orlen-news.us Open in urlscan Pro
2606:4700:3032::ac43:d940 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://orlen-news.us/
Submission Tags: 7360664
Submission: On November 23 via api (November 23rd 2021, 9:34:50 am UTC) from US — Scanned from US

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3032::ac43:d940, located in United States and belongs to CLOUDFLARENET, US. The main domain is orlen-news.us.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 18th 2021. Valid for: a year.

This is the only time orlen-news.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3032::ac43:d940	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
6	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.117.59.81 34.117.59.81	15169 (GOOGLE) (GOOGLE)
39	7

24 2606:4700:3032::ac43:d940 (United States)

ASN13335 (CLOUDFLARENET, US)

orlen-news.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:808::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.59.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	orlen-news.us orlen-news.us	4 MB
6	cloudflare.com cdnjs.cloudflare.com	145 KB
5	googletagmanager.com www.googletagmanager.com	30 KB
2	ipinfo.io ipinfo.io	1005 B
1	jquery.com code.jquery.com	30 KB
1	facebook.net connect.facebook.net	26 KB
39	6

	Domain	Requested by
24	orlen-news.us	orlen-news.us
6	cdnjs.cloudflare.com	orlen-news.us cdnjs.cloudflare.com
5	www.googletagmanager.com	orlen-news.us
2	ipinfo.io	orlen-news.us
1	code.jquery.com	orlen-news.us
1	connect.facebook.net	orlen-news.us
39	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-18` - `2022-11-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-01` - `2021-11-30`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
ipinfo.io GTS CA 1D4	`2021-11-02` - `2022-01-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://orlen-news.us/
Frame ID: E14538B6B73FA3983CAB2BC615051C51
Requests: 7 HTTP requests in this frame

Frame: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Frame ID: C0676E9FFE8F74D7558B375568561D97
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rozpoczęliśmy nowe projekty inwestycyjne!

Page Statistics

39
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

4334 kB
Transfer

6831 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
orlen-news.us/ 1 KB
2 KB 762ms
613ms Document
text/html 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e5ec7351a0f73e9ea49d063f48e7c9f593795542e87fd9c720987f70409f68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

date: Tue, 23 Nov 2021 09:34:45 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Tue, 23 Nov 2021 09:34:45 GMT
pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6MuL9Nw6ir91jSv%2FJwXfN002LYlhrN8xfLH22nYuozsw%2BR53%2BZWRToksMUpw8C7pm72tQIKUxkm5fxj9H%2FzvYzL6iR8cjqtC4q%2FgTLA9hAQckrPTIFnEHJJM%2FqbegXZtoGuVttrI9dM6EjC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b29674d79420c9b-LAX
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
30 KB 426ms
147ms Script
application/javascript 2607:f8b0:4006:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0f70ba5eeef9c7de571640647e792de7b54aa6276eb0d303137327f41a65490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30001
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Nov 2021 09:34:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 366ms
121ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: r0tiafWxOdbgJYgSZIu00W182k3coYl7lVV+Yvf7tndjOd1HjGohRYuyAhQgCas8CSQzISVtWbLNpC8ZBE6aIw==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Tue, 23 Nov 2021 09:34:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
orlen-news.us/lander/orlen-offer-obj-/land/ Frame C067 260 KB
74 KB 305ms
304ms Document
text/html 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b180168f33be9dff3f39fd2f733bef61c1a4b2b8b34ce6d130cde0cb21db880

