.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	0 0
GET		jquery-3.6.2.min.js otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/js/ Frame 272D	0 0
GET		swiper-bundle.min.js otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/js/ Frame 272D	0 0
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/ Frame 272D	87 KB 0	202ms 70ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/ Response headers content-encoding gzip etag W/"28feccc0-15d84" age 2780516 x-cache HIT, HIT date Sat, 23 Nov 2024 16:58:33 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding x-cache-hits 10, 476929 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-served-by cache-lga21981-LGA, cache-vie6349-VIE cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1732381114.582789,VS0,VE0 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30879 server nginx
GET H3	200	intlTelInput.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame 272D	29 KB 9 KB	98ms 64ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5f902e0e-72d9" age 1870772 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZtxRV%2BSnlFx6yO0vC3NwftxkwosETWQK5LeE8ryhtsCUzJ0LvAQ%2Fjh%2BuMKWrzbtyXBm6cexAYKPBJ2QISEC3TL%2BtPr9fv5%2FRbzuNXsGTvn3tK5o%2FjDYgSFkWuigen1PRNAjUUH%2F"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 13 Nov 2025 16:58:34 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 23 Nov 2024 16:58:34 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 21 Oct 2020 12:48:14 GMT vary Accept-Encoding priority u=2,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e72b46fc97aeeb1-WAW accept-ranges bytes access-control-allow-origin * content-length 8889 server cloudflare
GET H3	200	utils.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame 272D	238 KB 44 KB	71ms 38ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5f902e29-3b7cd" age 248361 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSYpAs3kquMc9GyttSieriyDnNewwjAGdvQ5jzCN12yb1kNRJaCRdEzUKo2Y2ERQ2cwNkZnT7xm%2FikmJa8PoprGs8xOuukCRyJ24q4ExB%2BBKTYsq4MdRRjpzSjUDBkib0diva%2Flp"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 13 Nov 2025 16:58:34 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 23 Nov 2024 16:58:34 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 21 Oct 2020 12:48:41 GMT vary Accept-Encoding priority u=2,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e72b46fc980eeb1-WAW accept-ranges bytes access-control-allow-origin * content-length 44414 server cloudflare
GET H3	200	inputmask.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame 272D	110 KB 19 KB	149ms 117ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/inputmask.js Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03ec3-1b675" age 246694 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uwDNqjmCU2XoCW2IOEL030a%2BhKD1K5UYv8QHyHO7BLe02k9WYnVL4bG3mTg6DrTOftS5WgWiifvPr321To39h1OPbUV1RpabszQMzI2zKcBgTHODLSYvJaXaKjpCOR%2B587v5Pwk"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 13 Nov 2025 16:58:34 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 23 Nov 2024 16:58:34 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 May 2020 16:11:47 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e72b46fc98aeeb1-WAW accept-ranges bytes access-control-allow-origin * content-length 19017 server cloudflare
GET H3	200	jquery.inputmask.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame 272D	3 KB 1 KB	149ms 118ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/jquery.inputmask.js Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03ec3-a3a" age 1568470 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qx9dZzS1FUtsEdwosy7oVmQjv0HL9zsQYGeQQ76lYgvtuN1ZhOII%2Foo1DLow2UdGOUeT0b7xOajxQQFax7URpihgoruOUvqBhgP%2BXcNWfQiGTOW3gN1bOCqvecwvVpK05FrD%2FhTj"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 13 Nov 2025 16:58:34 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 23 Nov 2024 16:58:34 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 May 2020 16:11:47 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e72b46fc98feeb1-WAW accept-ranges bytes access-control-allow-origin * content-length 655 server cloudflare
GET H3	200	intlTelInput.css cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ Frame 272D	25 KB 3 KB	124ms 91ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://otdykhgaz.buzz/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5f902e0e-62a6" age 674378 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XK1mWd6IPlLgOn5lY%2FJxgwxzdxhFwfO9MHPvCsaS9YReII4UKoy0WbaVX0swlfh3WgIR274yvI80wc7dfCw7EuYu41Rv1ovS3%2B4kSCRd49IBnjeNKfB0yQvaObL7rnXxtIP7AX%2B%2B"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 13 Nov 2025 16:58:34 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 23 Nov 2024 16:58:34 GMT content-type text/css; charset=utf-8 last-modified Wed, 21 Oct 2020 12:48:14 GMT vary Accept-Encoding priority u=2,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e72b46fc987eeb1-WAW accept-ranges bytes access-control-allow-origin * content-length 1970 server cloudflare
GET H3	206	Balticpipe_PL.mp4 ai-usmcollective.click/videos/ Frame 272D	257 KB 0	155ms 93ms	Media video/mp4	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ai-usmcollective.click/videos/Balticpipe_PL.mp4 Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://otdykhgaz.buzz/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "ac373d-625c774754da3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6up4YVqomkwDcuKyXoL7FFlMvy1SufG43hDQfbrDUYpGIZHw1btGUKfnj14gHYT%2FAL80oONI%2BPYgG7N%2BvGV1EVJYAzXY70JeFS1PztNK1cDiQrbibrrBXMbBaPSiye3TPt7GDxhx1tp"}],"group":"cf-nel","max_age":604800} Content-Range bytes 0-11286332/11286333 cf-ray 8e72b46ffedeb1d9-WAW alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27011&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4353&delivery_rate=21716&cwnd=12000&unsent_bytes=0&cid=d9d2c5abbba3a03a&ts=106&x=1", cfHdrFlush;dur=0 Content-Length 11286333 date Sat, 23 Nov 2024 16:58:34 GMT content-type video/mp4 last-modified Thu, 31 Oct 2024 15:27:22 GMT vary Accept-Encoding server cloudflare
