www.bankuj.com.pl Open in urlscan Pro
185.180.207.63 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bankuj.com.pl/
Submission: On September 28 via automatic, source certstream-suspicious (September 28th 2022, 7:55:15 am UTC) — Scanned from DE

Summary HTTP 22 Redirects Links 3 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 185.180.207.63, located in Poland and belongs to BIZNESHOST-AS, PL. The main domain is www.bankuj.com.pl.
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.

This is the only time www.bankuj.com.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
17	185.180.207.63 185.180.207.63		198414 (BIZNESHOS...) (BIZNESHOST-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a		15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003		15169 (GOOGLE) (GOOGLE)
22	3

17 185.180.207.63 (Poland)

ASN198414 (BIZNESHOST-AS, PL)
PTR: smrt5.h88-gda.cyber-folks.pl

www.bankuj.com.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	bankuj.com.pl www.bankuj.com.pl	2 MB
4	gstatic.com fonts.gstatic.com	51 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
22	3

	Domain	Requested by
17	www.bankuj.com.pl	www.bankuj.com.pl
4	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.bankuj.com.pl
22	3

This site contains links to these domains. Also see Links.

Domain
questjk.pl
kantorolawa.pl
ictw.pl

Subject Issuer	Validity	Valid
bankuj.com.pl R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.bankuj.com.pl/
Frame ID: E0FE7F9BFAE1B1DC6A5F552CD58D1B40
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

bankuj.com.pl – KANTOR

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2531 kB
Transfer

2841 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://questjk.pl/
Title: questjk.pl

Search URL Search Domain Scan URL

URL: https://kantorolawa.pl/
Title: kantorolawa.pl

Search URL Search Domain Scan URL

URL: https://ictw.pl/
Title: ictw.pl

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bankuj.com.pl/ 48 KB
8 KB 211ms
65ms Document
text/html 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: b7c5cc73751620d1cde9a056a572c7dbcd6d424e630ef5d9a5acc01734d4d3d0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 07:55:09 GMT
link: <https://www.bankuj.com.pl/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 style.min.css
www.bankuj.com.pl/wp-includes/css/dist/block-library/ 87 KB
11 KB 42ms
40ms Stylesheet
text/css 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:49:54 GMT
server: LiteSpeed
etag: "15b64-6333fca2-508b3be6240279f9;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10946
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 front.min.css
www.bankuj.com.pl/wp-content/plugins/cookie-notice/css/ 2 KB
736 B 53ms
51ms Stylesheet
text/css 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.2
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 6072346067391650cc9f1c7648c4b1db11072aa9972ad5b34c1e5911d33a0412

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Tue, 16 Jan 2018 12:42:56 GMT
server: LiteSpeed
etag: "881-5a5df350-fcb27ebf9dba527;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 653
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 64ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Requested by

Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b28bb10d1b574db881cdd742dbe4593c1344f78e3ba378350c51cbfcaec51da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 07:19:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 28 Sep 2022 07:55:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Sep 2022 07:55:09 GMT

GET
H2 200 all.min.css
www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/vendor/font-awesome/ 58 KB
12 KB 53ms
52ms Stylesheet
text/css 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/vendor/font-awesome/all.min.css?ver=1.0.0
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:51:20 GMT
server: LiteSpeed
etag: "e7ad-6333fcf8-6f18dd5735491e;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12374
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 style.css
www.bankuj.com.pl/wp-content/themes/blockwp/ 56 KB
11 KB 82ms
80ms Stylesheet
text/css 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-content/themes/blockwp/style.css?ver=1.0.0
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 1132ee8e2aab18c8f08ca7ec2d09920bd5527127ddbce9bee51b24b55752a6b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:51:20 GMT
server: LiteSpeed
etag: "dfda-6333fcf8-80acd15946572c52;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11021
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 jquery.min.js Show response
www.bankuj.com.pl/wp-includes/js/jquery/ 87 KB
30 KB 91ms
89ms Script
application/javascript 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:49:53 GMT
server: LiteSpeed
etag: "15db1-6333fca1-a455f1cf34beb5cc;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30273
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.bankuj.com.pl/wp-includes/js/jquery/ 11 KB
4 KB 120ms
119ms Script
application/javascript 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:49:53 GMT
server: LiteSpeed
etag: "2bd8-6333fca1-1f129d9bb8590fc5;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 front.min.js Show response
www.bankuj.com.pl/wp-content/plugins/cookie-notice/js/ 2 KB
688 B 122ms
121ms Script
application/javascript 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.40
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 94f410e1def1bfb997b82bdbbe700482465713087eb75eaee21b0c77ca84ec57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Tue, 16 Jan 2018 12:42:56 GMT
server: LiteSpeed
etag: "6e8-5a5df350-e14f562dac8b7920;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 627
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.bankuj.com.pl/wp-includes/js/ 18 KB
5 KB 51ms
50ms Script
application/javascript 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:49:53 GMT
server: LiteSpeed
etag: "48b9-6333fca1-4aeba61611063f59;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4619
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H3 200 coins-2825094_1920.jpg
www.bankuj.com.pl/wp-content/uploads/2017/12/ 714 KB
715 KB 51ms
51ms Image
image/jpeg 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankuj.com.pl/wp-content/uploads/2017/12/coins-2825094_1920.jpg
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 1079b31c05d3fbcf148d26831571eb885d988e42e5421e661fe2f6f6dc06031a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
last-modified: Mon, 08 Jan 2018 12:13:44 GMT
server: LiteSpeed
etag: "b28db-5a536078-809788d3225be5df;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 731355
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H3 200 navigation.js Show response
www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/js/ 3 KB
1 KB 49ms
49ms Script
application/javascript 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/js/navigation.js?ver=1.0.0
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: c3f54457974d1ef9d362a5ff3d50f53e71bcf476904b52f3b23f8ee23a186abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:51:20 GMT
server: LiteSpeed
etag: "bf6-6333fcf8-9ca4a0b1ad78db06;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 983
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/js/ 15 KB
3 KB 49ms
49ms Script
application/javascript 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/js/theia-sticky-sidebar.js?ver=1.0.0
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 1dbec753cfd0c5548e5ceb84d3ca357b19765374d0b7856d2b4d2943959da93b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:51:20 GMT
server: LiteSpeed
etag: "3a6d-6333fcf8-df41a094accb008a;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3011
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H3 200 custom.js Show response
www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/js/ 7 KB
1 KB 50ms
50ms Script
application/javascript 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/js/custom.js?ver=1.0.0
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 07f42344d0648524d970cea25aa79bb571ee8025e2f7f22002fc276c8ae2f48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 07:51:20 GMT
server: LiteSpeed
etag: "1d13-6333fcf8-e9bbf050e4b74a18;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1372
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 57ms
16ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bankuj.com.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 563327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 19:26:22 GMT

GET
H3 200 fa-solid-900.woff2
www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/vendor/webfonts/ 76 KB
77 KB 59ms
59ms Font
font/woff2 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/vendor/webfonts/fa-solid-900.woff2
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/vendor/font-awesome/all.min.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://www.bankuj.com.pl/wp-content/themes/blockwp/candidthemes/assets/vendor/font-awesome/all.min.css?ver=1.0.0
Origin: https://www.bankuj.com.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
last-modified: Wed, 28 Sep 2022 07:51:20 GMT
server: LiteSpeed
etag: "131bc-6333fcf8-6b929f3f2ef3a24;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 78268
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 60ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bankuj.com.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 83367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 08:45:42 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 75ms
35ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bankuj.com.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:23:11 GMT
x-content-type-options: nosniff
age: 99118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 04:23:11 GMT

GET
H3 200 money-2212965_1920.jpg
www.bankuj.com.pl/wp-content/uploads/2017/12/ 397 KB
397 KB 72ms
72ms Image
image/jpeg 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankuj.com.pl/wp-content/uploads/2017/12/money-2212965_1920.jpg
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 28afbf9ed55e44b342a31337eb2494810cbd5eaa61f4a43f39c52e2ade6b18e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
last-modified: Mon, 08 Jan 2018 12:12:49 GMT
server: LiteSpeed
etag: "632fa-5a536041-4fbaa9def6aa66bf;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 406266
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H3 200 money-laundering-1963184_1920.jpg
www.bankuj.com.pl/wp-content/uploads/2017/12/ 513 KB
514 KB 263ms
262ms Image
image/jpeg 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankuj.com.pl/wp-content/uploads/2017/12/money-laundering-1963184_1920.jpg
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 6976a4ba08d5fd2eca5cb3778463d0beb069ac49d8d234e4687ac122c3e5a805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
last-modified: Mon, 08 Jan 2018 12:11:44 GMT
server: LiteSpeed
etag: "8057e-5a536000-6f9b8519c9344c7c;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 525694
expires: Wed, 05 Oct 2022 07:55:09 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 36ms
31ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bankuj.com.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:50:36 GMT
x-content-type-options: nosniff
age: 561873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11792
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 19:50:36 GMT

GET
H3 200 money-2159310_1920.jpg
www.bankuj.com.pl/wp-content/uploads/2017/12/ 690 KB
690 KB 319ms
319ms Image
image/jpeg 185.180.207.63
BIZNESHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankuj.com.pl/wp-content/uploads/2017/12/money-2159310_1920.jpg
Requested by: Host: www.bankuj.com.pl
URL: https://www.bankuj.com.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.180.207.63 , Poland, ASN198414 (BIZNESHOST-AS, PL),
Reverse DNS: smrt5.h88-gda.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 04209c0d35d06cd29f3ddabf86bf58ed819d9269fc348ae89970d60a1336ccbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bankuj.com.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 07:55:09 GMT
last-modified: Mon, 08 Jan 2018 12:10:30 GMT
server: LiteSpeed
etag: "ac73f-5a535fb6-f9c28c87e4b45d3d;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 706367
expires: Wed, 05 Oct 2022 07:55:09 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings undefined| $ function| jQuery object| cnArgs object| nav_tag function| goToTop object| MenuToggleBtn_button object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.bankuj.com.pl
185.180.207.63
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04209c0d35d06cd29f3ddabf86bf58ed819d9269fc348ae89970d60a1336ccbd
07f42344d0648524d970cea25aa79bb571ee8025e2f7f22002fc276c8ae2f48a
1079b31c05d3fbcf148d26831571eb885d988e42e5421e661fe2f6f6dc06031a
1132ee8e2aab18c8f08ca7ec2d09920bd5527127ddbce9bee51b24b55752a6b8
1dbec753cfd0c5548e5ceb84d3ca357b19765374d0b7856d2b4d2943959da93b
28afbf9ed55e44b342a31337eb2494810cbd5eaa61f4a43f39c52e2ade6b18e2
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6072346067391650cc9f1c7648c4b1db11072aa9972ad5b34c1e5911d33a0412
6976a4ba08d5fd2eca5cb3778463d0beb069ac49d8d234e4687ac122c3e5a805
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
94f410e1def1bfb997b82bdbbe700482465713087eb75eaee21b0c77ca84ec57
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
b28bb10d1b574db881cdd742dbe4593c1344f78e3ba378350c51cbfcaec51da1
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
b7c5cc73751620d1cde9a056a572c7dbcd6d424e630ef5d9a5acc01734d4d3d0
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c3f54457974d1ef9d362a5ff3d50f53e71bcf476904b52f3b23f8ee23a186abd
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147