orlen-group.biz Open in urlscan Pro
104.21.85.200 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://orlen-group.biz/
Submission Tags: 7324595
Submission: On October 19 via api (October 19th 2021, 6:06:05 am UTC) from NL — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 33 HTTP transactions. The main IP is 104.21.85.200, located in United States and belongs to CLOUDFLARENET, US. The main domain is orlen-group.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 18th 2021. Valid for: a year.

This is the only time orlen-group.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PKN Orlen (Extraction)

Domain & IP information

	IP Address	AS Autonomous System
23	104.21.85.200 104.21.85.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
1	69.16.175.42 69.16.175.42	33438 (HIGHWINDS2) (HIGHWINDS2)
6	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.117.59.81 34.117.59.81	15169 (GOOGLE) (GOOGLE)
33	6

23 104.21.85.200 (United States)

ASN13335 (CLOUDFLARENET, US)

orlen-group.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.92.14 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.59.81 (United States)

ASN15169 (GOOGLE, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	orlen-group.biz orlen-group.biz	7 MB
6	cloudflare.com cdnjs.cloudflare.com	145 KB
2	ipinfo.io ipinfo.io	1 KB
1	jquery.com code.jquery.com	30 KB
1	facebook.net connect.facebook.net	26 KB
33	5

	Domain	Requested by
23	orlen-group.biz	orlen-group.biz
6	cdnjs.cloudflare.com	orlen-group.biz cdnjs.cloudflare.com
2	ipinfo.io	orlen-group.biz
1	code.jquery.com	orlen-group.biz
1	connect.facebook.net	orlen-group.biz
33	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-18` - `2022-10-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
ipinfo.io GTS CA 1D4	`2021-09-05` - `2021-12-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://orlen-group.biz/
Frame ID: 1C779D51BF8C438283C55E2D26CBABDB
Requests: 2 HTTP requests in this frame

Frame: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Frame ID: D3EE86A41E99E7BF421E4BB0AB7FA881
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rozpoczęliśmy nowe projekty inwestycyjne!

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

6912 kB
Transfer

9137 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
orlen-group.biz/ 1 KB
2 KB 525ms
471ms Document
text/html 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62cec87e8026feca04ce8b0648639d06aefc75356ea4d11206d907f746fd283

Request headers

:method: GET
:authority: orlen-group.biz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Tue, 19 Oct 2021 06:06:00 GMT
pragma: no-cache
set-cookie: _subid=2lehjj22dv7e;Expires=Friday, 19-Nov-2021 06:06:00 GMT;Max-Age=2678400;Path=/ _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342;Expires=Friday, 19-Nov-2021 06:06:00 GMT;Max-Age=2678400;Path=/ e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso;Expires=Monday, 07-Aug-2073 12:12:00 GMT;Max-Age=1634709960;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyZq0i94UyhDJWhY%2Bi1MxCkBxAXuJjBd4tK%2B4LjJueUg6rrsKjyNhxwqVNuZaWz8pApzv18FgEDQyzF3%2F3E%2F%2BBOf4v85pzGh%2BlghGQ03q5zbk4U8Sv2%2F5JpI9ePbvbK%2BeIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a07d165f84e27a0-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: orlen-group.biz
URL: https://orlen-group.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: nH8UjQu1ibW/HoSoyZH95rgQSgVd/h0/5lRoB7kSBpzXwaGOBNHvS+pDJlLWKNr63M6KcgJTwTtrXbkLWNlGsQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 19 Oct 2021 06:06:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
orlen-group.biz/lander/orlen-offer-obj-/land/ Frame D3EE 258 KB
74 KB 102ms
102ms Document
text/html 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf698d8d5ce96dba8bf6a6d4060d60cb678ef1a3ff6e8f194501f85ba607aae

