startuporlen.us Open in urlscan Pro
2606:4700:3037::ac43:ac17  Malicious Activity! Public Scan

URL: https://startuporlen.us/
Submission: On November 19 via automatic, source phishtank — Scanned from US

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3037::ac43:ac17, located in United States and belongs to CLOUDFLARENET, US. The main domain is startuporlen.us.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 12th 2021. Valid for: a year.
This is the only time startuporlen.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PKN Orlen (Extraction)

Domain & IP information

IP Address AS Autonomous System
23 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.117.59.81 15169 (GOOGLE)
34 7
Domain Requested by
23 startuporlen.us startuporlen.us
6 cdnjs.cloudflare.com startuporlen.us
cdnjs.cloudflare.com
2 ipinfo.io startuporlen.us
1 code.jquery.com startuporlen.us
1 connect.facebook.net startuporlen.us
1 www.googletagmanager.com startuporlen.us
34 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-11-12 -
2022-11-11
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-08-28 -
2021-11-26
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
ipinfo.io
GTS CA 1D4
2021-11-02 -
2022-01-31
3 months crt.sh

This page contains 2 frames:

Primary Page: https://startuporlen.us/
Frame ID: 81115963E5E6AFC7DBEE24BDCB8428AB
Requests: 3 HTTP requests in this frame

Frame: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Frame ID: 343EA8FE52707325ACA00F089E92F701
Requests: 38 HTTP requests in this frame

Screenshot

Page Title

Rozpoczęliśmy nowe projekty inwestycyjne!

Page Statistics

34
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

7017 kB
Transfer

9000 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
startuporlen.us/
1 KB
2 KB
Document
General
Full URL
https://startuporlen.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d91a18b7f1341de9f69f55f9ca3bc8bb127daae4dd3f5b5c7b03dff7bc521c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires
0
last-modified
Fri, 19 Nov 2021 09:15:07 GMT
pragma
no-cache
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO5kpvRP%2FA82py3cqENSAV1xpXtr6sKqQInejQr2es0crTeVmBaqECn%2FddoynsuvGIJCTx8WdUig0mAnyTogPDZ9J37ZK%2Bg3ixwrYm7u%2BAYzQPBuuxqu0N%2FqXwNo1xJt3VKvbemGLARyHMF2vSk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b08550b39bc671f-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/
74 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12c42cbb4e35a7a01c4babe33434bd189a0d7ee351e0ef400ae321766246a599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30020
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Nov 2021 09:15:08 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
d8ZQwrwcZMPGzY3+oXXs+uESlRFZbCS9jCUjYkOiO4CS7YEo9W5R5sRSKLLdhKB2Q3DAjwasig3cMDHLAsWVPQ==
x-fb-trip-id
1460883810
x-frame-options
DENY
date
Fri, 19 Nov 2021 09:15:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
startuporlen.us/lander/orlen-offer-obj-/land/ Frame 343E
260 KB
74 KB
Document
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b180168f33be9dff3f39fd2f733bef61c1a4b2b8b34ce6d130cde0cb21db880

