URL: https://e-garnitur.pl/
Submission: On March 14 via manual from PL — Scanned from PL

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 45 HTTP transactions. The main IP is 185.253.212.22, located in Poland and belongs to GREENER-AS, PL. The main domain is e-garnitur.pl.
TLS certificate: Issued by R3 on February 28th 2023. Valid for: 3 months.
This is the only time e-garnitur.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.253.212.22 48707 (GREENER-AS)
1 1 185.253.212.10 48707 (GREENER-AS)
4 66.254.114.234 29789 (REFLECTED)
15 66.254.122.20 29789 (REFLECTED)
4 151.101.2.217 54113 (FASTLY)
1 142.250.186.78 15169 (GOOGLE)
1 142.250.186.170 15169 (GOOGLE)
4 66.254.114.63 29789 (REFLECTED)
1 209.197.3.25 20446 (STACKPATH...)
1 76.223.31.44 16509 (AMAZON-02)
2 66.254.122.19 29789 (REFLECTED)
2 172.217.18.99 15169 (GOOGLE)
7 205.185.216.42 20446 (STACKPATH...)
2 34.193.5.126 ()
45 13
Apex Domain
Subdomains
Transfer
24 project1content.com
static2-ma-ht.project1content.com — Cisco Umbrella Rank: 115831
onenavigation-ht.project1content.com — Cisco Umbrella Rank: 201106
imageservice-assets-ht.project1content.com — Cisco Umbrella Rank: 145225
static-landing-assets.project1content.com — Cisco Umbrella Rank: 130167
images-assets-ht.project1content.com
2 MB
7 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1400
clientstream.launchdarkly.com — Cisco Umbrella Rank: 1204
events.launchdarkly.com
1 KB
4 atsptp.com
atlas.atsptp.com — Cisco Umbrella Rank: 140770
3 KB
3 mennetwork.com
landing.mennetwork.com
20 KB
2 gstatic.com
fonts.gstatic.com
43 KB
1 project1service.com
navigation-api.project1service.com — Cisco Umbrella Rank: 214324
2 KB
1 adtng.com
hw-cdn2.adtng.com — Cisco Umbrella Rank: 14828
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
742 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
1 am-track.pl
t2775.am-track.pl
507 B
1 e-garnitur.pl
e-garnitur.pl
817 B
45 11
Domain Requested by
12 static2-ma-ht.project1content.com landing.mennetwork.com
static2-ma-ht.project1content.com
7 static-landing-assets.project1content.com landing.mennetwork.com
4 atlas.atsptp.com static2-ma-ht.project1content.com
4 app.launchdarkly.com static2-ma-ht.project1content.com
3 landing.mennetwork.com e-garnitur.pl
hw-cdn2.adtng.com
2 events.launchdarkly.com static2-ma-ht.project1content.com
2 fonts.gstatic.com fonts.googleapis.com
2 imageservice-assets-ht.project1content.com landing.mennetwork.com
2 onenavigation-ht.project1content.com static2-ma-ht.project1content.com
1 images-assets-ht.project1content.com landing.mennetwork.com
1 navigation-api.project1service.com onenavigation-ht.project1content.com
1 clientstream.launchdarkly.com landing.mennetwork.com
1 hw-cdn2.adtng.com static2-ma-ht.project1content.com
1 fonts.googleapis.com static2-ma-ht.project1content.com
1 www.google-analytics.com static2-ma-ht.project1content.com
1 t2775.am-track.pl 1 redirects
1 e-garnitur.pl
45 17

This site contains no links.

Subject Issuer Validity Valid
e-garnitur.pl
R3
2023-02-28 -
2023-05-29
3 months crt.sh
mennetwork.com
R3
2023-02-19 -
2023-05-20
3 months crt.sh
*.project1content.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-05 -
2024-02-05
a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-28 -
2023-10-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
atsptp.com
R3
2023-02-20 -
2023-05-21
3 months crt.sh
*.adtng.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-15 -
2023-08-15
a year crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02
2023-02-10 -
2023-10-07
8 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
*.project1service.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-14 -
2024-03-16
a year crt.sh
events.launchdarkly.com
Amazon RSA 2048 M01
2023-02-28 -
2023-09-16
7 months crt.sh

This page contains 2 frames:

Primary Page: https://e-garnitur.pl/
Frame ID: 6ACFAF25141C850367E06EA7A6119189
Requests: 1 HTTP requests in this frame

Frame: https://landing.mennetwork.com/
Frame ID: 95E388F491FC3D368BE0ECBA6D0F31A0
Requests: 41 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

45
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

17
Subdomains

13
IPs

2
Countries

1685 kB
Transfer

3518 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://t2775.am-track.pl/track.php?track=57d9784b02136c62ffeed53711ed9743&ref= HTTP 301
  • https://landing.mennetwork.com/