Request headers

:method: GET
:authority: orlen-group.biz
:scheme: https
:path: /lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://orlen-group.biz/
accept-encoding: gzip, deflate, br
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llxkWZufe9hzKbwT%2FqxbM7UvLdsvmHNH0kMxY98%2Bu6ed2ZhLDVPYuKDmJTp3e1m9l6yhccSbbiGXiK%2F7ZwWIwQCYO9cIgFp6aLWYmoxDVmI20edqJUYvTNyAGB6%2FE%2FU3EB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a07d16a1d6027a0-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 app.css
orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/ Frame D3EE 782 KB
75 KB 253ms
253ms Stylesheet
text/css 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/app.css
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a

Request headers

:path: /lander/orlen-offer-obj-/land/assets/css/app.css
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-c3800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Nl5chwlh4qggIhu%2FulneKSt0AsLHr2sBN8a1a4oStV%2Bcfm4Yb1krxI744msMRch3Cf8cDv0j8j%2BNUS9hjDVz3Ivbe4ZYZYm9IehgxvZZz0V%2F62aIfI8iHVV696dMRef30E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b7c5827bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 fonts.css
orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/ Frame D3EE 2 KB
955 B 149ms
148ms Stylesheet
text/css 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/fonts.css
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce

Request headers

:path: /lander/orlen-offer-obj-/land/assets/css/fonts.css
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-8d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UxLY1LUIKk09RYmeko%2FD0%2BvjzLHHA8mq1vTHf7Lgq8UNcuLV1%2Fp0NMe1M94Zvq382JcTBjcLLTdToegEafF2UQjqBmxY1WAhrOpwiqH9gsham9kxJtF3Q7RD4zcaTZjKcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b7c5b27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 slick.css
orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/ Frame D3EE 2 KB
1 KB 110ms
108ms Stylesheet
text/css 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/slick.css
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

:path: /lander/orlen-offer-obj-/land/assets/css/slick.css
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4t6CAKNo2jq97B6eaHWjINYSo2ufudwyy19OzQB%2FR7%2B0zt5s6Myo%2B8tFGLWOq5FuGAFdWNI4AYn9fxqR4NDUDgIpMGKpdN124V%2FZFnvlvC69ecZtWo4bHlCyVJ10XWd1aEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b7c5c27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 ion.rangeSlider.min.css
orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/ Frame D3EE 11 KB
3 KB 151ms
150ms Stylesheet
text/css 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/ion.rangeSlider.min.css
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695

Request headers

:path: /lander/orlen-offer-obj-/land/assets/css/ion.rangeSlider.min.css
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-2b4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpP0AV6eN9UbX65vIpxxvfEebljDdPiqDONN2QOfwMmNT3541VZR9zjCqa5n0QfS641comwSNT0UbMVX32s11rHpXVxi1u%2BWu5ZqZoz%2BXj8K8KzyszkcAziUYpgqjHTkvJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b7c5e27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 jquery.fancybox.min.css
orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/ Frame D3EE 12 KB
4 KB 117ms
116ms Stylesheet
text/css 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/css/jquery.fancybox.min.css
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

:path: /lander/orlen-offer-obj-/land/assets/css/jquery.fancybox.min.css
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fql8Gag2MuLLUO%2BwcgKCBPcSh0W4%2BEPEuL9kqEc4c2QmixAZfhxDbee5x9P%2FSfqyJY4CFh%2B9puW%2Fdn%2FDaxtCGZQrTuJDGrC9YgNYk5GlXaQ5qM5pjCWoEECDYzs4oFfJ1PA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b7c5f27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 9.svg
orlen-group.biz/lander/orlen-offer-obj-/land/assets/fonts/ Frame D3EE 2 KB
2 KB 149ms
148ms Image
image/svg+xml 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/fonts/9.svg
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0

Request headers

:path: /lander/orlen-offer-obj-/land/assets/fonts/9.svg
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-70a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejgmSE2NOggcJ9B2MsJGnbRJHUmf%2BHcYuEsrm6PcRV2sSFO4aG9DtDhXrfMXJbypk87bl6OKPmVTSev38YoUD2dMT46PA0tg5Uyo1uXSIItHpavrEnGuOB5K7u8mlwJ8yQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b7c6127bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 404 poster.jpg
orlen-group.biz/lander/orlen-offer-obj-/land/assets/video/ Frame D3EE 564 B
564 B 150ms
149ms Image
text/html 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

