orlentankowanie.online Open in urlscan Pro
66.29.132.128  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response orlentankowanie.online/	256 KB 75 KB	1285ms 922ms	Document text/html	66.29.132.128 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.132.128 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS business141-5.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash 72ddd8bcbe91e9697cf7b20767f8bfbb24aed465fc381d11b367db067be3f9f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority orlentankowanie.online :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:53 GMT server Apache x-powered-by PHP/7.2.34 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache set-cookie PHPSESSID=00c2d23eea9861ea672fbb19532ddfe2; path=/ _subid=1pfilpmraj; expires=Wed, 11-Aug-2021 06:42:53 GMT; Max-Age=86400; path=/; domain=.orlentankowanie.online _token=uuid_1pfilpmraj_1pfilpmraj61121fed732ea8.10964001; expires=Wed, 11-Aug-2021 06:42:53 GMT; Max-Age=86400; path=/; domain=.orlentankowanie.online 72e8a=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjNcIjoxNjI4NTc3NzczfSxcImNhbXBhaWduc1wiOntcIjNcIjoxNjI4NTc3NzczfSxcInRpbWVcIjoxNjI4NTc3NzczfSJ9.gp6Jpq6l6StE8i67gHDhbvlqMTzr-ghyxJrxcxoeVh8; expires=Wed, 11-Aug-2021 06:42:53 GMT; Max-Age=86400; path=/; domain=.orlentankowanie.online accept-ranges none vary Accept-Encoding content-encoding gzip content-type text/html; charset=UTF-8 x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade
GET H2	200	fonts.css nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/css/	3 KB 1 KB	287ms 201ms	Stylesheet text/css	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/css/fonts.css Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18a0e0421eaef34110d9fd15e6ea428cf97b7c8de3fc4e2dcb05e3a05d8c8d44 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-bf4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzQuXi2q7QSv2MClGDWBbH9MSeQT%2BJ7XJFI%2FRKaN%2BOGbUO%2Fb79yJ3%2FaKpAcxETCzO8dwCi7DFrEmT2fZPjFSGIeFWuD9QSnaSp%2FSSN9lor6cCuHPRdBoeZGNEhn3GJsevCwty3gE7V0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fbe620b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	app.css nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/css/	828 KB 75 KB	448ms 362ms	Stylesheet text/css	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/css/app.css Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf9c6377d906fced868ff9de0166087d1c428f7f5de6000837d13ebb3c64626c Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-cefd9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRWJ6yLxFpQeC52%2FTLgNZ2XczYudLNiIcycAGyvg5JPgz8y9h%2F%2BlVVHSyZLu2uUNoocEOKKsUOf5jT1RnPCAshaZELPvqsCPsGcdvOPcT8LmNkz4O2OY1X%2FRmEkuMaykUG24yOb5HHA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fbe660b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	slick.css cdn.jsdelivr.net/npm/slick-carousel/slick/	2 KB 936 B	23ms 6ms	Stylesheet text/css	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/slick-carousel/slick/slick.css Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 841 x-jsd-version 1.8.1 x-cache HIT cross-origin-resource-policy cross-origin content-length 569 etag W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ" x-served-by cache-fra19147-FRA x-jsd-version-type version date Tue, 10 Aug 2021 06:42:53 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	ion.rangeSlider.min.css nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/css/	11 KB 2 KB	267ms 182ms	Stylesheet text/css	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/css/ion.rangeSlider.min.css Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-2b4c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY9o0%2BFQCrOg8squqcDu77s9y47lKmFBrAP%2Ft4IqIsRmXsPaUGbiUvE8klPkmBoeds5q4InfZAO3wdZBOqvwIRPLuwCaR57KFQXKWxH%2F0Si7tVcReWRomTEUoros83E2xoupMpEyMqU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fbe670b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	jquery.fancybox.min.css nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/css/	12 KB 3 KB	279ms 194ms	Stylesheet text/css	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/css/jquery.fancybox.min.css Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-31fb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43MVucYjymt5o%2ByfPRqGZ1mmsZNQ%2FdRN3sH%2BjsqULGzA9opDsDXVvTZXJOCtVXsrOX38tgExwSL24fauvNgnzmbRGC2W0pL1wBebMb3bqpPJeSb3BekA3zIRMUfhv%2FTp6kWvAqfvMI0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fbe680b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	jquery.min.js Show response nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/	86 KB 32 KB	352ms 267ms	Script application/javascript	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/jquery.min.