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
e-garnitur.pl/
443 B
817 B
Document
General
Full URL
https://e-garnitur.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.253.212.22 , Poland, ASN48707 (GREENER-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
8bbebd8556bfbbbd9cbb0d51cadd2a3c4417c5805f65f7feab7398d1fe1d9f69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Mar 2023 22:27:12 GMT
Referrer-Policy
no-referrer
Server
nginx
Transfer-Encoding
chunked
/
landing.mennetwork.com/ Frame 95E3
Redirect Chain
  • https://t2775.am-track.pl/track.php?track=57d9784b02136c62ffeed53711ed9743&ref=
  • https://landing.mennetwork.com/
296 KB
18 KB
Document
General
Full URL
https://landing.mennetwork.com/
Requested by
Host: e-garnitur.pl
URL: https://e-garnitur.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.234 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty / Juan
Resource Hash
5eae6a1949cbaa5ae084766fa0b4ee494260e41bfe9dc278262df7c8d4e91ad3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
cache-control
no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 14 Mar 2023 22:27:12 GMT
etag
W/"49f64-jtIWhmRMG1JGg8+yrWRfJzKpD8Q"
server
openresty
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-powered-by
Juan
x-request-id
6410F4C0-42FE72EA01BB9DE0-EFBC9
x-trace
2B6EE212BD61C2D7CD00829FA253E5F86597406F1AA9D43F1BB45F3FA600
x-xss-protection
1; mode=block
x_ats_instance_id
239611
x_ats_instance_type
tour
x_ats_page_id
4637771
x_ats_page_type
HOME

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 Mar 2023 22:27:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://landing.mennetwork.com/
pragma
no-cache
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
runtime.0f1558b8.js
static2-ma-ht.project1content.com/tour/ Frame 95E3
9 KB
4 KB
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/runtime.0f1558b8.js
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
bfefc8bb4f8b9101cabf38df059cb9cf533f3de88c14d3e3ab6dca3cfc86b2ac

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
last-modified
Thu, 09 Mar 2023 20:02:09 GMT
etag
W/"371dd21ad-2240-5f67d1ea49240"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10623456
x-cdn-diag
fra1-11015-1-9605-h-0-0---;11014-48-19750----0-0-1
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
expires
Mon, 10 Jul 2023 19:03:42 GMT
vendors~main.1554cb1c.js
static2-ma-ht.project1content.com/tour/ Frame 95E3
1 MB
498 KB
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/vendors~main.1554cb1c.js
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
f7720435414e4f2fad6f202fcd716623ff4baedc8cf13830fde41b3e87c766c1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
last-modified
Tue, 07 Mar 2023 21:23:34 GMT
etag
W/"368435ef9-141d3d-5f65606210180"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10637426
x-cdn-diag
fra1-11015-3-9732-h-0-0---;11014-48-19750----0-0-1
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
expires
Mon, 10 Jul 2023 20:26:48 GMT
main.167b1972.js
static2-ma-ht.project1content.com/tour/ Frame 95E3
536 KB
172 KB
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/main.167b1972.js
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
fe860b00110628e9d6e5d98b8c271732dbcebb3cd60f4e15f9304d6d7e55e24c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
last-modified
Thu, 02 Mar 2023 21:03:44 GMT
etag
W/"6740f8f0c-85e75-5f5f129fe2c00"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10685337
x-cdn-diag
fra1-11015-3-9732-h-0-0---;11014-48-19750----0-0-2
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
expires
Sat, 08 Jul 2023 09:14:36 GMT
63bdba6ee6d64c12826b8bff
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://landing.mennetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 14 Mar 2023 22:27:14 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
203
x-served-by
cache-hhn-etou8220064-HHN
x-timer
S1678832835.636278,VS0,VE0
vortex.modern.min.js
static2-ma-ht.project1content.com/tour/ Frame 95E3
37 KB
10 KB
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/vortex.modern.min.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vendors~main.1554cb1c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
6801d5bad36407d4ee862f2898ad16f0d5d437c0762ec1a407db8f92467cc4f7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 19:05:32 GMT
etag
W/"5ee13c745-94e5-5f05b3c8b3700"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10432405
x-cdn-diag
fra1-11015-3-9721-h-0-0---;11014-59-19750----0-0-0
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
expires
Sun, 07 May 2023 12:49:24 GMT
analytics.js
www.google-analytics.com/ Frame 95E3
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vendors~main.1554cb1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Mar 2023 21:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4061
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 14 Mar 2023 23:19:33 GMT
ContainerBlock.0a04edce.js
static2-ma-ht.project1content.com/tour/@one/blocks/async/ Frame 95E3
232 B
762 B
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.0a04edce.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/runtime.0f1558b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
afd551c3d5c4b8a4159dded8d3cca7a38b0c49f909dd14a8cfdbcb913a5b016c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
last-modified
Thu, 02 Mar 2023 21:03:44 GMT
etag
"6740f8f18-e8-5f5f129fe2c00"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10543913
x-cdn-diag
fra1-11028-1-6417-h-0-0---;11014-59-19750----0-0-0
accept-ranges
bytes
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
content-length
232
expires
Thu, 06 Jul 2023 16:23:52 GMT
63bdba6ee6d64c12826b8bff
app.launchdarkly.com/sdk/goals/ Frame 95E3
2 B
182 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vendors~main.1554cb1c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://landing.mennetwork.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.2
accept-language
pl-PL,pl;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Tue, 14 Mar 2023 22:27:14 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-hhn-etou8220064-HHN
x-timer
S1678832835.685959,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
136
eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/ Frame 95E3
378 B
533 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vendors~main.1554cb1c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
113e39eb955a7d9e51c4ac2c240e84e503a3edb5c12dec7f50876b443f69218a