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djr0LDfvqmNzaFp2%2FbWBHtDXrUzsIGfYQw%2BKPGVR2zApMXMH6HnEGefTcJIL05B55lcd7jYRNDNxTqyTqfeAJg%2FUlH13kzoJU9zQ6yJ7YnTECPuJL9lInvcMh%2BRySpAPAGCA%2BxSOWZcx6jgTKpo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b08550fe88f671f-DFW
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.css
startuporlen.us/lander/orlen-offer-obj-/land/assets/css/ Frame 343E
782 KB
75 KB
Stylesheet
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/css/app.css
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3782
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-c3800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fKNDw%2FAAkstjOYNV7gtLziJVUoj9c2SOE2JeLXeONULC5OOehIdy7Rq5EF6mBv3K%2FEKCZUgad4u%2F9TkZt30lDjpCCp8CWN4KfiJ%2FLtB9SW1EBojqpPD2TnFl9%2FkwP5Z%2FBUXe54GP1LV%2F7KFg2g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085511badf671f-DFW
expires
Mon, 29 Nov 2021 08:12:06 GMT
fonts.css
startuporlen.us/lander/orlen-offer-obj-/land/assets/css/ Frame 343E
2 KB
663 B
Stylesheet
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/css/fonts.css
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-8d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNiNr3kI74dc7Sl08L6jj%2F875Az%2FgEj%2FVwP3Zmy5vAUIl8yfog2jYqjcK6oQkA1r%2BLhXNJjtXwMaOsn2XtlpSztvE%2BPSVMCLjzfKXopLWnFNK8iTG6iCVW9cBdptubGUNadAGEHjlpc%2FHAkX23Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085511bae1671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
slick.css
startuporlen.us/lander/orlen-offer-obj-/land/assets/css/ Frame 343E
2 KB
828 B
Stylesheet
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/css/slick.css
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-6f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTPxFOJWQUcjlsnLA0l20MoLmqnJ6pajM1TyL5a9tpO6Awc4byFUr7d4VJzakYQAcYXfA%2BB3oz3gUZomLHiig9urygfRZLQt4Gd81qAmCiyn2E81Tc3Q3IuIvUAAPqpVucH3pLRDCwtWwJrSrfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085511bae2671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
ion.rangeSlider.min.css
startuporlen.us/lander/orlen-offer-obj-/land/assets/css/ Frame 343E
11 KB
3 KB
Stylesheet
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/css/ion.rangeSlider.min.css
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-2b4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2DeaezOoHofzObMtx6Mv9xbiKQwINiRo2aRb3YHGjgWy7AbTb%2FFsbQbbGZOA9zvRzvKemraHmyaYGFTQ27NE1QD4OL9A%2BoCDG7afcgCv7ynDzLPCp4P4mV7F4Le%2BahwTT2T50%2FB2qUj1hXS5oU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085511bae3671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
jquery.fancybox.min.css
startuporlen.us/lander/orlen-offer-obj-/land/assets/css/ Frame 343E
12 KB
3 KB
Stylesheet
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/css/jquery.fancybox.min.css
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-31fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pznS3reOkiibX6t%2BPp3Xxay9d8rwpTWprv4QU70a%2FEKGTGR5Yge13R6RrDG2nt6%2BKbPbYGIAQ1D1ESBS%2FiVFtr4VNDfnla79DPnadodImlaPiHn0LI3sF2DP1gM6%2BYLWn3ro4Sjj1pFK%2BzXnFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085511bae4671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
9.svg
startuporlen.us/lander/orlen-offer-obj-/land/assets/fonts/ Frame 343E
2 KB
1 KB
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/fonts/9.svg
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-70a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWbl1CX0nuW4wRqR%2F8knpYC5tFG%2BQ2wPAeALD2vbR7qMkXj0N%2Fz9YxTEwiuV8it4ud3AphkZCSGunqSbCCbgQyAHpelgjzbNilGalqoTebaqdrwukvX3HbKVaZ9yJiu8vtAPEB09pxrcUNe8yng%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085511baea671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
poster.jpg
startuporlen.us/lander/orlen-offer-obj-/land/assets/video/ Frame 343E
564 B
564 B
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/video/poster.jpg
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZROdWW8EmBW9gE3gohQtTwTq5ptqPltXkMGqNZt2JpdN1w4A%2BWbCHUUKA6kOwnIpgi0uOLIUQHfMM5amwbTUmf%2F%2BX5v9pyuoKYhNMc1H0VkkthYJXVhX%2FRz0KA5%2FSSFJuAxX%2FDLZvyGORZvHSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
6b085511baec671f-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame 343E
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 343E
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
video.mp4
startuporlen.us/lander/orlen-offer-obj-/land/assets/video/ Frame 343E
70 KB
0
Media
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/video/video.mp4
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23444
Content-Range
bytes 0-4107132/4107133
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
4107133
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-3eab7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PcrT5uUPWcdzQPeAvjQd9B4PvoIPEkrRowTKL1JGEcpgPZkYkSjlkToTCCKkNupLqNEpbgSOjWdDb5gqNrBryBAey6jXqNG8sIA1k8OaxuPO2V7RlolPiDEfdMXlbYfn7dWqA0%2B825mid1Rnt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085511eb36671f-DFW