:path: /lander/orlen-offer-obj-/land/assets/video/poster.jpg
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeSsY9jaeBEMyNC682X6imWGSZyptu8EjpNNXOngYNaJGkCYmc%2Befj%2BdgkYQI%2F88uRRVZHO8Ehey%2Fid3ifl%2FH6CGj%2Fw%2FLfZv8KMMXccCZG6hZam1wQmyF4oarOdVhX7%2BawM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6a07d16b7c6227bc-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 10.jpg
orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/ Frame D3EE 77 KB
77 KB 224ms
224ms Image
image/jpeg 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/10.jpg
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be

Request headers

:path: /lander/orlen-offer-obj-/land/assets/images/10.jpg
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78371
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: "6165adda-13223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iJo7p%2B%2FnOpdVzCLGXY2%2BrhyYHf1XQfDD61nmVMkQEELQZ3%2BLjyxBJcGjI9x1MVSQzdZELbNkzIdFgoGeNZBABwR%2FTZ%2B%2BptDPNsxi8eH%2BoINYR%2BQ2OV6CjjnnZXfnceYDfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6a07d16b7c6427bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 206 video.mp4
orlen-group.biz/lander/orlen-offer-obj-/land/assets/video/ Frame D3EE 358 KB
0 236ms
236ms Media
video/mp4 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/video/video.mp4
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-fetch-dest: video
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
:path: /lander/orlen-offer-obj-/land/assets/video/video.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-14833816/14833817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 14833817
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: "6165adda-e25899"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35u3WYljy0E6QfBwDoOLtSu3SO6lOQ%2FurNW0Slk43h5c9yS%2BamSL2Es69u4z03y5NGI9xcH0x7Ps6SkHEXxiFhOSD%2BQdC7N2RcwDsasqPdjweoEe5hf%2BWTyitZjMN2szEDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b9c7a27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 11.png
orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/ Frame D3EE 1 MB
1 MB 235ms
235ms Image
image/png 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/11.png
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931

Request headers

:path: /lander/orlen-offer-obj-/land/assets/images/11.png
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1150172
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: "6165adda-118cdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Kh3448jvPmLjpOzKPjoGDQMAw0L%2F92BSTJpq2lJ%2FDYs%2BP33YHZWzPvd3%2BeGiIenx8oFoJgZIv9hhtlariwMEzUjrwyR%2BJAfuArZ%2BSCRnLuNcvjjZ5AwiMMHkw9Mi5AbEPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6a07d16b9c7f27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 12.png
orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/ Frame D3EE 577 KB
578 KB 235ms
235ms Image
image/png 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/12.png
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9

Request headers

:path: /lander/orlen-offer-obj-/land/assets/images/12.png
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 591037
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: "6165adda-904bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeebiDS%2B6zyrCDf6jBD228I0mIgZ9%2F2wciOkBMe68tasDccoi0iGWG0yBNndJZMG8By0UgbDse3FIIB0s4xmBgpbeGIZRaPpgklB5GydPUNXbLClGsS4%2Ft%2Fprm0agIp%2Bp4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6a07d16b9c8027bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 13.png
orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/ Frame D3EE 617 KB
618 KB 250ms
249ms Image
image/png 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/13.png
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9

Request headers

:path: /lander/orlen-offer-obj-/land/assets/images/13.png
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 631847
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: "6165adda-9a427"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYCbunNNgCAvTiqeId4SFOWxSIumwAYGHYwaeGKmr6iMThP20OTMapGl7dBZpzbdGTg%2Bwj%2FI4LrVz60nCMR1WON%2BPz8g89FjcAgJ%2F2V7ZLn4hm9iWYb9HNIYQTuxBMZK%2BvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6a07d16b9c8227bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 14.png
orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/ Frame D3EE 1 MB
1 MB 266ms
266ms Image
image/png 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/14.png
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4