Request headers

Referer
https://landing.mennetwork.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.2
accept-language
pl-PL,pl;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
156
x-served-by
cache-hhn-etou8220068-HHN, cache-hhn-etou8220064-HHN
x-timer
S1678832835.685946,VS0,VE0
etag
"37dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
189
eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://landing.mennetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 14 Mar 2023 22:27:14 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
203
x-served-by
cache-hhn-etou8220064-HHN
x-timer
S1678832835.636378,VS0,VE0
css
fonts.googleapis.com/ Frame 95E3
754 B
742 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans:400,700
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vendors~main.1554cb1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:05:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Mar 2023 22:27:14 GMT
guid
atlas.atsptp.com/ Frame 95E3
128 B
839 B
XHR
General
Full URL
https://atlas.atsptp.com/guid?app_id=&eventName=&
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vortex.modern.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.63 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
nginx /
Resource Hash
8547483bda093e230ad365ae36e7994093426d5169d1ce7fae81eabc053acd7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.mennetwork.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 22:27:14 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://landing.mennetwork.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-disposition
inline
timing-allow-origin
*
content-length
128
x-xss-protection
0
x-request-id
6410F4C2-42FE723F01BBACA8-4EECD7D4
idsync.min.js
hw-cdn2.adtng.com/delivery/idsync/ats/ Frame 95E3
46 KB
47 KB
Script
General
Full URL
https://hw-cdn2.adtng.com/delivery/idsync/ats/idsync.min.js?v=1678831200000
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vendors~main.1554cb1c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
35598acd20349e1fe6a84aad36121c51589e7017a8855ccd3a2409479cdd7d72

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 14 Mar 2023 22:27:14 GMT
Last-Modified
Thu, 02 Mar 2023 15:50:54 GMT
ETag
"1677772254"
X-HW
1678832834.dop007.wa1.t,1678832834.cds011.wa1.shn,1678832834.cds011.wa1.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10783207
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
47557
RowBlock.e9a01ffa.js
static2-ma-ht.project1content.com/tour/@one/blocks/async/ Frame 95E3
421 B
953 B
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.e9a01ffa.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/runtime.0f1558b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
0506e729a6a6df818cb9572cc2a606f49c54b0c25d306c389d6233d266782da9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
last-modified
Thu, 02 Mar 2023 21:03:44 GMT
etag
"6740f8f21-1a5-5f5f129fe2c00"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10543913
x-cdn-diag
fra1-11014-3-26939-h-0-0---;11014-50-19750----0-0-0
accept-ranges
bytes
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
content-length
421
expires
Thu, 06 Jul 2023 16:23:52 GMT
events
atlas.atsptp.com/ Frame 95E3
128 B
844 B
XHR
General
Full URL
https://atlas.atsptp.com/events?app_id=10303&eventName=UNIQUE_TRACK&saffCode=eyJhIjo5NDk2LCJjIjo1NjU4NTQyNSwibiI6MjIsInMiOjU0MiwiZSI6OTA5NCwicCI6M30%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=MN&sconversionType=UNIQUE_TRACK&sconvertingPage=https%3A%2F%2Flanding.mennetwork.com%2F&suserAgent=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.64+Safari%2F537.36&nvalue=1&nab=0&ssku=Marketplace&ninstanceId=239611&npageId=4637771&nadId=0&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&satlasJsVersion=1.7.1&_sscreen=1600+x+1200&_sbrowser=Chrome&_sbrowserVersion=111.0.5563.64&_bmobile=false&_sos=Windows+NT+4.0&_sosVersion=NT+4.0&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=Chrome+PDF+Plugin%2CChrome+PDF+Viewer%2CNative+Client&_errors%5B%5D=100&_errors%5B%5D=%2C
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vortex.modern.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.63 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
87338324967b0b4b3ccc444912bcb4e984806221405ac5a6a8fa0d07bab52590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.mennetwork.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 22:27:14 GMT
via
1.1 google
x-content-type-options
nosniff
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://landing.mennetwork.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-disposition
inline
timing-allow-origin
*
x-xss-protection
0
x-request-id
6410F4C2-42FE723F01BBACA8-4EECD7DD
events
atlas.atsptp.com/ Frame 95E3
128 B
844 B
XHR
General
Full URL
https://atlas.atsptp.com/events?app_id=10303&eventName=TRACK&saffCode=eyJhIjo5NDk2LCJjIjo1NjU4NTQyNSwibiI6MjIsInMiOjU0MiwiZSI6OTA5NCwicCI6M30%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=MN&sconversionType=TRACK&sconvertingPage=https%3A%2F%2Flanding.mennetwork.com%2F&suserAgent=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.64+Safari%2F537.36&nvalue=1&nab=0&ssku=Marketplace&ninstanceId=239611&npageId=4637771&nadId=0&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&satlasJsVersion=1.7.1&_sscreen=1600+x+1200&_sbrowser=Chrome&_sbrowserVersion=111.0.5563.64&_bmobile=false&_sos=Windows+NT+4.0&_sosVersion=NT+4.0&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=Chrome+PDF+Plugin%2CChrome+PDF+Viewer%2CNative+Client&_errors%5B%5D=100&_errors%5B%5D=%2C
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vortex.modern.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.63 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
c3f9f6048d6b2bc7481f4472f155e6ddd06f52745b59a6eb9b0c785382db80f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.mennetwork.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 22:27:14 GMT
via
1.1 google
x-content-type-options
nosniff
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://landing.mennetwork.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-disposition
inline
timing-allow-origin
*
x-xss-protection
0
x-request-id
6410F4C2-42FE723F01BBACA8-4EECD7DC
ColumnBlock.2c9a9fe6.js
static2-ma-ht.project1content.com/tour/@one/blocks/async/ Frame 95E3
435 B
966 B
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.2c9a9fe6.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/runtime.0f1558b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
5e1f62e7d5d9cdc2fbed468b2eac05c92ff994631dab4e53cd6ba7c1cdca2e8e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
last-modified
Thu, 02 Mar 2023 21:03:44 GMT
etag
"674ac9829-1b3-5f5f129fe2c00"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10632510
x-cdn-diag
fra1-11028-3-6522-h-0-0---;11014-52-19750----0-0-0
accept-ranges
bytes
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
content-length
435
expires
Fri, 07 Jul 2023 18:34:10 GMT
NavigationBlock.3db9908b.js
static2-ma-ht.project1content.com/tour/@one/blocks/async/ Frame 95E3
4 KB
3 KB
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/@one/blocks/async/NavigationBlock.3db9908b.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/runtime.0f1558b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
255714f5ff19c14cfdd62060c264e5af88f6771e61df253778a02bd94c3ed62d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
last-modified
Thu, 02 Mar 2023 21:03:44 GMT
etag
W/"674ac9832-fbe-5f5f129fe2c00"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10643450
x-cdn-diag
fra1-11028-1-6417-h-0-0---;11014-53-19750----0-0-0
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
expires
Fri, 07 Jul 2023 20:02:53 GMT
ImageBlock.8171e1e5.js
static2-ma-ht.project1content.com/tour/@one/blocks/async/ Frame 95E3
6 KB
3 KB
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.8171e1e5.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/runtime.0f1558b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
f09340bb20771744eb87756ef139864e099de9b979f2efe536413fa0d5a3e351