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-15853" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYpytdhTSX7q7RF7mXJizg2qSzQ0WcvgShfmdvldyKunyWtpZX4ceMmvNo2tyDrO2IEjPTKteqnof07h%2BEk7BxvM%2FuKoGAbxvfkxaHyAsH7wx37SAEz7a8rYCVfR2%2BVZZ5lSCabACgM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fbe6c0b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	video-js.css nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/videoJS/	40 KB 10 KB	278ms 194ms	Stylesheet text/css	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/videoJS/video-js.css Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e76177722cff7661c6bf7cc77b62223a75a62b8238d029001b6a5c25e78a417 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-9ed4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OalE72zsHZlj6o27TGo%2Bmp%2FIUIOMPQHNuHiUF2yVjS9EtnERe71l394HinK5UaGF%2FAtNJrAN3PwQo%2BmorsXYu%2FL%2FBuMc8AXN9eNpDJCt4HyrYDGYtES%2B9VplFMHmfO8ldcvgMF7k%2BKk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fbe690b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	video.js Show response nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/videoJS/	1 MB 334 KB	538ms 453ms	Script application/javascript	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/videoJS/video.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8219db78d5db06a830f306f6b6e3cf4762d6fe2e7e3a5f5e726cd2c6893b6e4 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-173acb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoIQjpHl%2FVJRCLFU5H%2FVsFVwOhjn5prN8x5SMb4%2BmUZAqj1gx7kQ3qxZynfZ4%2F57pGj8W6zVfxmdYwftmnnkM8lf65JNJPsSzI2xFQyK4UJQShFhSu1vVI5pxgddPjSLJSnIJqppYhA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fce890b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	ion.rangeSlider.min.js Show response nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/	40 KB 9 KB	281ms 196ms	Script application/javascript	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/ion.rangeSlider.min.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd9603ca964bc0cc45314f6906cdb9f58ce78b1386a51cafe27aefc79f5c697a Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-a0fb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pA19oZsPnhQ%2FeZHTw%2BgOKf9ppeX0dXhgP99UzOb4EEwzkMTcfNyXTM642ytth%2B1Lmjos578tOG41Rgpy3605IhCLrhmTSF%2FGcu076bF03LXTeWoaFeySD0GuuRrjmy%2FXEd%2BgqfU7OME%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fce8c0b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	jquery.fancybox.min.js Show response nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/	67 KB 22 KB	123ms 39ms	Script application/javascript	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/jquery.fancybox.min.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c02caf2a0f16318965676fd4b265265728d64fba2794a20b07151a4e891fca6 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55400 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-10aa9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nguxptUQjaW0ctSC8ORX8ZrydVthXzQNmlxZp9PdbVCTheiAclQkXECzfuxhn%2FK99Q9a42jCwYJqmoUP%2F4vhGGhfM7h2utwc8nDYNbDqmz8807YOVyrxL9jz3M48XNcR0B20%2F7omVC0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fce880b47-AMS expires Thu, 19 Aug 2021 15:19:34 GMT
GET H2	200	intlTelInput.css nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/css/	26 KB 3 KB	279ms 195ms	Stylesheet text/css	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/css/intlTelInput.css Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b90a83b5da88f7aedfa00b49bcdec40681a297a9967b4fb56955ad68bd382b66 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-6648" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GII9e2dCWmSufe6CkMm2jCAt97cXhrpU%2FUwypOteoUyY360PPJ0Gah1wGSoTc%2Fvt9MqwhginKLY%2BhMsyT7YJoQj6T7N%2FVGAC%2FybT7B1cBQZ4xzVokjgblXdgG8m76yJJLgCjt%2BjiEZs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fbe6a0b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	