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjN1Uq2hUxEsX%2FN7Y9zHytUMjZbWrdMitFV0t4SUfXn7pCI3ubJymdJ4uFuFNWlLseEyfB6H%2Bi36%2BgQmIXQs9B71Az0FKCZCvDNjDSwOw6V0%2BNixqF2S6x%2FLrhMn7JpKxkmlt0f7HmQkhnUf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b2967517c2e0c9b-LAX
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 app.css
orlen-news.us/lander/orlen-offer-obj-/land/assets/css/ Frame C067 782 KB
75 KB 894ms
894ms Stylesheet
text/css 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/css/app.css
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-c3800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RZwTf1YWNGG2bb5aCOXrLyC6aIdPUyt%2BmKZz4LvaogfXcxRpQ9YLq%2BafXJBwVPd2KGCAvIq1t91TuTZj6ViM%2BJrAPi9Or3huEjkumBeeAIrOcNkOHQKZKqkwwxrIbv25548l3vkV5v%2FmxcR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b2967537e637cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 fonts.css
orlen-news.us/lander/orlen-offer-obj-/land/assets/css/ Frame C067 2 KB
963 B 505ms
504ms Stylesheet
text/css 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/css/fonts.css
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-8d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVm3sPE29yy7mTP2vpRVKb4Zu2raKahdDykG8IGCco0YHRarGpC6L6ygD8wweIY6XWBfHasyUMfiLoO3HezaCeAwamQ9F5bimpXXeUCPAYxPSqTF3KMQgB%2B%2FC6oID4qNJbUBHFqRLambysW1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b2967537e647cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 slick.css
orlen-news.us/lander/orlen-offer-obj-/land/assets/css/ Frame C067 2 KB
1 KB 504ms
504ms Stylesheet
text/css 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/css/slick.css
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir7LlwWfV%2FCl7q%2B0h%2BMBW8GiPH6h9aQYMvKkgdaYYiPBD%2BG9W34DTl8xO4Kq5tNoP15%2BRrVv0BWIv%2BvajKcedMUkrhuSnBSH92UFUXkpe6dUgOuWJag0ZbvOPdP%2BZAKqbyEjOn8a7NfJKFOC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b2967537e657cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 ion.rangeSlider.min.css
orlen-news.us/lander/orlen-offer-obj-/land/assets/css/ Frame C067 11 KB
3 KB 469ms
468ms Stylesheet
text/css 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/css/ion.rangeSlider.min.css
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-2b4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMUJ5hwFy96mcbvij9ix4%2FrJGBQLNXPqm4jhWTb%2FskYzK5R3Hnrvy9uNdssG0VP04SmrgDBYY1J%2B1iYRWYTgV2MuKbhDxF8kX%2FWfKmF0aPiXFbpHCH%2F4l12VR3Apzs3yUykA9YFRuo%2FBdOPW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b2967537e677cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 jquery.fancybox.min.css
orlen-news.us/lander/orlen-offer-obj-/land/assets/css/ Frame C067 12 KB
4 KB 487ms
487ms Stylesheet
text/css 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/css/jquery.fancybox.min.css
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGJ8r%2FRzeE7ZKNHP7%2B39%2B%2FcEKbAfYTwi8XvteqBZHzOh7nT21gMq6CLDRhPBypIQL92wGl12wlx40H4O9lXIbPcJuOq58I9D5FzU7hugdHIqekzyQ4yYUh7ts3QcNoE8kK2tbt%2Bx9eI5JYMT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b2967537e6a7cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 9.svg
orlen-news.us/lander/orlen-offer-obj-/land/assets/fonts/ Frame C067 2 KB
2 KB 475ms
474ms Image
image/svg+xml 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/fonts/9.svg
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-70a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHexw2Nxn0RV8qmrhhyEisGHyCYlPsrvc1yEzc%2FwSoFOhd3b7eVfjdhsmoYJnfb3%2B9GT2AC7leSOQWhC%2BXZn8A3eyVr1T9fgabnA80B5Cmg2KSUf7hYNeO21V6yxhcgOmTPhc0NwUQbHupgS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b2967537e6b7cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 404 poster.jpg
orlen-news.us/lander/orlen-offer-obj-/land/assets/video/ Frame C067 564 B
564 B 477ms
477ms Image
text/html 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/video/poster.jpg
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FqwkuG3Nj3DFABuAkrMEYydlZrrYEYjr4PeaCVX32B4ju%2FLv6AjUFu4BV12qCxkQwZQz5ylzZtCOX0gKYEDE4LFBc1CiSGRd%2BxLBRlREt1OtGd%2BxNHm9rWs%2BOzo%2FXfDLDGWsZ60g%2FwOAfQu"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6b2967537e6c7cc8-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 206 video.mp4
orlen-news.us/lander/orlen-offer-obj-/land/assets/video/ Frame C067 64 KB
0 2302ms
2302ms Media
video/mp4 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/video/video.mp4
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Nov 2021 09:34:48 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-4107132/4107133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 4107133
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-3eab7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1tq%2FzF6s4CGy4qt28aob40oT8tqmW83PYmjCrEnyBoDcgDxjLY4pBVzjHAYaafiiaStalU06qm%2BlTU5TfnwYNrbxo4suLZe7DYk2nRAphxeGQW9juklnmkToAR9opfsJMHAF2C3ohL97a%2F8"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b2967538e717cc8-LAX
expires: Fri, 03 Dec 2021 09:34:47 GMT