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
last-modified
Thu, 02 Mar 2023 21:03:44 GMT
etag
W/"673f76403-16ab-5f5f129fe2c00"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10799467
x-cdn-diag
fra1-11014-2-26898-h-0-0---;11014-53-19750----0-0-0
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
expires
Sun, 09 Jul 2023 15:23:07 GMT
FooterBlock.a87296d9.js
static2-ma-ht.project1content.com/tour/@one/blocks/async/ Frame 95E3
3 KB
2 KB
Script
General
Full URL
https://static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.a87296d9.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/runtime.0f1558b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
9f0d4844b78b60837f873fa1f9737832b86f1adba4fca44b3514d92e7d96a856

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
content-encoding
gzip
last-modified
Thu, 02 Mar 2023 21:03:44 GMT
etag
W/"675cb2407-b65-5f5f129fe2c00"
vary
Accept-Encoding
access-control-max-age
600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
HEAD, POST, GET, OPTIONS
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10799467
x-cdn-diag
fra1-11014-3-26950-h-0-0---;11014-53-19750----0-0-0
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
expires
Sun, 09 Jul 2023 15:23:07 GMT
eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
clientstream.launchdarkly.com/eval/63bdba6ee6d64c12826b8bff/ Frame 95E3
397 B
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/63bdba6ee6d64c12826b8bff/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.31.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://landing.mennetwork.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
485
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
asset-manifest.json
onenavigation-ht.project1content.com/ Frame 95E3
298 B
565 B
Fetch
General
Full URL
https://onenavigation-ht.project1content.com/asset-manifest.json
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/main.167b1972.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
15842d7665d0b50b48cbb26d07d0ef062895826eaa4ff50b35fb22c13873b7e5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Wed, 22 Feb 2023 14:21:43 GMT
etag
"66b63dc2a-12a-5f54a9d89ebc0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-cdn-diag
fra1-11015-3-9721-h-0-0---;11014-48-19750----0-0-0
accept-ranges
bytes
content-length
298
expires
Sun, 25 Jun 2023 02:19:55 GMT
probiller.5f27a427.png
static2-ma-ht.project1content.com/tour/assets/ Frame 95E3
8 KB
9 KB
Image
General
Full URL
https://static2-ma-ht.project1content.com/tour/assets/probiller.5f27a427.png
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
ce087c55c6cfa777c2070304a44b3a756c57a31f124a9befcfe69af6bd103483

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
last-modified
Fri, 23 Sep 2022 16:04:00 GMT
etag
"59bd77478-2131-5e95a53741c00"
access-control-max-age
600
access-control-allow-methods
HEAD, POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10715247
x-cdn-diag
fra1-11015-3-9732-h-0-0---;11014-57-19750----0-0-2
accept-ranges
bytes
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
content-length
8497
expires
Sat, 28 Jan 2023 21:24:53 GMT
rta.6e25c31d.jpg
static2-ma-ht.project1content.com/tour/assets/ Frame 95E3
2 KB
3 KB
Image
General
Full URL
https://static2-ma-ht.project1content.com/tour/assets/rta.6e25c31d.jpg
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
38c3608f1c53b13cd5567fecc6957d3568be15148abe43819e32bad5aa5d18f5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:14 GMT
last-modified
Wed, 19 Oct 2022 21:48:45 GMT
etag
"5b20368f8-811-5eb6a2c3fe940"
access-control-max-age
600
access-control-allow-methods
HEAD, POST, GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control
max-age=10509032
x-cdn-diag
fra1-11014-3-26941-h-0-0---;11014-57-19750----0-0-0
accept-ranges
bytes
access-control-allow-headers
Content-Type, Origin, Accept, Range, Cache-Control
content-length
2065
expires
Wed, 22 Feb 2023 15:18:26 GMT
61f8066f8dfa78.52827888.png
imageservice-assets-ht.project1content.com/m=gd/assets/CorpFooter/01-31-2022/ Frame 95E3
7 KB
7 KB
Image
General
Full URL
https://imageservice-assets-ht.project1content.com/m=gd/assets/CorpFooter/01-31-2022/61f8066f8dfa78.52827888.png
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
9da4af19e2b762a00fba022fac757927be86fda74c2bffeb19fbea52ee010a7e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Mon, 31 Jan 2022 15:55:27 GMT
etag
"4d987d9c0-1a7b-5d6e2d02b39c0"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10847511
x-cdn-diag
fra1-11015-2-9679-h-0-0---;11014-50-19750----0-0-0
content-length
6851
expires
Mon, 12 Jun 2023 04:47:47 GMT
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ Frame 95E3
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://landing.mennetwork.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:48:35 GMT
x-content-type-options
nosniff
age
376719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22376
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 13:48:35 GMT
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ Frame 95E3
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://landing.mennetwork.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:58:44 GMT
x-content-type-options
nosniff
age
376110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21224
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 13:58:44 GMT
R1_01.jpg
static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/ Frame 95E3
67 KB
67 KB
Image
General
Full URL
https://static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/R1_01.jpg
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
openresty/1.17.8.2 /
Resource Hash
d1954ddfaa529aa964d6c881e672f040f2893e4360912afdea90ce39ee1b64ed

