pln-group.work Open in urlscan Pro
104.21.30.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pln-group.work/
Effective URL:
https://pln-group.work/
Submission Tags: falconsandbox
Submission: On October 12 via api (October 12th 2021, 10:55:52 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 19 HTTP transactions. The main IP is 104.21.30.153, located in and belongs to CLOUDFLARENET, US. The main domain is pln-group.work.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 11th 2021. Valid for: a year.

This is the only time pln-group.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	104.21.30.153 104.21.30.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
4	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
19	3

15 104.21.30.153 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pln-group.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

fonts.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	pln-group.work 1 redirects pln-group.work	1 MB
4	wpcdn.pl fonts.wpcdn.pl	83 KB
1	jquery.com code.jquery.com	30 KB
19	3

	Domain	Requested by
15	pln-group.work	1 redirects pln-group.work
4	fonts.wpcdn.pl	pln-group.work
1	code.jquery.com	pln-group.work
19	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-11` - `2022-10-10`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pln-group.work/
Frame ID: F942188A284512AD7462CA3C87ACC803
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zasoby są własnością każdego! LOTOS otwiera nową platformę dla polskich mieszkańcówShare

Page URL History Show full URLs

http://pln-group.work/ HTTP 301
https://pln-group.work/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1544 kB
Transfer

1696 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pln-group.work/ HTTP 301
https://pln-group.work/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pln-group.work/
Redirect Chain

http://pln-group.work/
https://pln-group.work/

124 KB
23 KB

219ms
200ms

Document
text/html

104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8bf0507449184a28b7631e53c838c13cbd5ffc1611a3e3b8b1f6daeeb701754

Request headers

:method: GET
:authority: pln-group.work
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Tue, 12 Oct 2021 10:55:46 GMT
pragma: no-cache
set-cookie: _subid=bot4ch1fr2t;Expires=Friday, 12-Nov-2021 10:55:47 GMT;Max-Age=2678400;Path=/ _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189;Expires=Friday, 12-Nov-2021 10:55:47 GMT;Max-Age=2678400;Path=/ 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao;Expires=Monday, 24-Jul-2073 21:51:34 GMT;Max-Age=1634122547;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbvYn1Ioh8Gt%2Fj8W1lhk3Piga2tqXbjGHCzJi%2Fthy%2B1UTOt1%2FjglZ3C3Sr7CBNggsN0mjdgi26VYRYszwEGGQXgnaRAtBv7h3xdPj4NOU6%2FU%2BkpsmAf2nSyVXs7Fg2zqkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69cfcc3def8e1f4d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 12 Oct 2021 10:55:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Tue, 12 Oct 2021 10:55:46 GMT
location: https://pln-group.work/
pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn3ZDX25WsnxpCdixOL1%2BSs0Y7VyMuXJekRrAL5Fyj43VrRT0ddflRy%2Bk5LWjSwpZ3ZgkZsll%2Ffy4i8fL5kpU8dFWrYI%2FmyLKsFXhC224ggjehV4hvIJ0B74bSBXDwIyiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 69cfcc3d3bf44e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 pre1.jpg
pln-group.work/site/lotos-preland/pre_lend/ 66 KB
66 KB 18ms
17ms Image
image/jpeg 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pln-group.work/site/lotos-preland/pre_lend/pre1.jpg?v1
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23cb45707e05af651dc5dbac3e6d17d82765b2c1d55e8225f8d2fd7dbf71f394

Request headers

:path: /site/lotos-preland/pre_lend/pre1.jpg?v1
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 67111
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-10627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIHEHUo4qsiwzbEJotzsdH6A5Q6xL9TzvGazPqMgM2DEiankTQjWJgpWs5KkjhzdXD8DsFur71IMX6iEmYOailMgX%2Bz4k8FzVJIeOderE0Zy490lnND%2Fj0z25lKejWiKwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 69cfcc3f49361f4d-FRA
expires: Thu, 21 Oct 2021 09:23:49 GMT

GET
H2 200 1.jpg
pln-group.work/site/lotos-preland/pre_lend/ 2 KB
2 KB 16ms
16ms Image
image/jpeg 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pln-group.work/site/lotos-preland/pre_lend/1.jpg
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a30d2280896af36e4800509c2e292573f5a6766de236a7642e8bd042970a45f