GET
DATA 200
OK truncated
/ Frame C067 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C067 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C067 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C067 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 290ms
150ms Image
image/gif 2607:f8b0:4006:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=&cv=1&v=3&t=t&pid=973205391&rv=ba1&es=1&e=gtm.init_consent&eid=1&tc=0&z=0

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 09:34:46 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 318ms
178ms Image
image/gif 2607:f8b0:4006:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=&cv=1&v=3&t=t&pid=973205391&rv=ba1&es=1&e=gtm.init&eid=2&tc=0&z=0

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 09:34:46 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 307ms
167ms Image
image/gif 2607:f8b0:4006:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=&cv=1&v=3&t=t&pid=973205391&rv=ba1&es=1&e=gtm.js&eid=3&tc=0&z=0

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 09:34:46 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 10.jpg
orlen-news.us/lander/orlen-offer-obj-/land/assets/images/ Frame C067 77 KB
77 KB 885ms
884ms Image
image/jpeg 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/images/10.jpg
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78371
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-13223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VB8iPSQyzZwPQhtIk1ZvJBjywXfqFy%2FMcAENzjZs4cgkLrrZpRCKIqO5ZJucC4aY%2BqgRTWAm3kEQj%2BKgVp4zeLbVAtgs0PAG7Om%2BXASbxD4tg%2B8BthBcq%2B6fYoChjssKQr00Fwrh0Okqh3lR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b296754cf837cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 11.png
orlen-news.us/lander/orlen-offer-obj-/land/assets/images/ Frame C067 1 MB
1 MB 946ms
945ms Image
image/png 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/images/11.png
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1150172
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-118cdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZBrHEjYzNxKjykP9n2Sk8inJoOs7KSnjGmtu1wE1vCjS30zMxgUImOL8S1%2FQvbaTlSww%2BdUPOx6sJAr8KpgNme9a6goF%2F65%2Fh%2FQegMUTUiKRdeontn5UFYr6hIlHtpzDaZtBWMY8b%2B2x%2Fdv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b296754cf847cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 12.png
orlen-news.us/lander/orlen-offer-obj-/land/assets/images/ Frame C067 577 KB
578 KB 872ms
872ms Image
image/png 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/images/12.png
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 591037
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-904bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6pZX8yX%2B8SdopWBj8JF1gKSWcIbb987WulQTcaJYoeUl0lWWe3FlVFlDBEhBs4i%2BQeJYorbcPAQLvSRpvQoEAoLMMFEQLj4259vdyklIIDX10Xn9vJJWvw2Clu%2FtmPvCU8vFbi3uxNatY%2FT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b296754cf857cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 13.png
orlen-news.us/lander/orlen-offer-obj-/land/assets/images/ Frame C067 617 KB
618 KB 1087ms
1086ms Image
image/png 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/images/13.png
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 631847