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Thu, 05 Jan 2023 15:52:49 GMT
server
openresty/1.17.8.2
etag
"453e6ab16-10b30-5f1864af47640"
x-hw
1678832835.dop205.wa1.t,1678832835.cds208.wa1.hn,1678832835.cds210.wa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10526531
accept-ranges
bytes
content-length
68400
R2_01.jpg
static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/ Frame 95E3
106 KB
106 KB
Image
General
Full URL
https://static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/R2_01.jpg
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
openresty/1.17.8.2 /
Resource Hash
a6c2be2e26c576ed6481073790ee33682af6f5e37de18f74794514b8f7653762

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Thu, 29 Dec 2022 19:29:47 GMT
server
openresty/1.17.8.2
etag
"454ee47ea-1a86d-5f0fc81ffc0c0"
x-hw
1678832835.dop205.wa1.t,1678832835.cds208.wa1.hn,1678832835.cds215.wa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10526531
accept-ranges
bytes
content-length
108653
R3_01.jpg
static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/ Frame 95E3
82 KB
83 KB
Image
General
Full URL
https://static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/R3_01.jpg
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
openresty/1.17.8.2 /
Resource Hash
b1e29b24158b874ded9ca0ad15fadcdd67a46cfd83ad61180fcfd347ed49be6d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Thu, 05 Jan 2023 15:52:54 GMT
server
openresty/1.17.8.2
etag
"454735e61-14979-5f1864b40c180"
x-hw
1678832835.dop205.wa1.t,1678832835.cds208.wa1.hn,1678832835.cds208.wa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10526531
accept-ranges
bytes
content-length
84345
R4_01.jpg
static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/ Frame 95E3
86 KB
87 KB
Image
General
Full URL
https://static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/R4_01.jpg
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
openresty/1.17.8.2 /
Resource Hash
5559abb45bea00610c6c6b96f72320fdb4023fbfe28972666f424cc006fb907e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Thu, 29 Dec 2022 19:29:51 GMT
server
openresty/1.17.8.2
etag
"454ee47f4-1599f-5f0fc823cc9c0"
x-hw
1678832835.dop205.wa1.t,1678832835.cds208.wa1.hn,1678832835.cds205.wa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10536896
accept-ranges
bytes
content-length
88479
R5_01.jpg
static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/ Frame 95E3
81 KB
81 KB
Image
General
Full URL
https://static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/R5_01.jpg
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
openresty/1.17.8.2 /
Resource Hash
e15e628409729120e036a303e3c63e0aad22cfe22084b2887f1a7972ea5c7cfb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Thu, 29 Dec 2022 19:29:52 GMT
server
openresty/1.17.8.2
etag
"453e6ab1e-1453d-5f0fc824c0c00"
x-hw
1678832835.dop205.wa1.t,1678832835.cds208.wa1.hn,1678832835.cds220.wa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10526531
accept-ranges
bytes
content-length
83261
R6_01.jpg
static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/ Frame 95E3
158 KB
158 KB
Image
General
Full URL
https://static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/R6_01.jpg
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
openresty/1.17.8.2 /
Resource Hash
0bb85e6b1129bc1683bedbbbc038d2cff568c821c6d633337a20f470aab40cab

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Thu, 29 Dec 2022 19:29:56 GMT
server
openresty/1.17.8.2
etag
"454c840e2-2786e-5f0fc82891500"
x-hw
1678832835.dop205.wa1.t,1678832835.cds208.wa1.hn,1678832835.cds003.wa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10387868
accept-ranges
bytes
content-length
161902
R7_01.jpg
static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/ Frame 95E3
53 KB
53 KB
Image
General
Full URL
https://static-landing-assets.project1content.com/P1TGP/Men/Affiliates/Fallback/Default/PC/TGP1/R7_01.jpg
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
openresty/1.17.8.2 /
Resource Hash
e724ff1b13f8d7494af09d0f4676fbf85ac1f73a85a985d5418e053cbd47f722