Request headers

:path: /site/lotos-preland/pre_lend/1.jpg
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1588
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qrCuxlTXvOs7xuuFFe%2BUz6l8gly3f5EPrNtOqHYF3d61UIR6CXQ0QbsVTyk6v%2BisZvPjLVcBJUgSOqRDqJeTyO1S7IxsFUBG3DrOLNQnVWBFKgz3gEvNzeSPP5KM9XDVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 69cfcc3f49371f4d-FRA
expires: Thu, 21 Oct 2021 09:23:49 GMT

GET
H2 200 pre2.jpg
pln-group.work/site/lotos-preland/pre_lend/ 220 KB
221 KB 32ms
30ms Image
image/jpeg 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pln-group.work/site/lotos-preland/pre_lend/pre2.jpg?v1
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d82485fab57f9a373f5b8eb35e4b145a6ccf5701833cd498d5fcd8a8f37890

Request headers

:path: /site/lotos-preland/pre_lend/pre2.jpg?v1
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 225448
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-370a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4T7xs6ex23o5NCJefDwpLiEZFZCAjy3cETQQv6mwQf%2FDv7LpWU4qN2MEmQFlC8RmzrjiGVLWPq55rKRrFH%2BI%2BPEKy2btNYMksi9Nj8dHCdB3F%2FamiondYeywJYQ9wCUZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 69cfcc3f59411f4d-FRA
expires: Thu, 21 Oct 2021 09:23:49 GMT

GET
H2 200 pre3.jpg
pln-group.work/site/lotos-preland/pre_lend/ 157 KB
157 KB 22ms
20ms Image
image/jpeg 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pln-group.work/site/lotos-preland/pre_lend/pre3.jpg?v1
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071f9a70d1a468ea07c77527ed276ae8944a8d3817bbc69266e266d4078047f6

Request headers

:path: /site/lotos-preland/pre_lend/pre3.jpg?v1
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 160671
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-2739f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is%2BKKJ7LT%2BvHE2LmfOG81KtyErE4z3nM1ryIeCISfCm9DglHHDA1oU3lVYeZe%2B74yrz%2FIIkI0oHVGJZqaShuPS8EA6uAXDkqRSqfAKcKXw%2BeDbn2F0fUkczEGgY3xXx%2FaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 69cfcc3f59431f4d-FRA
expires: Thu, 21 Oct 2021 09:23:49 GMT

GET
H2 200 pre7.jpg
pln-group.work/site/lotos-preland/pre_lend/ 358 KB
359 KB 21ms
19ms Image
image/jpeg 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pln-group.work/site/lotos-preland/pre_lend/pre7.jpg?v1
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f87337da78e40c74bfb2cc25235e5c081d483b72b8a7c7604d04e2203e5d741f

Request headers

:path: /site/lotos-preland/pre_lend/pre7.jpg?v1
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 366853
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-59905"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHjw4VT3PBSwgu11ExfOJdBoju4fV%2FldMvPyCE1oFBQg%2FJBCq7eF5tYoD8aR7AcmjEy%2FkLc%2Bj7NpyrA4uHGaLMhCvuLy4jTuQwkR3NLoaP5HVS4pfV4ou3YzrpiowMv%2FSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 69cfcc3f59441f4d-FRA
expires: Thu, 21 Oct 2021 09:23:49 GMT

GET
H2 200 pre5.jpg
pln-group.work/site/lotos-preland/pre_lend/ 72 KB
73 KB 24ms
21ms Image
image/jpeg 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pln-group.work/site/lotos-preland/pre_lend/pre5.jpg?v1
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38203306a04bb3e9275dddfb389ab61edccb2786df63877ba56f0f1b6f799f91

Request headers

:path: /site/lotos-preland/pre_lend/pre5.jpg?v1
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73867
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-1208b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFl6Y9PagiRt9EnY3AokyyUJLCNY7BQOeS6gwE%2BVdtPEoRPyhmZ%2B6Ywrq3hnlJhg8vIc%2FWsQvXS1gNkYBc3x4aKpgcVfWIplUxpbPCnHNRyj%2BShZ7yBjfdBLcQ5uFJec1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 69cfcc3f59451f4d-FRA
expires: Thu, 21 Oct 2021 09:23:49 GMT