GET DATA	200 OK	truncated / Frame 272D	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 272D	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 272D	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	206	Balticpipe_PL.mp4 ai-usmcollective.click/videos/ Frame 272D	98 KB 0	1ms 1ms	Media video/mp4	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ai-usmcollective.click/videos/Balticpipe_PL.mp4 Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://otdykhgaz.buzz/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Range bytes=262144- Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "ac373d-625c774754da3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6up4YVqomkwDcuKyXoL7FFlMvy1SufG43hDQfbrDUYpGIZHw1btGUKfnj14gHYT%2FAL80oONI%2BPYgG7N%2BvGV1EVJYAzXY70JeFS1PztNK1cDiQrbibrrBXMbBaPSiye3TPt7GDxhx1tp"}],"group":"cf-nel","max_age":604800} Content-Range bytes 262144-11286332/11286333 cf-ray 8e72b46ffedeb1d9-WAW alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27011&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4353&delivery_rate=21716&cwnd=12000&unsent_bytes=0&cid=d9d2c5abbba3a03a&ts=106&x=1", cfHdrFlush;dur=0 Content-Length 11024189 date Sat, 23 Nov 2024 16:58:34 GMT content-type video/mp4 last-modified Thu, 31 Oct 2024 15:27:22 GMT vary Accept-Encoding server cloudflare
GET H3	206	PL_rev1.mp4 ai-usmcollective.click/videos/ Frame 272D	577 KB 0	78ms 78ms	Media video/mp4	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ai-usmcollective.click/videos/PL_rev1.mp4 Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://otdykhgaz.buzz/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "247a70a-625c776ac9f95" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jex4ch8UQRA3geLsdMIWEb0c8ZEBbMyOYswgXX7CXJ7wAfALwKoWdVFDgVJOwLGmmppKDJsXVJ2WKvLGb%2FX3peeD%2FyYhjJNlB%2BJsXbQCjtVttEDgKX5yOSvzrHLhcZh8f3C7%2FWOei3aZ"}],"group":"cf-nel","max_age":604800} Content-Range bytes 0-38250249/38250250 cf-ray 8e72b47c3dbbb1d9-WAW alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28452&sent=2589&recv=102&lost=0&retrans=0&sent_bytes=3093086&recv_bytes=9338&delivery_rate=29386215&cwnd=1194000&unsent_bytes=0&cid=d9d2c5abbba3a03a&ts=2055&x=1", cfHdrFlush;dur=0 Content-Length 38250250 date Sat, 23 Nov 2024 16:58:36 GMT content-type video/mp4 last-modified Thu, 31 Oct 2024 15:28:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 fonts.gstatic.com/s/inter/v18/ Frame 272D	47 KB 47 KB	111ms 53ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://otdykhgaz.buzz Referer https://fonts.googleapis.com/ Response headers age 411655 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Tue, 18 Nov 2025 22:37:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 18 Nov 2024 22:37:41 GMT last-modified Mon, 29 Jul 2024 22:51:01 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48444 x-xss-protection 0 server sffe
GET		about-bg.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	0 0
GET		feature-bg.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/ Frame 272D	0 0
GET DATA	200 OK	truncated / Frame 272D	2 KB 2 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://otdykhgaz.buzz Referer Response headers Content-Type application/font-woff;charset=utf-8
GET H3	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2 fonts.gstatic.com/s/inter/v18/ Frame 272D	73 KB 73 KB	115ms 57ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://otdykhgaz.buzz Referer https://fonts.googleapis.com/ Response headers age 339868 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 19 Nov 2025 18:34:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 19 Nov 2024 18:34:08 GMT last-modified Mon, 29 Jul 2024 22:47:10 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 74328 x-xss-protection 0 server sffe
GET H3	206	PL_rev3.mp4 ai-usmcollective.click/videos/ Frame 272D	800 KB 0	85ms 85ms	Media video/mp4	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ai-usmcollective.click/videos/PL_rev3.mp4 Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://otdykhgaz.buzz/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "2f9bfcf-625c778a9a7b2" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8AWCivIfT7as6uZRGx8jk8erui6q57yztBqCkc8qbuhXDHsheWkhuN3S%2BSfFSFAsfNPnPZ5v4y0ZpFNQ7z8u01PTg7D9zwTeX7p9%2FNH00CQsUI1ntmOqQ64emPgBxzl9fc0f3tLb0FT"}],"group":"cf-nel","max_age":604800} Content-Range bytes 0-49921998/49921999 cf-ray 8e72b47c6de6b1d9-WAW alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28003&sent=3248&recv=104&lost=0&retrans=0&sent_bytes=3881880&recv_bytes=9427&delivery_rate=14773&cwnd=1194000&unsent_bytes=0&cid=d9d2c5abbba3a03a&ts=2087&x=1", cfHdrFlush;dur=0 Content-Length 49921999 date Sat, 23 Nov 2024 16:58:36 GMT content-type video/mp4 last-modified Thu, 31 Oct 2024 15:28:33 GMT vary Accept-Encoding server cloudflare
GET H3	206	PL_rev4.mp4 ai-usmcollective.click/videos/ Frame 272D	577 KB 0	94ms 93ms	Media video/mp4	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ai-usmcollective.click/videos/PL_rev4.mp4 Requested by Host: otdykhgaz.buzz URL: https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/?_token=uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069&subid=1cipng12tf9& Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://otdykhgaz.buzz/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "307787c-625c77ae71424" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UCEMX50aFQn0ZmXFYtuwF1oQpGpeMTu38Yrg64QBP4wmNmaDwJC8OZx%2Bho8IvEw%2Bm3tEjk8vXNP9VtvYq4HcxAh9%2FF%2BGl9f2ntvoCuxUB5gzehxWKfgXkjgOxJoe9odzUlwTVnhapcV%2B"}],"group":"cf-nel","max_age":604800} Content-Range bytes 0-50821243/50821244 cf-ray 8e72b47c6deab1d9-WAW alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27446&sent=3653&recv=109&lost=0&retrans=0&sent_bytes=4367223&recv_bytes=9649&delivery_rate=49330&cwnd=1194000&unsent_bytes=0&cid=d9d2c5abbba3a03a&ts=2095&x=1", cfHdrFlush;dur=2 Content-Length 50821244 date Sat, 23 Nov 2024 16:58:36 GMT content-type video/mp4 last-modified Thu, 31 Oct 2024 15:29:10 GMT vary Accept-Encoding server cloudflare
GET DATA	200 OK	truncated / Frame 272D	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 272D	515 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 272D	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET		favicon.png otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/graph.png