registerForm.css nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/	2 KB 858 B	267ms 183ms	Stylesheet text/css	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/registerForm.css Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6185c4ecfedfdb5e9b9e84c20e9b080c3700fb643d50898020fb5fef9e119a3a Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-625" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2ByyDiVg7xaYXqagp3dOHqG%2BVNFbr%2FPpm%2Fe3KXF%2FTVnmFQfR75J%2BR4b0zK%2B4DxCAmYjeUdvQI3saH7VPE4n14rWFdHIucM5FTvtAOGlBQojAgdk8O%2FuGYVdMUD3KHIDV6veoKu14fjs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f2fbe6b0b47-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	200	9.svg nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	2 KB 2 KB	191ms 189ms	Image image/svg+xml	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/9.svg Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-70a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pViRIKb2ylbmNOxZlwK0gWe182TjOwh3ZeD2%2Bx%2FdLEbBCTP1h81r7fzWYCt%2BuYcOU6K4YHgSceUaGoQTN6BbNtzairnPyiG467J6b0rfxkIeIRs%2Foo9uJxBTMxvCjiHKvjAqzA%2FY%2FoQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f335ecc0111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	200	gerb.png nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	25 KB 26 KB	29ms 26ms	Image image/png	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/gerb.png Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e1af272e19a4e8bc389478e7acbb3210362aaf7032ea5b8e40d47dfc9d4410d Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55398 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 25587 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-63f3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p202v2Y%2FxW2OUZQ6xRR9Ap6%2FkcXOennlNH9X2qUbK0RBtgE5ql9fbDsZMycJriGr%2BU6tawo8q8xCJf8xqhrc0xGTiSxTiQYt3HPQZ4IlsuOM2WBlMHDH%2B9oG8%2FwwHLxvG7cHRxFIUgM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f335ed00111-AMS expires Thu, 19 Aug 2021 15:19:36 GMT
GET H3-29	200	preloader.gif nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	9 KB 9 KB	210ms 207ms	Image image/gif	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/preloader.gif Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d645c0ce08af9538f2ee909785e6bd6fd19c314fc28f2e58435d0af82d04cd23 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8852 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-2294" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOlPiiApIZ3NeH1Gv5bXsGtFw9r1wKxJKNxuwfMr%2BDCs%2F7bkcrqbu782Y7%2BZZSkjotvFCcZJjoPepcS3fwF1RACu94DYsMwxJmRw2VBbt7KfSzVUjke9EX5WES9fOjDUGJLl4qm7810%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f336ed10111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	recorder.js Show response rec.smartlook.com/	28 KB 8 KB	30ms 7ms	Script application/javascript	2a02:6ea0:c700::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://rec.smartlook.com/recorder.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 0e3c841c28188727d5c05b06175884d9331ab32bf6b179c16e20ffaf6e89e7cb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br x-77-nzt-ray iSjPZLnek6M= x-77-cache HIT x-cache HIT x-age 396 x-77-nzt AcO1ry+N1hXvjAEAAA== x-accel-expires @1628577978 last-modified Wed, 02 Jun 2021 07:23:38 GMT server CDN77-Turbo etag W/"60b731fa-6f2c" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control public, max-age=600
GET H3-29	200	10.jpg nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	77 KB 77 KB	340ms 337ms	Image image/jpeg	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/10.jpg Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 78371 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-13223" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCqJQJPctU0HdezWOeJJP%2By%2B0vq9hpcL4vIlE3Ps8gHfORcyGWLA42EjwRdy9wBj9cg%2BY7n%2FAngd7dV1QsNTYrzKYUM25V%2Bmp%2BStPGKxmPwbfvNGxiVwvkCk9XHketjAPU%2BeEqs9BZw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f336ed20111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	200	11.png nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	1 MB 1 MB	130ms 127ms	Image image/png	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/11.png Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55398 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1150172 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-118cdc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrBeZiaotU65uK%2B0n4zRYN1UkLaSSAGackyY2B0h1kG%2FMLf%2BQDmmCUq0D%2FVJfy7B1AyP0YTtsvp8cx9lAisPNEv9r7NXphmEuxQvTjF6s83f8EGk4o%2FnEY58yaL7Vv16xO%2BqCOtasg0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f336ed30111-AMS expires Thu, 19 Aug 2021 15:19:36 GMT
GET H3-29	200	12.png nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	577 KB 578 KB	47ms 44ms	Image image/png	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/12.png Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55397 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 591037 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-904bd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nc3pY08hUJ0cR0WDgMT8MHxJECSSBMjPfNovQmRA0rNHr%2FksQmRUPk4%2FbdfRGvnvoXiNx2wQBPGA%2B5OBUnXzRzUYujtasytEqIDf%2BHiO%2FqsgcOJZ%2FkOOrJSPv1IrVmxNhitqHMfIrs%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f336ed40111-AMS expires Thu, 19 Aug 2021 15:19:37 GMT
GET H3-29	200	13.png nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	617 KB 618 KB	341ms 338ms	Image image/png	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/13.png Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 631847 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-9a427" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRjvhj9ObI3MpNrC3mcABGZSvf44v6BajiW4WnaVgKDjUa4pVGols8hxaE8j8X6ypOzoJ5wb0U5rJ10bNeVSva%2F5UZ0mWJBhnRI9kRghQyFe9f08iSWH02IArl%2F1YJP%2FZvZzuRCWvlA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f336ed50111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	200	14.png nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	1 MB 1 MB	342ms 339ms	Image image/png	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/14.png Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1166276 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-11cbc4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxigBpmBzXKcSG%2FuR4YYKsHIBhdMA2cOCcDa6vok3PdV1n0l01hEHeDUnjaw3GggD5Ei%2FM14MX8GYS2YjtBUo4D11c06f1OjEdQC2p%2BNyUtfE%2BxM1GG2l8%2FqS4GKgbb8hjVnZjL5bOM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f336ed60111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	200	15.jpg nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	3 MB 3 MB	343ms 340ms	Image image/jpeg	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/15.jpg Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 2746610 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-29e8f2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58PfULCfnR0ob4j9qbyc9VPApljZF8m88bXbBzJmvPzVp5Cmxv20oSwkHKHgEz664RKxFRQo1rA98lCcxoZbwpQntA2ZUNiEJiE2Ofw%2BNzp%2FBbhMrbYg7TAQrKmVEGMHsW%2FuAzA3Gu8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f336ed70111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	200	16.jpg nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	57 KB 57 KB	344ms 341ms	Image image/jpeg	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/16.jpg Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 57989 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-e285" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYyhiUIG3AbYUUlEdYp1RO6oRgsW35sziFmSJQVUPdFYBNOqFDiuC7sU7R76X3zHslbJ0bdLF0kGnzIu6ZGvUK7O9KSz%2FSOrM2IzIh93EliQjylHkPhYUgPf3xaUQu3AQBRpBTAoB%2Bw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f336ed80111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H2	200	slick.min.js Show response cdn.jsdelivr.net/npm/slick-carousel/slick/	42 KB 10 KB	6ms 6ms	Script application/javascript	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/slick-carousel/slick/slick.min.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 14890 x-jsd-version 1.8.1 x-cache HIT cross-origin-resource-policy cross-origin content-length 10429 etag W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs" x-served-by cache-fra19147-FRA x-jsd-version-type version date Tue, 10 Aug 2021 06:42:54 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H3-29	200	intlTelInput.js Show response nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/js/	88 KB 21 KB	298ms 274ms	Script application/javascript	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/js/intlTelInput.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82a3ec7fe8e0ea7fe1eb2624f0707244f8086f9cd06fef732e995d7973d8dd5c Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-15fcd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNN6foeM6nPUgLZHQ2acvrGx4oYlymWDHzeT4i5fJAY3pbnuPqpl9qRhIZt1kC5o0vRpw2D0ORfjAamh75BoDttoo7EkM8XTfayFLSxXJjucfwBwVLDER4I3fo9Jm2QJ2pM%2BSVoe%2FB4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f327dcf0111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	200	registerForm.js Show response nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/	10 KB 4 KB	184ms 183ms	Script application/javascript	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/registerForm.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9138db58347179730b3b457bd9fdb545b9c50b04cbbbd68dcb791d1a574ae0de Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-275e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fpur6pNiSXYCgGizWiF9jpiTgCTpqNXTFFoXui9xPn%2B3gQQezAIlaHYoLOHGwLx1RvmFErcGVHumj1B%2B6tlRV6IGpLJJeq6yv0NqgBUGMc8oUNjKVqtEVIkh051%2BgzvNuLtZLVUB6mU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f333ea10111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET BLOB	200 OK	09e54420-ad67-43c7-90fa-e014381d7217 https://orlentankowanie.online/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://orlentankowanie.online/09e54420-ad67-43c7-90fa-e014381d7217 Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	206	STRATEGIA.mp4 video.showoffer.ru/orlen/	320 KB 0	136ms 17ms	Media video/mp4	2606:4700:3035::ac43:a2a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.showoffer.ru/orlen/STRATEGIA.mp4 Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:a2a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://orlentankowanie.online/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Mar 2021 09:09:41 GMT server cloudflare etag "60473b55-e25899" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvqUb4jxDbeDVRUpKTTPD2VDai%2BXesGK2XBA12tcQR73YCGUIMBRhpuMKJ5k9nSI8ofKKFTLq8Yo4Py8NyQQhHaB48y3l0utOJWLom%2FUPe9SoFjN%2B1j2Sq8hLkCKP9B6Z%2FscHS27qGAiu%2FHoNGXnVZU%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-14833816/14833817 cf-ray 67c73f34cfec16e6-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Content-Length 14833817
GET H3-29	200	arrow.png nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	2 KB 3 KB	184ms 184ms	Image image/png	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/arrow.png Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14e1001118a4f9c12416a62abd82bf27297f63e0155220f0c7515e23ae43610a Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 2190 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-88e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EICAn0GgaMrqSl%2BVmuo2m%2F%2Fy8H6tiRdXUPz4wpVhean3eewa2VHRK%2FMQEvRmx4kRNAh4O7VneyZRNJirqi0TH7OUKeHNVpYRy3G6dv%2F07cnemulrvHevF1IS7h5IhJ%2Ba%2FSve6Einh4Y%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f343ff90111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	200	arrow1.png nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/	2 KB 3 KB	183ms 183ms	Image image/png	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/img/arrow1.png Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a47586f8967de7e9e530eddc3e6e5b8a977f217d03bd89ec065765a590ad062 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1988 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-7c4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4slrdMVlXPXePgezHdSDsfE%2BSMLpfXBdumZ4p%2BQFdqVt8Q06ellkpKM76UjrbG5zgB%2BvDmVkWz9lQdS7Y%2FAQ0YCe0iqscFMaz8mUV4%2BYhtOa4jk1CkYJRhbwtichxLE9WzKDCivzVuU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f343ffa0111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET DATA	200 OK	truncated /	4 KB 4 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fe425a4f92df6dac0628adfbd3c931fc75988842caad39f3745a109e4a9f459e Request headers Origin https://orlentankowanie.online Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	country.json Show response get.geojs.io/v1/ip/	80 B 834 B	58ms 23ms	XHR application/json	2606:4700:20::681a:64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://get.geojs.io/v1/ip/country.json Requested by Host: nuserikingjetpitch.cf URL: https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b53ccd8222f1d0d4d9e319920771ee9bc13b5a90e50d8598135fc05504e03996 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods GET alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-request-id 9d464a26ef9448276344b1f2a6c7c608-AMS x-geojs-location AMS pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z3LPPparm9p0qj4vES9hoj8Ramwj6lXcGkTHXQ%2BnF5RD6XbB1Lf6bHLMlUBNrJibTM1SQndagiU8EG2N%2BnaQHp%2Fztuiqp3jePBZ8fwi6Pt%2FB7rCwTpq%2FyINg8HN0YfOphjXM6jJZBqCQA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, private, max-age=0 cf-ray 67c73f34bec54e6d-FRA