GET
H2 200 pre6.jpg
pln-group.work/site/lotos-preland/pre_lend/ 506 KB
507 KB 20ms
18ms Image
image/jpeg 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pln-group.work/site/lotos-preland/pre_lend/pre6.jpg?v1
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ba6b249b701cafa58b5974e2a18afc82590c4ec6c7cfd393194b0e8c4e2ef4

Request headers

:path: /site/lotos-preland/pre_lend/pre6.jpg?v1
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 517842
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-7e6d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0v4KlSOfkd4xoG5Vu%2BDcpZFSR5LfW5JXRouOcItIA3D3hmjUCAZTS39hRqdJ2T8oFA3Ug92shi3U2C7YYXb2R3zII5UC3rIZVfKYkUbvoPSvUBsJrZhdVKKsY2I0qjOQVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 69cfcc3f59461f4d-FRA
expires: Thu, 21 Oct 2021 09:23:49 GMT

GET
H2 200 elena.webp
pln-group.work/site/lotos-preland/pre_lend/ 2 KB
2 KB 24ms
22ms Image
image/webp 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pln-group.work/site/lotos-preland/pre_lend/elena.webp

Requested by

Host: pln-group.work
URL: https://pln-group.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294ad938ab754274898e31f7cd7fc19033680007ade5e21707fbaedad7d4ec94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /site/lotos-preland/pre_lend/elena.webp
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2866
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1626
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-65a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt2IjrAvhGjzOt3qdFQxj%2FTzDKG060iruQ01WTODqHNO7PcR6mujeUuSibJNDmkM0kzpxjtogZH7w8iFkHQV1Xis7qnlLJau1XxjYmYhQsjFfch23lKq%2BttMqkLptSsL5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69cfcc3f59471f4d-FRA

GET
H2 200 nikolay.webp
pln-group.work/site/lotos-preland/pre_lend/ 920 B
1 KB 21ms
19ms Image
image/webp 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pln-group.work/site/lotos-preland/pre_lend/nikolay.webp

Requested by

Host: pln-group.work
URL: https://pln-group.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b9dfe2fc84d1cb3454078495d1ec6339a3d87ee01fd8ad0abd80d641e4da3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /site/lotos-preland/pre_lend/nikolay.webp
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2866
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 920
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3ufxaL6X5T%2BlN5lROeo3iPBbXAC1E4AJheqYXzBjpGo1jRDggZ4uXHB9wx6tzB79jRhBVji3vSTLNdAMECQOuNy5SI9Knd63U2tvTRse9wFDwJjT%2BxjT%2F9KTYFKXBFBBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69cfcc3f594c1f4d-FRA

GET
H2 200 galina.webp
pln-group.work/site/lotos-preland/pre_lend/ 1 KB
2 KB 22ms
20ms Image
image/webp 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pln-group.work/site/lotos-preland/pre_lend/galina.webp

Requested by

Host: pln-group.work
URL: https://pln-group.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab7f0d445d55f7eb925621088caf7dc41ad9131e1002e174dd6fb53cc7f847e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /site/lotos-preland/pre_lend/galina.webp
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2866
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1356
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-54c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBtgYnLdAQBd72gbktm1GaFtvOCJBjuE5a8t1wkbgnY296MvO7mOam4sGLBOsVajzoU3FzDKoLGDspw0IkvJ6MVjgra6a3sb%2FXSbrK1zkcOifrsx2imEXavhFV3nCGFSbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69cfcc3f594f1f4d-FRA

GET
H2 200 sergei.webp
pln-group.work/site/lotos-preland/pre_lend/ 14 KB
14 KB 22ms
20ms Image
image/webp 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pln-group.work/site/lotos-preland/pre_lend/sergei.webp