Request headers

:path: /lander/orlen-offer-obj-/land/assets/images/14.png
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1166276
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: "6165adda-11cbc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9cpWsZOz94jeumLB83pJ38HJMX7%2FrnsFrEHOAutkc%2FR9b5Xmb4LGUozWppGTTUSG3DYMnbTHMJx%2Bi7I6x5zIWCmMsIXHMaRMLNs2882%2BRgrjwCGJJRT9%2BNvUfhorKRCKWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6a07d16b9c8327bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 15.jpg
orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/ Frame D3EE 3 MB
3 MB 250ms
250ms Image
image/jpeg 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/15.jpg
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e

Request headers

:path: /lander/orlen-offer-obj-/land/assets/images/15.jpg
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2746610
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: "6165adda-29e8f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvbtrgKWbxDGxfE2%2BeaG0B2icG3w6XTtrM9Bx5dei4OGhW3%2Fx1h27MJAOccQzmqS7LL1FoSFXOt2c3qBOhtSLlQjSKvTA2hdYlhPk%2FOVFj7pQ%2BFK5NYe9vD1%2FJxC3TU%2F9sI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6a07d16b9c8527bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 16.jpg
orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/ Frame D3EE 57 KB
57 KB 251ms
251ms Image
image/jpeg 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/images/16.jpg
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e

Request headers

:path: /lander/orlen-offer-obj-/land/assets/images/16.jpg
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57989
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: "6165adda-e285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enKZOr4azXEkjI8bpLBf5ugtZkAj4gdjTt%2BdVmj9vPLXVzATHKzU7ACv7f5Clh3diBPMT4vYXYHKFO%2F5KuEpUR2uEPbQRqqVW%2BntZHVoV%2FZC3cZz1m%2F1ydNIb17L1DEMiGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6a07d16b9c8627bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ Frame D3EE 87 KB
30 KB 28ms
11ms Script
application/javascript 69.16.175.42
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1634623561.dop097.fr8.t,1634623561.cds287.fr8.hn,1634623561.cds150.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H3 200 jquery.min.js Show response
orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/ Frame D3EE 86 KB
32 KB 203ms
203ms Script
application/javascript 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path: /lander/orlen-offer-obj-/land/assets/js/jquery.min.js
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evF3mf5ALDX%2FNJ9iyxnkqiWi2GV%2B7zej05iARcAa4XjaTJE1OSYbaUdgqPIqxWGW7we%2BzAyxKLWC6jfcQNAHLMHLk8WHYwYYxY9FPpbhAum1pB1WFf8m%2BQqI3Dih4DFmOUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b9c8727bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 ion.rangeSlider.min.js Show response
orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/ Frame D3EE 40 KB
10 KB 149ms
149ms Script
application/javascript 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/ion.rangeSlider.min.js
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c

Request headers

:path: /lander/orlen-offer-obj-/land/assets/js/ion.rangeSlider.min.js
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-a0fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mJD9Wo%2B5vg9ELhexKtFg6NzAhYGELyGyY1IqLCp%2BgnVhmQC8NXTOqTaC%2F16GDwYPVtQ6xvdHA1pie4hbDj3nq7%2FRQbb8kIZ%2FiGeVnPRctI7w8l%2FCF5U45YhMdTT0%2FV1mtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b9c8827bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 jquery.fancybox.min.js Show response
orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/ Frame D3EE 67 KB
22 KB 190ms
190ms Script
application/javascript 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/jquery.fancybox.min.js
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

:path: /lander/orlen-offer-obj-/land/assets/js/jquery.fancybox.min.js
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-10a9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuL99Xy5bwL8m2uuGcDmKE7xa5qJy8SEKxC5d7k5Un%2FDboozdLhNphaiOImjlPbh5kQbxIQdPoKbJwvj0Hwq16WGDkYU1BBOKVjtwqXiw3DThDCu%2FrF%2BmCV8RKaUcqEeZLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b9c8a27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 slick.min.js Show response
orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/ Frame D3EE 42 KB
11 KB 81ms
81ms Script
application/javascript 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/slick.min.js
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