expires
Mon, 29 Nov 2021 02:44:24 GMT
truncated
/ Frame 343E
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 343E
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
10.jpg
startuporlen.us/lander/orlen-offer-obj-/land/assets/images/ Frame 343E
77 KB
77 KB
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/images/10.jpg
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
78371
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-13223"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plbFYtcBwNMarm243KaTRXb4WuIOPd6GE%2FWLFaLB0nVeTQ66HtavIj1vc2awYteF17%2F6%2BxP5hG8ezgFTm7%2Bhl20r1b%2B%2F0TQ5KQZ75LfOGNMr4Z04AFGTdAi4g5lXO3qWSk%2B2qp7E6T3GM7ZmTnA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6b0855134d02671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
11.png
startuporlen.us/lander/orlen-offer-obj-/land/assets/images/ Frame 343E
1 MB
1 MB
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/images/11.png
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1150172
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-118cdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTRZ1t4YUuLHzbgE95eXTEvBMrHBrXFKSQiN7DPsb0JqXgF59x3CBiRj6tZsHdCVWVnmmCGRuWJyCJC3I%2BsJ4DXqp%2FIY%2B5LL1yXqikGHIGstcKJYsb%2F%2FHyCKBCimtf2BI2Z5Tg1aN1FPO0ddMOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6b0855134d07671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
12.png
startuporlen.us/lander/orlen-offer-obj-/land/assets/images/ Frame 343E
577 KB
578 KB
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/images/12.png
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
591037
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-904bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4cSNIl0b1p%2FlLCyN2jmHf4VBOrAM1%2FQci0WZGdQasr%2BpDi6kNujBLcWk2ahoJ4y5q4FLFseKp3QOynXwbFQgMu03F1MOaS%2FN9ehSNyzN3pLK9WkN2rDQwbYmnpp3mpE22c7qP%2BzpZxm7Mfb5RU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6b0855134d08671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
13.png
startuporlen.us/lander/orlen-offer-obj-/land/assets/images/ Frame 343E
617 KB
618 KB
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/images/13.png
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
631847
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-9a427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klO5neMun%2BtgqbVqwDNzVApyr61YYWWy8fQyt74LlKdk5sSd9ua6RCuCOVlnicT4Bnx%2FVz%2B9s%2FqJ9we5hzjK28dYZJSMUUhRN5zFow2honnDigQPV7tosOmjICZGFaOSOfhtnyVWJGLJTUEzYxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6b0855134d0a671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
14.png
startuporlen.us/lander/orlen-offer-obj-/land/assets/images/ Frame 343E
1 MB
1 MB
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/images/14.png
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1166276
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-11cbc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7p4FBDoEyipdG2KyqbkjX3OXD6Pc5tdXOFvRyFD1PHZArqaeejkHfxZul5m%2FpBQhduTNJI1YbSbHmSCgrbu41QflzsB1pNIF%2F41SeYzTVBKLyeTlbXsJMG7dBw6SW1OjOX93GCkQeSK2vITDy5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6b0855134d0d671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
15.jpg
startuporlen.us/lander/orlen-offer-obj-/land/assets/images/ Frame 343E
3 MB
3 MB
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/images/15.jpg
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2746610
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-29e8f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wh3w0CBEpgHhtY7RTibv0wZNsdo%2B5E1lpTWwCQhBvOHG5Lk1UnxPzqo9z9O%2F8HFUDuf0YPKL%2FvORVLU9lNEnKswcIPpU5tjXJF%2FXjkg2%2BHaa6KY2KeDx0nQ17kmEhDd19gm2%2FJcXi245FY1CmyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6b0855134d0e671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
16.jpg
startuporlen.us/lander/orlen-offer-obj-/land/assets/images/ Frame 343E
57 KB
57 KB
Image
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/images/16.jpg
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
57989
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-e285"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDRoDnOs9nh5w6hMTyXucwlsmmqNmHWKBtqc4lOnm4tzUqkwUa8l5vziOlpROTfITvTUcRBfUgiY682%2BvumChgUPdGpxykvY7So9%2B8xLyiMGxs5AndurAnDYx88N9126hW%2FmkYysKTNokneCfUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6b0855134d0f671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
truncated
/ Frame 343E
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 343E
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 343E
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
video.mp4
startuporlen.us/lander/orlen-offer-obj-/land/assets/video/ Frame 343E
75 KB
75 KB
Media
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/video/video.mp4
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9a6ae62b2ffcb59419370f3f16cd2e9b117264a34627001ac48e449281a9d5