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Thu, 29 Dec 2022 19:29:57 GMT
server
openresty/1.17.8.2
etag
"453c584b4-d3ac-5f0fc82985740"
x-hw
1678832835.dop205.wa1.t,1678832835.cds208.wa1.hn,1678832835.cds204.wa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10404531
accept-ranges
bytes
content-length
54188
7a13502af0db2320e3783803da74b81a
landing.mennetwork.com/_xd/api/d/jsfp/ Frame 95E3
36 B
575 B
XHR
General
Full URL
https://landing.mennetwork.com/_xd/api/d/jsfp/7a13502af0db2320e3783803da74b81a
Requested by
Host: hw-cdn2.adtng.com
URL: https://hw-cdn2.adtng.com/delivery/idsync/ats/idsync.min.js?v=1678831200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.234 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
/
Resource Hash
c1849694bfd5515c282cfa65918cd1dde97475d3ee951ce7a3c5059a77ce5797
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-trace
2B22440C224B97F090FEDEAECB8A3CDBB24C0C2353000000000000000000
content-type
text/plain
content-length
36
x-request-id
6410F4C0-42FE72EA01BB9DE0-EFBFD
main.967759ee.js
onenavigation-ht.project1content.com/static/js/ Frame 95E3
520 KB
184 KB
Script
General
Full URL
https://onenavigation-ht.project1content.com/static/js/main.967759ee.js
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/main.167b1972.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
3cecbb35f01645014f6127aeeb5987c163871eec554082c6c6126791ecca1215

Request headers

Referer
https://landing.mennetwork.com/
Origin
https://landing.mennetwork.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
content-encoding
gzip
last-modified
Wed, 22 Feb 2023 14:21:43 GMT
etag
W/"66d6c6239-81ef8-5f54a9d89ebc0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10601515
x-cdn-diag
fra1-11014-1-26834-h-0-0---;11014-48-19750----0-0-0
expires
Mon, 26 Jun 2023 06:13:24 GMT
4321
navigation-api.project1service.com/v1/navbar/ Frame 95E3
14 KB
2 KB
XHR
General
Full URL
https://navigation-api.project1service.com/v1/navbar/4321
Requested by
Host: onenavigation-ht.project1content.com
URL: https://onenavigation-ht.project1content.com/static/js/main.967759ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.234 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
698a5b58d963544091e926cd9a9a7e123304218e25c79196235da439fc922516

Request headers

Accept
application/json, text/plain, */*
Referer
https://landing.mennetwork.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
content-encoding
br
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-trace
2B786D5FC2D43C2B3044546BEF73B5F7E57A5B8CFACCE8F9D2B922B7B000
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, private
access-control-allow-headers
origin, content-type, authorization, instance, X-Forwarded-For, USER-GEO, X-Geo-Replace
x-request-id
6410F4C3-42FE72EA01BB9DE0-EFC0A
619c04989f1884.68206371.png
images-assets-ht.project1content.com/Men/Logos/ Frame 95E3
11 KB
12 KB
Image
General
Full URL
https://images-assets-ht.project1content.com/Men/Logos/619c04989f1884.68206371.png
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
b4138f1592b78c7ed36565a52fc3359e0fdad01f99bb363c8b6bd3b4ae5285bd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:16 GMT
last-modified
Mon, 22 Nov 2021 20:59:04 GMT
etag
"4a38a5dd1-2dce-5d166e5185600"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10632729
x-cdn-diag
fra1-11015-1-9604-h-0-0---;11014-48-19750----0-0-1
accept-ranges
bytes
content-length
11726
expires
Sat, 06 Aug 2022 22:26:19 GMT
af706ceb-972f-a095-0a97-643057b868fc
landing.mennetwork.com/_xd/api/link/af706ceb-972f-a095-0a97-643057b868fc/origin/a/oldd/ Frame 95E3
36 B
654 B
XHR
General
Full URL
https://landing.mennetwork.com/_xd/api/link/af706ceb-972f-a095-0a97-643057b868fc/origin/a/oldd/af706ceb-972f-a095-0a97-643057b868fc
Requested by
Host: hw-cdn2.adtng.com
URL: https://hw-cdn2.adtng.com/delivery/idsync/ats/idsync.min.js?v=1678831200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.234 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
/
Resource Hash
c1849694bfd5515c282cfa65918cd1dde97475d3ee951ce7a3c5059a77ce5797
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://landing.mennetwork.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-trace
2B3E20C880D07FAE69DF836DDF7161A3505AEFFF6F000000000000000000
vary
Origin
content-type
text/plain
access-control-allow-origin
https://landing.mennetwork.com
access-control-allow-credentials
true
content-length
36
x-request-id
6410F4C3-42FE72EA01BB9DE0-EFC10
61f8066f8dfa78.52827888.webp
imageservice-assets-ht.project1content.com/m=bZi-b/assets/CorpFooter/01-31-2022/ Frame 95E3
3 KB
3 KB
Image
General
Full URL
https://imageservice-assets-ht.project1content.com/m=bZi-b/assets/CorpFooter/01-31-2022/61f8066f8dfa78.52827888.webp
Requested by
Host: landing.mennetwork.com
URL: https://landing.mennetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
74ca8b4abf60eaa04de4c82c6b70e480c352e3df84d6eba046d1044ab3cf5d1a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://landing.mennetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:27:15 GMT
last-modified
Mon, 31 Jan 2022 15:55:27 GMT
etag
"4d987d9c0-1a7b-5d6e2d02b39c0"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=10718519
x-cdn-diag
fra1-11028-2-6478-h-0-0---;11014-48-19750----0-0-0
content-length
2706
expires
Sun, 18 Jun 2023 15:30:39 GMT
events
atlas.atsptp.com/ Frame 95E3
128 B
617 B
XHR
General
Full URL
https://atlas.atsptp.com/events?app_id=10303&eventName=DTRACK&saffCode=eyJhIjo5NDk2LCJjIjo1NjU4NTQyNSwibiI6MjIsInMiOjU0MiwiZSI6OTA5NCwicCI6M30%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=MN&sconversionType=DTRACK&sconvertingPage=https%3A%2F%2Flanding.mennetwork.com%2F&suserAgent=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.64+Safari%2F537.36&sdmpId=af706ceb-972f-a095-0a97-643057b868fc&nvalue=1&nab=0&ssku=Marketplace&ninstanceId=239611&npageId=4637771&nadId=0&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&svortexGuid=a5ef0dbd-a1fd-483d-ba32-18a80a71e0e9&satlasJsVersion=1.7.1&_sscreen=1600+x+1200&_sbrowser=Chrome&_sbrowserVersion=111.0.5563.64&_bmobile=false&_sos=Windows+NT+4.0&_sosVersion=NT+4.0&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=Chrome+PDF+Plugin%2CChrome+PDF+Viewer%2CNative+Client&_errors%5B%5D=100&_errors%5B%5D=%2C
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vortex.modern.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.63 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
efad4cc949e1df9a6742e5fb0d00b8c1d7dfd9e04092b0ada78542faaa9a95e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.mennetwork.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 22:27:16 GMT
via
1.1 google
x-content-type-options
nosniff
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://landing.mennetwork.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-disposition
inline
timing-allow-origin
*
x-xss-protection
0
x-request-id
6410F4C2-42FE723F01BBACA8-4EECE8EE
63bdba6ee6d64c12826b8bff
events.launchdarkly.com/events/diagnostic/ Frame 95E3
0
344 B
XHR
General
Full URL
https://events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff
Requested by
Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/tour/vendors~main.1554cb1c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.5.126 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://landing.mennetwork.com/
X-LaunchDarkly-Wrapper
react-client-sdk/2.29.2
accept-language
pl-PL,pl;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Mar 2023 22:27:17 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
63bdba6ee6d64c12826b8bff
events.launchdarkly.com/events/diagnostic/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.5.126 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://landing.mennetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Tue, 14 Mar 2023 22:27:17 GMT
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| redirect