:path: /lander/orlen-offer-obj-/land/assets/js/slick.min.js
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbA5VqRjXyuNzbdIDQQeaT734ESDdOMd0NpCa%2Bv0E%2F2KyDOSVDCay1rrClkeFpgbut%2FKudz53BOcTZ6naaybjG79NmngqRVvKBc%2FfG0mp%2BTZII%2BV8wFCXYb%2FUlJqJfrRdu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b9c8b27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H3 200 chunk-vendors.js Show response
orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/ Frame D3EE 539 KB
195 KB 316ms
315ms Script
application/javascript 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/chunk-vendors.js
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07

Request headers

:path: /lander/orlen-offer-obj-/land/assets/js/chunk-vendors.js
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 15:46:34 GMT
server: cloudflare
etag: W/"6165adda-86abf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbwyGv%2FQNVNpwipEUpWnc7rsvSTdv3SGmCd7bnyghC3LRBdxC1OWTu%2BleIG35AERnq%2FgRavzt%2BZWXCVs2ieUlKQBeM9z8Cezq53q1VKt2WoAoG2qVEJnhQom7jWyVO5jtmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6a07d16b9c8c27bc-PRG
expires: Fri, 29 Oct 2021 06:06:01 GMT

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame D3EE 29 KB
9 KB 53ms
22ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js

Requested by

Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3060284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8889
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-72d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3CJMR2%2FYdFqo7iALP6JD4JBuOZHLNQp%2F%2BjK2qKb8u7bFM%2FAhFC0SsXGnCDk8golGM8wVMHmZrt0bz9lc8B0ubVLFs1zQ%2FhqcyzJKINHGyOjWGtBFFQqa9e59oYOt3d6M5dejtBv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a07d16bb870f9de-PRG
expires: Sun, 09 Oct 2022 06:06:01 GMT

GET
H2 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame D3EE 238 KB
44 KB 57ms
26ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js

Requested by

Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3068066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44414
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e29-3b7cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXBSeD7%2F2%2BoIRLtvVtx66ZGAh%2Fx9elP%2BaGBGTQNVzCvNE6lHzcJbU56OyJegWNPvD7abK5ghR3lM2DaJV2YolM9%2BoqBSnv94H7g9Fw5fIqMsKHnKCp%2BvrFSfw7T6HvOS2zQ%2BIbMz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a07d16bb875f9de-PRG
expires: Sun, 09 Oct 2022 06:06:01 GMT

GET
H2 200 inputmask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame D3EE 110 KB
19 KB 51ms
20ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/inputmask.js

Requested by

Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2909490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19017
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZ4vOp4KsccK9kgY3Kbhmh1pmlkT%2BFiR%2FJ0Cb%2Bo4P%2FH6%2FAAi7Xdxe9Uy3ecgvp1BopIWi299UpP1kNKUOEkJtuSoXj8bNvJFVm8UQQW55d0CL5IVr9fFCL8mjWnASYV7CRhr%2FWQ5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a07d16bb87af9de-PRG
expires: Sun, 09 Oct 2022 06:06:01 GMT

GET
H2 200 jquery.inputmask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame D3EE 3 KB
964 B 56ms
25ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/jquery.inputmask.js

Requested by

Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3050754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 655
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fExbZU2BT%2FH0fMuazciR%2B8u5U%2BV9MB4Dx9NKinYDsUs%2B1g%2BD%2BsBBEPyAoff0YxcgwtSS47INMAHrdWo4CW8VfrpIFvrdgNcssTTqgjczWX%2B1x0wDlpyVj0fOuSkgMLIXMjLuqOl3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a07d16bb87df9de-PRG
expires: Sun, 09 Oct 2022 06:06:01 GMT

GET
H2 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ Frame D3EE 25 KB
2 KB 56ms
25ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Requested by

Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2906178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1970
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-62a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASFohgzzSUPSAvNZCeyfoQJoLNtZ2UCin2uhYlYmHspkr%2Fok507RFTNIugZDSJqzX0ELmWV3AYcoICfnAy9N6uNx6ivE%2FpoxCiLqneZ04fJjHxS3GOiFcfMoCxbOhXBom3HtP6SE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a07d16bb877f9de-PRG
expires: Sun, 09 Oct 2022 06:06:01 GMT