Request headers

Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=4030464-

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23444
Content-Range
bytes 4030464-4107132/4107133
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
76669
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
"617a7648-3eab7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGWUWDr1zNtX4k6%2BMc%2BFPddmaW4m47RjuRXK3erRleUy6jxfZgGZ%2BXgACHBbTwIL2jbNnvcDLAhoTnYi8QzqwJzciR1W1m0NouDF5H8388VMDz5WaKdzUMJbBwv9OAvMqpz%2BOjqmPPhuhvVYxto%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b0855135d1e671f-DFW
expires
Mon, 29 Nov 2021 02:44:24 GMT
jquery-3.5.1.min.js
code.jquery.com/ Frame 343E
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1637313308.dop204.da2.t,1637313308.cds218.da2.hn,1637313308.cds011.da2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
jquery.min.js
startuporlen.us/lander/orlen-offer-obj-/land/assets/js/ Frame 343E
86 KB
31 KB
Script
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/js/jquery.min.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLK2WIxY7ntNW5O4aAY3ggrxUzqaRa1f7VeBDshegk%2BdP%2FhT9gWsyHDednytfPlW8GuN2FHjJEGYnHpaeBFp4l6HwnVG6PJG%2BZFBG%2BrJ0drpe5m7ee8KI59LHNQ%2ByZ4Ot7%2FfUyWHoaQmluX5BF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085513ad96671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
ion.rangeSlider.min.js
startuporlen.us/lander/orlen-offer-obj-/land/assets/js/ Frame 343E
40 KB
10 KB
Script
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/js/ion.rangeSlider.min.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-a0fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1d58LA2qfvmh%2FZljuzMAhgvMLWGnccDRUBdo3hu1%2BBeW8BjpXLmUtKHn7D9h4uM1d%2FFBlxowdNpuXVkvaHUIefg3h39R2%2Fdwdv3IyEPSvrZ2TyIsq%2Bp7hcZ03tA7hzz2k0VeD4V29%2F8XkeXxSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085513ad97671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
jquery.fancybox.min.js
startuporlen.us/lander/orlen-offer-obj-/land/assets/js/ Frame 343E
67 KB
22 KB
Script
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/js/jquery.fancybox.min.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-10a9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTE8H64UG9Lo7W6wbBY3KeyuuWd7f%2FcYqYw6DgDY2VdQh9he5TBZplHweDJYN%2FbePX%2B%2BaKfnwQFKKAPpbYUFknVGxGe33Vh3i0dIWEnUHdNetiKsbgSTuyMdgT2WGBliCKaDnsATM%2BHNG62mWns%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085513ad98671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
slick.min.js
startuporlen.us/lander/orlen-offer-obj-/land/assets/js/ Frame 343E
42 KB
11 KB
Script
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/js/slick.min.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-a76f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTJmbFPOhOlk42YbjmZRyP2eZBaSONRqhsOKc4FxiE%2BeKGG13ot9zlHjvIMbNrFBKoBFVfKAedElfk%2BKolRyt%2Fex0eTbp5r2eQtDdMqbK5z5a%2F8a3m2ehMaTKWF34KNYlygFYJVOfEZsJO3BM5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085513ad99671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
chunk-vendors.js
startuporlen.us/lander/orlen-offer-obj-/land/assets/js/ Frame 343E
539 KB
195 KB
Script
General
Full URL
https://startuporlen.us/lander/orlen-offer-obj-/land/assets/js/chunk-vendors.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ac17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 10:07:04 GMT
server
cloudflare
etag
W/"617a7648-86abf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PK6vndhqcL20ZLN9e%2FQlUnu65i4tjsd67mwHY2D11tk4exiWWY1hpcAp4F0YRl4PSbtIGjLoIRXrrjsN3AiBKdicx9Rmy98huc%2FxVd0qGc5%2FfEziYMayzOGnrJOdL%2F23nD1o152NMkJ0MyRuObc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
6b085513ad9a671f-DFW
expires
Mon, 29 Nov 2021 08:12:05 GMT
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame 343E
29 KB
9 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3689059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8889
timing-allow-origin
*
last-modified
Wed, 21 Oct 2020 12:48:14 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f902e0e-72d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFrFfEH94HDarqkAG334Q0DWGl753g8IoPW1UfSOqe5ME46iXZIT5rhCugRsYMZ6De4fWz8qPSSQUpvEuPSS0k9uhF9Hm21FnY8YoHGDXQk0JR%2F%2FUGtJrD2lAdqix3NW3W5tTjU8tbXFgnI6ogFKQiYf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b085514aa2d0c03-DFW
expires
Wed, 09 Nov 2022 09:15:08 GMT
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame 343E
238 KB
44 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3687467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44414
timing-allow-origin
*
last-modified
Wed, 21 Oct 2020 12:48:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f902e29-3b7cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcxVn%2FQIWnO4tVjuBf19PfcSm9OCO5uprnYnEZx7yUtjJUIAdIvKmzRdeR6wGobiRMxWtldlbPsuU2B%2B5%2BufklfuUNgaG2GzEqbIdBqPO%2B2KOG4PSki%2FmX%2FYN6MchN3iE2eJlEYt%2BYh4QWuUYThP5247"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b085514aa300c03-DFW
expires
Wed, 09 Nov 2022 09:15:08 GMT
inputmask.js
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame 343E
110 KB
19 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/inputmask.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
136649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19017
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-1b675"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rCnvcTCiV3Qp76XSj5uo1pbrn9P8gdgta%2B%2FRXNEPCrEU3tCpogQhyEqupAqaLYNVTkIQ70ICtO%2FrJh2NSlL9xByA935TigMhotASVzwIZCQCNrsk3c2TsUEdtuZc0xJb8T7ftxl4mhKdYNH8bNDhGl8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b085514aa330c03-DFW
expires
Wed, 09 Nov 2022 09:15:08 GMT
jquery.inputmask.js
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame 343E
3 KB
979 B
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/jquery.inputmask.js
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4886489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
655
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-a3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46ic30wdeTTR1aBAsJOSgercYOxB878wTVl%2B3PwEGQ%2Fh%2B%2B7IdpC3Yfyj142CTCDWq68f%2Bi71Oi%2BU3xrHoEMJ%2FHXqqr8oxRppIl885Tsw4mX4mUTocxMgFEA0arxp9U%2FQX%2BlqlosA0LdlyuYA3BxJRPxH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b085514aa310c03-DFW
expires
Wed, 09 Nov 2022 09:15:08 GMT
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ Frame 343E
25 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/?_token=uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3691342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1970
timing-allow-origin
*
last-modified
Wed, 21 Oct 2020 12:48:14 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f902e0e-62a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnzXrzz60vAUOMM%2BK2X4je%2BRC9d5RIGY%2FK9PkezyeecEivQbJheZBUhhtEnestvOvE4Z7GO%2BjKR1dkuH44%2FTFLn5ZZ4Dc%2FdXueZR1gnnigf0XWLgQC8Ps3gqDHB5xeWJ1FygnmeeShLnBE41Ld2mGlZe"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b085514aa2f0c03-DFW
expires
Wed, 09 Nov 2022 09:15:08 GMT
/
ipinfo.io/ Frame 343E
604 B
590 B
Script
General
Full URL
https://ipinfo.io/?callback=jQuery34106410544158342513_1637313308940&_=1637313308941
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
03935d99b34db4c57e58bb09157cd3697006f136a6f01c134cd43b06dfb0c3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:09 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
via
1.1 google
vary
Accept-Encoding
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
alt-svc
clear
x-xss-protection
1; mode=block
/
ipinfo.io/ Frame 343E
604 B
402 B
Script
General
Full URL
https://ipinfo.io/?callback=jQuery34106410544158342513_1637313308942&_=1637313308943
Requested by
Host: startuporlen.us
URL: https://startuporlen.us/lander/orlen-offer-obj-/land/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
0ad3ae5a185082354c475db1447f5e1431ca51e183bbb1860f8344e23fd8ff68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://startuporlen.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:09 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
via
1.1 google
vary
Accept-Encoding
x-envoy-upstream-service-time
3
x-content-type-options
nosniff
alt-svc
clear
x-xss-protection
1; mode=block
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/ Frame 343E
69 KB
70 KB
Image
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 09:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9060716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
70862
timing-allow-origin
*
last-modified
Wed, 21 Oct 2020 12:48:14 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f902e0e-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5bgYfBEXXW%2FW7ns6rLvcJZTgjkEWu3LMzgVwE1g0C1VeaupL%2FANBL%2BDeDxEp0ByTRtS%2FinGg9ozI9%2Ff7sNQ9itLYOk7gLMOaOuIkIXEhiP60vwgaxL%2F8HTLYa9Kq2odUyHxdAxULgl3CrF952qxp4DI"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b085515fba40c03-DFW
expires
Wed, 09 Nov 2022 09:15:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKN Orlen (Extraction)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| fbq function| _fbq function| gtag object| dataLayer object| google_tag_manager