11 Cookies

Domain/Path Name / Value
e-garnitur.pl/ Name: PHPSESSID
Value: 7d5ad5bf270aa1874c16e897f13dc51b
e-garnitur.pl/ Name: locale
Value: pl_PL
.mennetwork.com/ Name: ats
Value: eyJhIjo5NDk2LCJjIjo1NjU4NTQyNSwibiI6MjIsInMiOjU0MiwiZSI6OTA5NCwicCI6M30=
.mennetwork.com/ Name: atsd
Value: d76a7f15-363b-4655-9967-8a9399a93f91
.mennetwork.com/ Name: atsm
Value: d76a7f15-363b-4655-9967-8a9399a93f91
.mennetwork.com/ Name: atss
Value: d76a7f15-363b-4655-9967-8a9399a93f91
atlas.atsptp.com/ Name: eta_guid
Value: 1639b1e6-bc7d-4b6d-b119-4207b6bea30f_1678832834
atlas.atsptp.com/ Name: sessionid
Value: b7b00cb3-8a83-451f-bc56-8b7120c6ae9a
.mennetwork.com/ Name: etaguid
Value: a5ef0dbd-a1fd-483d-ba32-18a80a71e0e9
.mennetwork.com/ Name: atstrackPiece1
Value: eyJhZmZVcmwiOiJwcm9qZWN0b25lLmNvbSIsImFmZkNvZGUiOiJleUpoSWpvNU5EazJMQ0pqSWpvMU5qVTROVFF5TlN3aWJpSTZNaklzSW5NaU9qVTBNaXdpWlNJNk9UQTVOQ3dpY0NJNk0zMD0iLCJuZXR3b3JrQ29kZSI6Ik1OIiwiVUlEIjoiOWMyOTFiYjUtNGNkNi00NmIzLWE5YTItNmYzNjNlMGYxMTAxIiwiU1VJRCI6ImQ3NmE3ZjE1LTM2M2ItNDY1NS05OTY3LThhOTM5OWE5M2Y5MSIsImRhdGEiOnsidmFsdWUiOjEsImFiIjowLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My42NCBTYWZhcmkvNTM3LjM2Iiwic2t1IjoiTWFya2V0cGxhY2UiLCJpbnN0YW5jZUlkIjoyMzk2MTEsInBhZ2VJZCI6NDYzNzc3MSwiYWRJZCI6MCwicmVmZXJyYWxEb21haW4iOiJodHRwOi8vb3JnYW5pYy8iLCJyZWZlcnJhbFBhdGgiOiJodHRwOi8vb3JnYW5pYy8iLCJ2b3J0ZXhHdWlkIjoiYTVlZjBkYmQtYTFmZC00ODNkLWJhMzItMThhODBhNzFlMGU5In0sImRtcCI6eyJkbXBJZCI6ImFmNzA2Y2ViLTk3MmYtYTA5NS0wYTk3LTY0MzA1N2I4NjhmYyJ9LCJkZWZhdWx0Q29kZSI6ImV5SmhJam81TkRrMkxDSmpJam8xTmpVNE5UUXlOU3dpYmlJNk1qSXNJbk1pT2pVME1pd2laU0k2T1RBNU5Dd2ljQ0k2TTMwPSIsInNwbGl0QXRsYXNEYXRhIjp0cnVlLCJzdGVwcyI6Inw7ZDt2O3Q7dSIs
.mennetwork.com/ Name: atstrackPiece2
Value: InZvcnRleGRhdGEiOnsiX3NzY3JlZW4iOiIxNjAwIHggMTIwMCIsIl9zYnJvd3NlciI6IkNocm9tZSIsIl9zYnJvd3NlclZlcnNpb24iOiIxMTEuMC41NTYzLjY0IiwiX2Jtb2JpbGUiOmZhbHNlLCJfc29zIjoiV2luZG93cyBOVCA0LjAiLCJfc29zVmVyc2lvbiI6Ik5UIDQuMCIsIl9zZmxhc2hWZXJzaW9uIjoibm8gY2hlY2siLCJfc2xhbmd1YWdlcyI6ImVuLVVTLGVuIiwiZ3VpZCI6IjE2MzliMWU2LWJjN2QtNGI2ZC1iMTE5LTQyMDdiNmJlYTMwZiIsImh3bW9kZWwiOiJVbmtub3duIiwiaHdmYW1pbHkiOiJFbXVsYXRvciIsImRldnR5cGUiOiJEZXNrdG9wIn0sInZpc2l0U3RhcnQiOjE2Nzg4MzI4MzQ1MzIsImNvZGVUeXBlIjoiYXRzIn0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
atlas.atsptp.com
clientstream.launchdarkly.com
e-garnitur.pl
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
hw-cdn2.adtng.com
images-assets-ht.project1content.com
imageservice-assets-ht.project1content.com
landing.mennetwork.com
navigation-api.project1service.com
onenavigation-ht.project1content.com
static-landing-assets.project1content.com
static2-ma-ht.project1content.com
t2775.am-track.pl
www.google-analytics.com
142.250.186.170
142.250.186.78