GET
DATA 200
OK truncated
/ Frame D3EE 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D3EE 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D3EE 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D3EE 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 404 poster.jpg
orlen-group.biz/lander/orlen-offer-obj-/land/assets/video/ Frame D3EE 564 B
564 B 41ms
40ms Image
text/html 104.21.85.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg
Requested by: Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

:path: /lander/orlen-offer-obj-/land/assets/video/poster.jpg
pragma: no-cache
cookie: _subid=2lehjj22dv7e; _token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342; e7428=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: orlen-group.biz
referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/lander/orlen-offer-obj-/land/?_token=uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjO%2BWwREhi%2BdlHXVHqYnZw%2FXzkuTXJ2gUdcGEF9uw9DQ9Hw98kLLSY2x9iR6fCKO%2FLqVBnlu41v1yL05IKi4Sywb9n%2FQuAMAceidT4W1mSbdUYRYiAe14uZxAbzB7Ud9xYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6a07d16d8f5127bc-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame D3EE 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D3EE 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D3EE 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
ipinfo.io/ Frame D3EE 766 B
643 B 131ms
115ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?callback=jQuery34109629356752006031_1634623561856&_=1634623561857

Requested by

Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

a8a6f87783bf2072c8afe178bd40d6a47c451a8cd86a93f2629689feacbe6e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 2
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
ipinfo.io/ Frame D3EE 766 B
460 B 131ms
116ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?callback=jQuery34109629356752006031_1634623561858&_=1634623561859

Requested by

Host: orlen-group.biz
URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

f3f8c80333c485bc18243dcc6efe50d7312957db07ebb07408eb22a177f7d517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orlen-group.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 4
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
H3 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/ Frame D3EE 69 KB
70 KB 40ms
19ms Image
image/png 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 06:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2882678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70862
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaNRbgcfHcw3buY9bs7%2FikGT2SZxLx1TPevv8n5ZMQlW6mcX6Sm8xNeeheChhR3x7GPRb%2Bp8TEj%2FsBcB5BLkhAobhtaoruLM9YvfguZzAp7RK%2BrI3PubwzvZ%2FCiCxHhJisSFkqEz"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a07d16e18274108-PRG
expires: Sun, 09 Oct 2022 06:06:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKN Orlen (Extraction)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
orlen-group.biz/	1970-01-19 22:48:21	Name: _subid Value: 2lehjj22dv7e
orlen-group.biz/	1970-01-19 22:48:21	Name: _token Value: uuid_2lehjj22dv7e_2lehjj22dv7e616e6048c3c703.22416342
orlen-group.biz/	1970-02-07 20:08:53	Name: e7428 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzQ2MjM1NjB9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNDYyMzU2MH0sXCJ0aW1lXCI6MTYzNDYyMzU2MH0ifQ.nNdvsIF9f0X9Yew3rresVmTit1jcPqvIhXe3ZVH3gso

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://orlen-group.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
ipinfo.io
orlen-group.biz
104.16.18.94
104.21.85.200
31.13.92.14
34.117.59.81
69.16.175.42
029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931
3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a
78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07
84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce
84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0
a8a6f87783bf2072c8afe178bd40d6a47c451a8cd86a93f2629689feacbe6e9a
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be
c62cec87e8026feca04ce8b0648639d06aefc75356ea4d11206d907f746fd283
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6
cdf698d8d5ce96dba8bf6a6d4060d60cb678ef1a3ff6e8f194501f85ba607aae
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f3f8c80333c485bc18243dcc6efe50d7312957db07ebb07408eb22a177f7d517
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

orlen-group.biz Open in urlscan Pro 104.21.85.200 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

6912 kBTransfer

9137 kBSize

3 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

orlen-group.biz Open in urlscan Pro
104.21.85.200 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

6912 kB
Transfer

9137 kB
Size

3
Cookies

33 HTTP transactions
7 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!