3 Cookies

Domain/Path Name / Value
startuporlen.us/ Name: _subid
Value: 3ff7q544b67b
startuporlen.us/ Name: _token
Value: uuid_3ff7q544b67b_3ff7q544b67b61976b1bcccab8.92567220
startuporlen.us/ Name: e7428
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzczMTMzMDd9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNzMxMzMwN30sXCJ0aW1lXCI6MTYzNzMxMzMwN30ifQ.FNQm9xbqvD7TyWUj7igsZ2dAEOYaTxm3GjnzrG8tqdk

1 Console Messages

Source Level URL
Text
network error URL: https://startuporlen.us/lander/orlen-offer-obj-/land/assets/video/poster.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
ipinfo.io
startuporlen.us
www.googletagmanager.com
2001:4de0:ac18::1:a:1a
2606:4700:3037::ac43:ac17
2606:4700::6810:135e
2607:f8b0:4006:80b::2008
2a03:2880:f011:8:face:b00c:0:1
34.117.59.81
029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e
03935d99b34db4c57e58bb09157cd3697006f136a6f01c134cd43b06dfb0c3a1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0ad3ae5a185082354c475db1447f5e1431ca51e183bbb1860f8344e23fd8ff68
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9
12c42cbb4e35a7a01c4babe33434bd189a0d7ee351e0ef400ae321766246a599
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1b180168f33be9dff3f39fd2f733bef61c1a4b2b8b34ce6d130cde0cb21db880
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931
3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695
5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a
78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07
84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce
84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be
c0d91a18b7f1341de9f69f55f9ca3bc8bb127daae4dd3f5b5c7b03dff7bc521c
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe9a6ae62b2ffcb59419370f3f16cd2e9b117264a34627001ac48e449281a9d5