Requested by

Host: pln-group.work
URL: https://pln-group.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4bff138a3ff9d9646ad0eda16775dbbb4b933be251ac48fbab5a496e506b6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /site/lotos-preland/pre_lend/sergei.webp
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2866
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13984
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-36a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdroF2iG277anD22XzKCz6tnNuA2W4PyYkmSwT3Z4mXIwVhZ84RDoWgdq9k5XRhGsMO3kzpTTxuM1KfEFrOQq00bfktu183vkS5jwoAQIDs28mIGsHvb23KJtbCN3iOHtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69cfcc3f59501f4d-FRA

GET
H2 200 olga.webp
pln-group.work/site/lotos-preland/pre_lend/ 1 KB
2 KB 22ms
20ms Image
image/webp 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pln-group.work/site/lotos-preland/pre_lend/olga.webp

Requested by

Host: pln-group.work
URL: https://pln-group.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

201a7108ea0647859be15836be073c4440c4fd9b567c4429a4e9afb2998fcee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /site/lotos-preland/pre_lend/olga.webp
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2866
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1240
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-4d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhS3bDSsjntbutNzDt3RYicyJJsE06B2GmrWch%2FTvjV0yblDWvTthPl4Sfvhps4IQ2dkGhPxILGxpwW5pMwWE%2B7jTfnvGr%2BSSyvCueyvXZ5k7RCGsZpXNY29HDZNMRpx6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69cfcc3f59521f4d-FRA

GET
H2 200 m4.jpg
pln-group.work/site/lotos-preland/pre_lend/ 3 KB
3 KB 27ms
25ms Image
image/jpeg 104.21.30.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pln-group.work/site/lotos-preland/pre_lend/m4.jpg
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 886e91a9d81800195c5cce20a4b38e83df471a16fe42c61f2e9cd65b7d4616c0

Request headers

:path: /site/lotos-preland/pre_lend/m4.jpg
pragma: no-cache
cookie: _subid=bot4ch1fr2t; _token=uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189; 31bcb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pln-group.work
referer: https://pln-group.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://pln-group.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3004
last-modified: Fri, 16 Apr 2021 15:14:12 GMT
server: cloudflare
etag: "6079a9c4-bbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afIEdoV3dvg7JOdXMQprmdTZSi%2BLpfmO%2FzXgkovf5zXZ3njKnvFUyxuWmsOZwKm7pmqXGaBZcJAO0tvvu4BUNCE34CqcJoKebvzZinymr0keQXieaj1p4wPjtRSWuk8z6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 69cfcc3f59541f4d-FRA
expires: Thu, 21 Oct 2021 09:23:49 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 27ms
10ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://pln-group.work/
Origin: https://pln-group.work
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1634036147.dop221.fr8.t,1634036147.cds221.fr8.hn,1634036147.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 Roboto-Bold.woff2
fonts.wpcdn.pl/roboto/woff2/ 22 KB
22 KB 118ms
55ms Font
application/octet-stream 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.wpcdn.pl/roboto/woff2/Roboto-Bold.woff2
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 1f03b3082883c94de09ea4c0b38092a45f2f7ca60c14889818a3e19057da34b8

Request headers

Referer: https://pln-group.work/
Origin: https://pln-group.work
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
last-modified: Tue, 07 Aug 2018 08:18:40 GMT
server: nginx
etag: "53eedb1e2d7c79582f367ec102c12681"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
content-length: 22116

GET
H2 200 Roboto-Regular.woff2
fonts.wpcdn.pl/roboto/woff2/ 21 KB
21 KB 119ms
56ms Font
application/octet-stream 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.wpcdn.pl/roboto/woff2/Roboto-Regular.woff2
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: f9bc132980c62433dfd76631f5a602fd1bf318141d67ebb6b70b4d3cc92555b0

Request headers

Referer: https://pln-group.work/
Origin: https://pln-group.work
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
last-modified: Tue, 07 Aug 2018 08:18:40 GMT
server: nginx
etag: "e5d046dd2c38f8e9a1f2f1130e4ec9fc"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
content-length: 21920

GET
H2 200 Roboto-Light.woff2
fonts.wpcdn.pl/roboto/woff2/ 21 KB
22 KB 119ms
56ms Font
application/octet-stream 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.wpcdn.pl/roboto/woff2/Roboto-Light.woff2
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 2b56e3544de25a2bc015f2df367a527d3e1f5691510605d7cb5d06d8c2e7fd6d