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	28ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 25944 x-xss-protection 0 pragma public x-fb-debug Jx23kdr0aX+0fgkfA8/flCbkSRTG6Z31kHQL+sEeueaydtUeFecXJj5NZieNE00iKv8wuc/T9Tm1c5OToOHQqA== x-fb-trip-id 686109401 x-frame-options DENY date Tue, 10 Aug 2021 06:42:54 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tr www.facebook.com/	44 B 297 B	31ms 11ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr?id=undefined&ev=PageView&noscript=1 Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:54 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 10 Aug 2021 06:42:54 GMT
GET H3-29	200	flags.png nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/img/	69 KB 70 KB	342ms 341ms	Image image/png	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/img/flags.png Requested by Host: nuserikingjetpitch.cf URL: https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/css/intlTelInput.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55 Request headers Referer https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/css/intlTelInput.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:55 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 70857 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag "61113884-114c9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RU9Cqvvycqtv0eP6eerKAmmLnR920g5jB74ROKGSp41qWX1LJj5Pe64K5zbAmCbt6MK3OF1opd4Ra1Gpv3QxA6%2FrdY4c1iWtADSEGekaJf3wjnkjyxT7hdV2qs0uWjoLWdIwVIYZjc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 67c73f3498ad0111-AMS expires Fri, 20 Aug 2021 06:42:54 GMT
GET H3-29	206	STRATEGIA.mp4 video.showoffer.ru/orlen/	199 KB 0	44ms 32ms	Media video/mp4	2606:4700:3035::ac43:a2a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.showoffer.ru/orlen/STRATEGIA.mp4 Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:a2a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://orlentankowanie.online/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=327680- Response headers date Tue, 10 Aug 2021 06:42:54 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Mar 2021 09:09:41 GMT server cloudflare etag "60473b55-e25899" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCA4Y8ngzMWSs7OcHABGyYYJQKl97RsHrak1%2FBBWL7AJiZVCyP6caiaJHZYlW%2FknVsQip9ZvfCiBeIh%2FuhH5ZXHhNjkZcnj4Z%2BfhJc8P%2Fp3nkr%2FY9iRYuFASEImfT5QNTe7AtTCmGeKvcaLbNnVFv2M%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 327680-14833816/14833817 cf-ray 67c73f357b0dbed8-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Content-Length 14506137
GET H3-29	206	STRATEGIA.mp4 video.showoffer.ru/orlen/	132 KB 0	25ms 25ms	Media video/mp4	2606:4700:3035::ac43:a2a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.showoffer.ru/orlen/STRATEGIA.mp4 Requested by Host: orlentankowanie.online URL: https://orlentankowanie.online/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:a2a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://orlentankowanie.online/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=524288- Response headers date Tue, 10 Aug 2021 06:42:55 GMT cf-cache-status DYNAMIC last-modified Tue, 09 Mar 2021 09:09:41 GMT server cloudflare etag "60473b55-e25899" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TazBOscwk0%2FXjQSRM62PTB0C66f9G8fairDL4BM%2F0wEwQgOILK4by2zVE1YNjh11goBmJZIYY5gWqKy1wFMg3TcFUVfldXi3Ngj9QGnt41gYAmsDe6PSG%2FIN7GW%2Bt4sY%2FDC5OrLz%2F5LaPh61lK4YjnU%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 524288-14833816/14833817 cf-ray 67c73f35fb25bed8-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Content-Length 14309529