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/feature-1.png

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/feature-2.png

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/feature-3.png

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/pr.png

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/js/jquery-3.6.2.min.js

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/js/swiper-bundle.min.js

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/about-bg.png

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/feature-bg.png

Domain

otdykhgaz.buzz

URL

https://otdykhgaz.buzz/lander/orlen_gazetapl_prelander_pl_obj_js_v2_1730388790/land/images/favicon.png

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			otdykhgaz.buzz/	1970-01-21 01:57:39	Name: _subid Value: 1cipng12tf9
			otdykhgaz.buzz/	1970-01-21 01:14:27	Name: ca910 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUwODNcIjoxNzMyMzgxMTEyfSxcImNhbXBhaWduc1wiOntcIjE5NDVcIjoxNzMyMzgxMTEyfSxcInRpbWVcIjoxNzMyMzgxMTEyfSJ9.sqibcq3HCf5SIvjlAxFbVqymqijnZELwIAwKFjnYueM
			otdykhgaz.buzz/	1970-01-21 01:57:39	Name: _token Value: uuid_1cipng12tf9_1cipng12tf9674209b92d7ab6.13487069
			otdykhgaz.buzz/	1970-01-21 01:56:13	Name: subid Value: 1cipng12tf9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ai-usmcollective.click
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
otdykhgaz.buzz
otdykhgaz.buzz
104.17.25.14
142.250.186.35
151.101.2.137
188.114.97.3
216.58.206.74
38.180.150.131
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
194a0a1a9bee1bb744e8a9e03b5e741da426e1112dc0b55423b7db3bf585b03f
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243
274286b72a70cbbfdf24320fce94240f19b736ab8db246d483ecbf2e78aa654f
30623352d511b14597d2e0bdef83ee707b45a72bef9ec95feb24076927a34531
48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f
5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62
52a6c075889e597e0cdbc77ee4a07b6d163c373f6f283a53f03f236cf6aaf0eb
5a6f6193d71f57cb9f8d2b4c3f30468b5ead20f62a15a25c060473ccc753f3fb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
6aa865c53c70f5ff1c4e748bbacf2be4c086bf7f5c6b14f6d75a60c62f2dec4b
6b2be66a28d202fbcd891943438e295e0180ca38f9d47dcb559e8d02e04711b3
6f81edda9e8f6f79fea1fd2b59309015527a68aba0113dc7118c4aaa7ba33adb
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
8b35c6364fba567362c8d577bc907a05f69de0ed074fc038b821c9392d91c215
9abd3f5a7973251d6b17cccd16652859f722a145f3e74272a5d31923c18f22c7
a44365a62a07c9ea7fb4248d56ac45adc8511132e16f0032acc0490084a92712
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b7a3ea81b9fbecf11d1d7ef30a165cb2819d0374d5767e91b28723a6d9237349
b84818dd36e1b4fdaf23b57f1a9a356ca629642e7d9fc09bc2195bb8646bb550
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6
d686c44ef552e40649e9f394a54f042700f0b8df4571b40ae9b77fcf16c83a4f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d