151.101.2.217
172.217.18.99
185.253.212.10
185.253.212.22
205.185.216.42
209.197.3.25
34.193.5.126
66.254.114.234
66.254.114.63
66.254.122.19
66.254.122.20
76.223.31.44
0506e729a6a6df818cb9572cc2a606f49c54b0c25d306c389d6233d266782da9
0bb85e6b1129bc1683bedbbbc038d2cff568c821c6d633337a20f470aab40cab
113e39eb955a7d9e51c4ac2c240e84e503a3edb5c12dec7f50876b443f69218a
15842d7665d0b50b48cbb26d07d0ef062895826eaa4ff50b35fb22c13873b7e5
255714f5ff19c14cfdd62060c264e5af88f6771e61df253778a02bd94c3ed62d
35598acd20349e1fe6a84aad36121c51589e7017a8855ccd3a2409479cdd7d72
38c3608f1c53b13cd5567fecc6957d3568be15148abe43819e32bad5aa5d18f5
3cecbb35f01645014f6127aeeb5987c163871eec554082c6c6126791ecca1215
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5559abb45bea00610c6c6b96f72320fdb4023fbfe28972666f424cc006fb907e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e1f62e7d5d9cdc2fbed468b2eac05c92ff994631dab4e53cd6ba7c1cdca2e8e
5eae6a1949cbaa5ae084766fa0b4ee494260e41bfe9dc278262df7c8d4e91ad3
6801d5bad36407d4ee862f2898ad16f0d5d437c0762ec1a407db8f92467cc4f7
698a5b58d963544091e926cd9a9a7e123304218e25c79196235da439fc922516
74ca8b4abf60eaa04de4c82c6b70e480c352e3df84d6eba046d1044ab3cf5d1a
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
8547483bda093e230ad365ae36e7994093426d5169d1ce7fae81eabc053acd7b
87338324967b0b4b3ccc444912bcb4e984806221405ac5a6a8fa0d07bab52590
8bbebd8556bfbbbd9cbb0d51cadd2a3c4417c5805f65f7feab7398d1fe1d9f69
9da4af19e2b762a00fba022fac757927be86fda74c2bffeb19fbea52ee010a7e
9f0d4844b78b60837f873fa1f9737832b86f1adba4fca44b3514d92e7d96a856
a6c2be2e26c576ed6481073790ee33682af6f5e37de18f74794514b8f7653762
a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe
afd551c3d5c4b8a4159dded8d3cca7a38b0c49f909dd14a8cfdbcb913a5b016c
b1e29b24158b874ded9ca0ad15fadcdd67a46cfd83ad61180fcfd347ed49be6d
b4138f1592b78c7ed36565a52fc3359e0fdad01f99bb363c8b6bd3b4ae5285bd
bfefc8bb4f8b9101cabf38df059cb9cf533f3de88c14d3e3ab6dca3cfc86b2ac
c1849694bfd5515c282cfa65918cd1dde97475d3ee951ce7a3c5059a77ce5797
c3f9f6048d6b2bc7481f4472f155e6ddd06f52745b59a6eb9b0c785382db80f2
ce087c55c6cfa777c2070304a44b3a756c57a31f124a9befcfe69af6bd103483
d1954ddfaa529aa964d6c881e672f040f2893e4360912afdea90ce39ee1b64ed
e15e628409729120e036a303e3c63e0aad22cfe22084b2887f1a7972ea5c7cfb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e724ff1b13f8d7494af09d0f4676fbf85ac1f73a85a985d5418e053cbd47f722
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
efad4cc949e1df9a6742e5fb0d00b8c1d7dfd9e04092b0ada78542faaa9a95e0
f09340bb20771744eb87756ef139864e099de9b979f2efe536413fa0d5a3e351
f7720435414e4f2fad6f202fcd716623ff4baedc8cf13830fde41b3e87c766c1
fe860b00110628e9d6e5d98b8c271732dbcebb3cd60f4e15f9304d6d7e55e24c