GET H3-29	200	utils.js Show response nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/js/	241 KB 57 KB	356ms 354ms	Script application/javascript	104.21.22.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/js/utils.js Requested by Host: nuserikingjetpitch.cf URL: https://nuserikingjetpitch.cf/lander/orlen/site/orlen-pl/js/registerForm/intlTelInput/js/intlTelInput.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.21.22.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a93c846be3b67641e934001d40a28b572fa7fb93d9cb2cd2f61cef4222daa135 Request headers Referer https://orlentankowanie.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 06:42:55 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Mon, 09 Aug 2021 14:15:32 GMT server cloudflare etag W/"61113884-3c549" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbVVfVmGGGFHeasiGrIAZDIiUwGTGHxMyQ4V%2FQXuBnX608%2F0LASXmZ0axjRpviL5ZapkBcDH7q919ZKXolhXiIGG6ohOwFF%2FV6Hf5D4BOpSTNe0r2FpxCIY8Hc12zji7iahQ5kPzMY4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 67c73f39af9d0111-AMS expires Fri, 20 Aug 2021 06:42:55 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKN Orlen (Extraction)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| smartlook function| $ function| jQuery object| vttjs function| WebVTT function| videojs function| randomPlace function| randomInteger function| getURLParameter object| intlTelInputGlobals function| intlTelInput function| checkValidation function| check function| validInput function| invalidInput function| getUrlParameter undefined| pix function| fbq function| _fbq object| input string| value object| intlTelInputUtils

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.orlentankowanie.online/	1970-01-19 20:24:24	Name: 72e8a Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjNcIjoxNjI4NTc3NzczfSxcImNhbXBhaWduc1wiOntcIjNcIjoxNjI4NTc3NzczfSxcInRpbWVcIjoxNjI4NTc3NzczfSJ9.gp6Jpq6l6StE8i67gHDhbvlqMTzr-ghyxJrxcxoeVh8
			.orlentankowanie.online/	1970-01-19 20:24:24	Name: _token Value: uuid_1pfilpmraj_1pfilpmraj61121fed732ea8.10964001
			.orlentankowanie.online/	1970-01-19 20:24:24	Name: _subid Value: 1pfilpmraj
			orlentankowanie.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: 00c2d23eea9861ea672fbb19532ddfe2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://orlentankowanie.online/(Line 1449) Message: undefined
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Invalid PixelID: null.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
get.geojs.io
nuserikingjetpitch.cf
orlentankowanie.online
rec.smartlook.com
video.showoffer.ru
www.facebook.com
104.21.22.232
2606:4700:20::681a:64
2606:4700:3035::ac43:a2a6
2a02:6ea0:c700::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:3::485
66.29.132.128
029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e3c841c28188727d5c05b06175884d9331ab32bf6b179c16e20ffaf6e89e7cb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9
14e1001118a4f9c12416a62abd82bf27297f63e0155220f0c7515e23ae43610a
18a0e0421eaef34110d9fd15e6ea428cf97b7c8de3fc4e2dcb05e3a05d8c8d44
1c02caf2a0f16318965676fd4b265265728d64fba2794a20b07151a4e891fca6
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
4e76177722cff7661c6bf7cc77b62223a75a62b8238d029001b6a5c25e78a417
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5e1af272e19a4e8bc389478e7acbb3210362aaf7032ea5b8e40d47dfc9d4410d
6185c4ecfedfdb5e9b9e84c20e9b080c3700fb643d50898020fb5fef9e119a3a
6a47586f8967de7e9e530eddc3e6e5b8a977f217d03bd89ec065765a590ad062
72ddd8bcbe91e9697cf7b20767f8bfbb24aed465fc381d11b367db067be3f9f7
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
82a3ec7fe8e0ea7fe1eb2624f0707244f8086f9cd06fef732e995d7973d8dd5c
83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca
9138db58347179730b3b457bd9fdb545b9c50b04cbbbd68dcb791d1a574ae0de
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0
a93c846be3b67641e934001d40a28b572fa7fb93d9cb2cd2f61cef4222daa135
b53ccd8222f1d0d4d9e319920771ee9bc13b5a90e50d8598135fc05504e03996
b8219db78d5db06a830f306f6b6e3cf4762d6fe2e7e3a5f5e726cd2c6893b6e4
b90a83b5da88f7aedfa00b49bcdec40681a297a9967b4fb56955ad68bd382b66
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9
cd9603ca964bc0cc45314f6906cdb9f58ce78b1386a51cafe27aefc79f5c697a
cf9c6377d906fced868ff9de0166087d1c428f7f5de6000837d13ebb3c64626c
d645c0ce08af9538f2ee909785e6bd6fd19c314fc28f2e58435d0af82d04cd23
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
fe425a4f92df6dac0628adfbd3c931fc75988842caad39f3745a109e4a9f459e