Request headers

Referer: https://pln-group.work/
Origin: https://pln-group.work
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
last-modified: Tue, 07 Aug 2018 08:18:40 GMT
server: nginx
etag: "3cb9e8d5c02f6f269785d5722d57e0d5"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
content-length: 21940

GET
H2 200 RobotoCondensed-Bold.woff2
fonts.wpcdn.pl/roboto/woff2/ 18 KB
18 KB 119ms
56ms Font
application/octet-stream 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.wpcdn.pl/roboto/woff2/RobotoCondensed-Bold.woff2
Requested by: Host: pln-group.work
URL: https://pln-group.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 200cc35f2a32c2c915db346c9363d68e2d45001fb4073151a4a7850d8fb130f0

Request headers

Referer: https://pln-group.work/
Origin: https://pln-group.work
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:55:47 GMT
last-modified: Thu, 09 Aug 2018 08:18:08 GMT
server: nginx
etag: "052485ad2a68e98ea225dc9280dbdcd6"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
content-length: 18228

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pln-group.work/	1970-01-19 22:38:34	Name: _subid Value: bot4ch1fr2t
pln-group.work/	1970-01-19 22:38:34	Name: _token Value: uuid_bot4ch1fr2t_bot4ch1fr2t616569b306fd00.74431189
pln-group.work/	1970-02-07 19:49:18	Name: 31bcb Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0N1wiOjE2MzQwMzYxNDZ9LFwiY2FtcGFpZ25zXCI6e1wiNjRcIjoxNjM0MDM2MTQ2fSxcInRpbWVcIjoxNjM0MDM2MTQ2fSJ9.q20tojvcz2qJe392sLzKyojTBDvL3ugQqGRPuFQoGao

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.wpcdn.pl
pln-group.work
104.21.30.153
212.77.98.32
69.16.175.10
071f9a70d1a468ea07c77527ed276ae8944a8d3817bbc69266e266d4078047f6
1f03b3082883c94de09ea4c0b38092a45f2f7ca60c14889818a3e19057da34b8
200cc35f2a32c2c915db346c9363d68e2d45001fb4073151a4a7850d8fb130f0
201a7108ea0647859be15836be073c4440c4fd9b567c4429a4e9afb2998fcee1
23cb45707e05af651dc5dbac3e6d17d82765b2c1d55e8225f8d2fd7dbf71f394
294ad938ab754274898e31f7cd7fc19033680007ade5e21707fbaedad7d4ec94
2b56e3544de25a2bc015f2df367a527d3e1f5691510605d7cb5d06d8c2e7fd6d
38203306a04bb3e9275dddfb389ab61edccb2786df63877ba56f0f1b6f799f91
4a30d2280896af36e4800509c2e292573f5a6766de236a7642e8bd042970a45f
54b9dfe2fc84d1cb3454078495d1ec6339a3d87ee01fd8ad0abd80d641e4da3c
66ba6b249b701cafa58b5974e2a18afc82590c4ec6c7cfd393194b0e8c4e2ef4
886e91a9d81800195c5cce20a4b38e83df471a16fe42c61f2e9cd65b7d4616c0
a4bff138a3ff9d9646ad0eda16775dbbb4b933be251ac48fbab5a496e506b6e7
b0d82485fab57f9a373f5b8eb35e4b145a6ccf5701833cd498d5fcd8a8f37890
b8bf0507449184a28b7631e53c838c13cbd5ffc1611a3e3b8b1f6daeeb701754
eab7f0d445d55f7eb925621088caf7dc41ad9131e1002e174dd6fb53cc7f847e
f87337da78e40c74bfb2cc25235e5c081d483b72b8a7c7604d04e2203e5d741f
f9bc132980c62433dfd76631f5a602fd1bf318141d67ebb6b70b4d3cc92555b0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pln-group.work Open in urlscan Pro 104.21.30.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

1544 kBTransfer

1696 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

Indicators

pln-group.work Open in urlscan Pro
104.21.30.153 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1544 kB
Transfer

1696 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions