urlscan.io logo urlscan.io
SecurityTrails logo

refportal.orlenunipetrol.cz Open in urlscan Pro
91.231.171.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://testportal.unipetrol.cz/
Effective URL: https://refportal.orlenunipetrol.cz/client/index.html
Submission: On May 14 via manual from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 91.231.171.82, located in Lom u Mostu, Czech Republic and belongs to UNIPETROLRPA Litvinov, CZ. The main domain is refportal.orlenunipetrol.cz.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on December 11th 2023. Valid for: a year.
This is the only time refportal.orlenunipetrol.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 11 91.231.171.82 197875 (UNIPETROL...)
8 2
Apex Domain
Subdomains		 Transfer
10 orlenunipetrol.cz
refportal.orlenunipetrol.cz
4 MB
1 unipetrol.cz
testportal.unipetrol.cz
766 B
8 2
Domain Requested by
10 refportal.orlenunipetrol.cz 2 redirects refportal.orlenunipetrol.cz
1 testportal.unipetrol.cz 1 redirects
8 2

This site contains links to these domains. Also see Links.

Domain
www.orlenunipetrolrpa.cz
Subject Issuer Validity Valid
*.unipetrol.cz
GeoTrust TLS RSA CA G1		 2023-12-11 -
2024-12-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://refportal.orlenunipetrol.cz/client/index.html
Frame ID: FBFC399B4137707397BC59FBA3B22EFB
Requests: 6 HTTP requests in this frame

Frame: https://refportal.orlenunipetrol.cz/client/silent-renew.html
Frame ID: 18C8C307601A0B50F91716C272900041
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Unipetrol

Page URL History Show full URLs

  1. http://testportal.unipetrol.cz/ HTTP 307
    https://testportal.unipetrol.cz/ HTTP 301
    https://refportal.orlenunipetrol.cz/client/ HTTP 301
    https://refportal.orlenunipetrol.cz/client/index.html Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

4088 kB
Transfer

4090 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://testportal.unipetrol.cz/ HTTP 307
    https://testportal.unipetrol.cz/ HTTP 301
    https://refportal.orlenunipetrol.cz/client/ HTTP 301
    https://refportal.orlenunipetrol.cz/client/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://refportal.orlenunipetrol.cz/identityserver/connect/authorize?client_id=unpl&redirect_uri=https%3A%2F%2Frefportal.orlenunipetrol.cz%2Fclient%2Fsilent-renew.html&response_type=token%20id_token&scope=openid%20profile%20roles%20email&state=c6caab1416494c5fb2d156d95b64334c&nonce=a81b8191fcfb4ee99ab9270b1fa1061f&prompt=none HTTP 302
  • https://refportal.orlenunipetrol.cz/client/silent-renew.html

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
refportal.orlenunipetrol.cz/client/
Redirect Chain
  • http://testportal.unipetrol.cz/
  • https://testportal.unipetrol.cz/
  • https://refportal.orlenunipetrol.cz/client/
  • https://refportal.orlenunipetrol.cz/client/index.html
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refportal.orlenunipetrol.cz/client/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.231.171.82 Lom u Mostu, Czech Republic, ASN197875 (UNIPETROLRPA Litvinov, CZ),
Reverse DNS
ip-91-231-171-82.net.vodafone.cz
Software
/
Resource Hash
a4ac720c8de79b0aa01e3226aff03b5169422ba8435a0154b54c744d862f21c6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
2921
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Content-Type
text/html
Date
Tue, 14 May 2024 11:39:06 GMT
ETag
"0e672e5206fda1:0"
Last-Modified
Tue, 05 Mar 2024 17:16:44 GMT
Permissions-Policy
geolocation=(), camera=()
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
176
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 May 2024 11:39:06 GMT
Location
https://refportal.orlenunipetrol.cz/client/index.html
Permissions-Policy
geolocation=(), camera=()
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
main.bundle.js
refportal.orlenunipetrol.cz/Client/ 		559 KB
560 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refportal.orlenunipetrol.cz/Client/main.bundle.js
Requested by
Host: refportal.orlenunipetrol.cz
URL: https://refportal.orlenunipetrol.cz/client/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.231.171.82 Lom u Mostu, Czech Republic, ASN197875 (UNIPETROLRPA Litvinov, CZ),
Reverse DNS
ip-91-231-171-82.net.vodafone.cz
Software
/
Resource Hash
59cd1082c7eda41ce23e82b884f0c95199cdbad0823c81af01b619ed09d5bea9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://refportal.orlenunipetrol.cz/client/index.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 11:39:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Last-Modified
Tue, 05 Mar 2024 17:16:44 GMT
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
ETag
"0e672e5206fda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(), camera=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
572200
X-XSS-Protection
1; mode=block
vendors~main.bundle.js
refportal.orlenunipetrol.cz/Client/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://refportal.orlenunipetrol.cz/Client/vendors~main.bundle.js
Requested by
Host: refportal.orlenunipetrol.cz
URL: https://refportal.orlenunipetrol.cz/client/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.231.171.82 Lom u Mostu, Czech Republic, ASN197875 (UNIPETROLRPA Litvinov, CZ),
Reverse DNS
ip-91-231-171-82.net.vodafone.cz
Software
/
Resource Hash
fedebe357f3c1e3d3166e1f60fa39a7ea58f11a4b76746c6cdf116fab7e6081d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://refportal.orlenunipetrol.cz/client/index.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 11:39:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Last-Modified
Tue, 05 Mar 2024 17:16:44 GMT
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
ETag
"0e672e5206fda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(), camera=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3158122
X-XSS-Protection
1; mode=block
silent-renew.html
refportal.orlenunipetrol.cz/client/ Frame 18C8
Redirect Chain
  • https://refportal.orlenunipetrol.cz/identityserver/connect/authorize?client_id=unpl&redirect_uri=https%3A%2F%2Frefportal.orlenunipetrol.cz%2Fclient%2Fsilent-renew.html&response_type=token%20id_toke...
  • https://refportal.orlenunipetrol.cz/client/silent-renew.html
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refportal.orlenunipetrol.cz/client/silent-renew.html
Requested by
Host: refportal.orlenunipetrol.cz
URL: https://refportal.orlenunipetrol.cz/Client/vendors~main.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.231.171.82 Lom u Mostu, Czech Republic, ASN197875 (UNIPETROLRPA Litvinov, CZ),
Reverse DNS
ip-91-231-171-82.net.vodafone.cz
Software
/
Resource Hash
6558532e572c7435c8e973668f14672402bf86329825c694c9aaaf1b9f3f5c2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://refportal.orlenunipetrol.cz/client/index.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
1644
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Content-Type
text/html
Date
Tue, 14 May 2024 11:39:10 GMT
ETag
"0e672e5206fda1:0"
Last-Modified
Tue, 05 Mar 2024 17:16:44 GMT
Permissions-Policy
geolocation=(), camera=()
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, max-age=0
Connection
keep-alive
Content-Length
0
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'sha256-fa5rxHhZ799izGRP38+h4ud5QXNT0SFaFlh4eqDumBI=' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Date
Tue, 14 May 2024 11:39:10 GMT
Location
https://refportal.orlenunipetrol.cz/client/silent-renew.html#error=login_required&state=c6caab1416494c5fb2d156d95b64334c&session_state=p8oU3wZU9pEFejEvBm9nndvL9j-1THCZ6yhNcrZ6B7g.11991A7FB1AB2F149FA639C8C3339FB4
Permissions-Policy
geolocation=(), camera=()
Pragma
no-cache
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
oidc-client.min.js
refportal.orlenunipetrol.cz/client/ Frame 18C8 		355 KB
356 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refportal.orlenunipetrol.cz/client/oidc-client.min.js
Requested by
Host: refportal.orlenunipetrol.cz
URL: https://refportal.orlenunipetrol.cz/client/silent-renew.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.231.171.82 Lom u Mostu, Czech Republic, ASN197875 (UNIPETROLRPA Litvinov, CZ),
Reverse DNS
ip-91-231-171-82.net.vodafone.cz
Software
/
Resource Hash
35a44d0ac4a187a8651bd64c9df3838e12ed44eaff1c22f1751afc0866c94137
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://refportal.orlenunipetrol.cz/client/silent-renew.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 11:39:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Last-Modified
Tue, 05 Mar 2024 17:16:44 GMT
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
ETag
"0e672e5206fda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(), camera=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
363724
X-XSS-Protection
1; mode=block
silent-renew.js
refportal.orlenunipetrol.cz/client/ Frame 18C8 		118 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://refportal.orlenunipetrol.cz/client/silent-renew.js
Requested by
Host: refportal.orlenunipetrol.cz
URL: https://refportal.orlenunipetrol.cz/client/silent-renew.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.231.171.82 Lom u Mostu, Czech Republic, ASN197875 (UNIPETROLRPA Litvinov, CZ),
Reverse DNS
ip-91-231-171-82.net.vodafone.cz
Software
/
Resource Hash
398b1fd225b164195028d1808dcb808eb21d98e824ccefc821dbbddc0b202c2a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://refportal.orlenunipetrol.cz/client/silent-renew.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 11:39:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Last-Modified
Tue, 05 Mar 2024 17:16:44 GMT
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
ETag
"0e672e5206fda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(), camera=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
118
X-XSS-Protection
1; mode=block
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c390eed5207f517d5666124da554f5b164ebf6206a3ab9c9e58b38bd69357778

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
6b2eef571be8122c51c8a40ee589168a.png
refportal.orlenunipetrol.cz/client/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refportal.orlenunipetrol.cz/client/6b2eef571be8122c51c8a40ee589168a.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.231.171.82 Lom u Mostu, Czech Republic, ASN197875 (UNIPETROLRPA Litvinov, CZ),
Reverse DNS
ip-91-231-171-82.net.vodafone.cz
Software
/
Resource Hash
40b51636cc217336975d88631caff9c5a6169412936dd350e62043908473b3cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://refportal.orlenunipetrol.cz/client/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 11:39:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Last-Modified
Tue, 05 Mar 2024 17:16:44 GMT
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
ETag
"0e672e5206fda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
geolocation=(), camera=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79019
X-XSS-Protection
1; mode=block
favicon.ico
refportal.orlenunipetrol.cz/client/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://refportal.orlenunipetrol.cz/client/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.231.171.82 Lom u Mostu, Czech Republic, ASN197875 (UNIPETROLRPA Litvinov, CZ),
Reverse DNS
ip-91-231-171-82.net.vodafone.cz
Software
/
Resource Hash
3bd370c7f967321b506bbf7755f02e138d14ccbfa6655a1f20667c8e92bca9ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://refportal.orlenunipetrol.cz/client/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 11:39:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Last-Modified
Tue, 05 Mar 2024 17:16:44 GMT
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
ETag
"0e672e5206fda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Permissions-Policy
geolocation=(), camera=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1142
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webpackHotUpdate object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime function| _

9 Cookies

Domain/Path Name / Value
refportal.orlenunipetrol.cz/identityserver/connect Name: f5avraaaaaaaaaaaaaaaa_session_
Value: NKKBLFMFNNNPKCIDFFDBPFGIEJLGIGFLEKEKJLEIEHDFNOJNDDIEJAGFMPPJHNBOODMDAMDNCNPFLLFBGJGAOLHCBENIBLNKPKBJFFBKMEPJCIGJCBBMCHCOGBHOPJGC
refportal.orlenunipetrol.cz/client Name: f5avraaaaaaaaaaaaaaaa_session_
Value: NIBFJAOAMHKHHLHMINLGBBJILJFLAKAACEJDIFMHJFJCPMLBLDPOJILLMKDGPEGMNINDAFLMPNACHEDFGCBADHEOAEOHNOGGOKGHPCOIIHLHDGAJNBOHJKCGEGMELDPA
refportal.orlenunipetrol.cz/client Name: f5_cspm
Value: 1234
refportal.orlenunipetrol.cz/Client Name: f5avraaaaaaaaaaaaaaaa_session_
Value: DHFBOIJCBILDMLHFDBEGDIIDLDONNKNHJAEBPOIFJLJIKLNIFCMNAFHJBEJONDKENFADFDBGPNKBOOPHPANAJOFEAEFJGLCCABCPPLEJGNBAIPLHBDBBIILKNEJLIDHJ
testportal.unipetrol.cz/ Name: BIGipServertestportal.unipetrol.cz
Value: 1392377610.47873.0000
testportal.unipetrol.cz/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: BBBNNLHEGGHHKGMMDADAFKLJNJMMIKCHNDKCOGMGGHICGLJGFIJNHEBFPANLNNOIPPFDDLFJONDNHCLJEBEANLEKAEDLDNBGACCOJOEPGMBMILEGCPOJDPPCAMONKMHO
testportal.unipetrol.cz/ Name: TS01266598
Value: 01ccf0f938cf5c94becf68e11da029efe46da9733c5871ab1fb1a0eae142d4ed5588afe33e42fd0a7e5c4c115b91bb5e3c2333bc2dba0b57b031f089de95f1f3a30d91d12cf07ee284543369feb97732e5427259a0
refportal.orlenunipetrol.cz/ Name: BIGipServertestportal.unipetrol.cz
Value: 1375600394.47873.0000
refportal.orlenunipetrol.cz/ Name: TS01266598
Value: 01ccf0f938549c7af9c64b3abbb47e9b416042fec9ee96ddb1e51457fd92f69185917fbc1a52865b14655c051364885856b3d29567c8fd7e74456e5447e3c1026f378fa3a2cdae7d5e801064a196237af038b04df56152b9ed49a81e0329d6777484aa22ac

1 Console Messages

Source Level URL
Text
security error URL: https://refportal.orlenunipetrol.cz/client/index.html(Line 46)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-WINDOW_NONCE'". Either the 'unsafe-inline' keyword, a hash ('sha256-2QjwqIzIL+y7I+55UEuRWuAQLyNQ21qm2brD6puei7c='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; style-src 'self' 'nonce-WINDOW_NONCE'; script-src 'self' 'nonce-WINDOW_NONCE'; img-src 'self' data:; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block