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-9a427"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4k6kiU8a69atddEYZrBU5jxRVY57SnRMRqgQLGYohEt407Uvlwj1zX%2BAIVfI9JFKw3j%2FHyFjz1ultJO2aeJzoa1JuPKYz2%2BGkq%2FLxnMIVjeji8QEmIsTNmbHJ2vz8G2gE30IZ%2B10uvcXGDK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b296754cf877cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 14.png
orlen-news.us/lander/orlen-offer-obj-/land/assets/images/ Frame C067 1 MB
1 MB 1089ms
1088ms Image
image/png 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/images/14.png
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1166276
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-11cbc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Zj0WV2oAEIucaMMUfMzsPl2p5qi8W197hH9%2FUKIvJsj2sLpi1vqDceT7h0wsFtdrhyiKj4k1h986O5oqVlh4AKGEFDzzjF3SqU5YwBJ3A6zN3vjMTiO0YxrvXZZlby2B6v3JdcxmjZlDGlg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b296754cf887cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 15.jpg
orlen-news.us/lander/orlen-offer-obj-/land/assets/images/ Frame C067 518 KB
0 1074ms
1073ms Image
image/jpeg 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/images/15.jpg
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2746610
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-29e8f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ly7eGmq1QdPGSICCZxa6IY%2F98xYWfCxx6f7KTbWhO415h1LnIkv0imUVcET229NxX6Y6eTaYJBZ1gRvMBg8kEsUIqocVjmgUkawv248KxmxoW6hJFMJqhFwx%2Fe2D9Y8fKTVQmKTc0MW%2BGKko"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b296754cf8b7cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H3 200 16.jpg
orlen-news.us/lander/orlen-offer-obj-/land/assets/images/ Frame C067 57 KB
57 KB 881ms
881ms Image
image/jpeg 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/images/16.jpg
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57989
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-e285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoltdekqsaPHShdw3qgTlp%2F7RyjkbbdW7UGgvSnJpzm%2B1wnkpwrXokV210h7r7N%2B7not%2BNY%2F7g9P6%2B3En4qcmfKgMboFSf2gNSTnZRNUAIfKwwZ79ney3fr5fwu5v%2B1eSRtpAYaC2tvJG9tO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b296754cf8d7cc8-LAX
expires: Fri, 03 Dec 2021 09:34:46 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ Frame C067 87 KB
30 KB 206ms
66ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1637660086.dop109.la3.t,1637660086.cds236.la3.hn,1637660086.cds032.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H3 200 jquery.min.js Show response
orlen-news.us/lander/orlen-offer-obj-/land/assets/js/ Frame C067 86 KB
32 KB 699ms
697ms Script
application/javascript 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/js/jquery.min.js
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SkoNzS1W2DVh6qQnUdH%2BetWR2NVGBOgXP4C11HOk7XQtzyNmDoUyVL0gITU0%2BZ23f0WNpbV2Sgf5kabhKcfd9mJSLQFlOTJJhpE233N7IGr2ibgFa0pC0SGIVHglBCwkPS0Hd1%2F%2BObEnYGN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b29675668fe7cc8-LAX
expires: Fri, 03 Dec 2021 09:34:47 GMT

GET
H3 200 ion.rangeSlider.min.js Show response
orlen-news.us/lander/orlen-offer-obj-/land/assets/js/ Frame C067 40 KB
10 KB 415ms
413ms Script
application/javascript 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/js/ion.rangeSlider.min.js
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-a0fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWFu17UWTn1u7gD%2FAKLx%2FLvQuoeWirGudMMCn9E7BmKnpVDoxiZ2QzBraMnkTZ8vnmnTIkYb2vqC4iqgxiZwYft%2BlKN5jXYdQlA%2FW7GHHcxnF4WZ7HenXeNjIN197%2FF5Q%2BWYrlskH%2FlvLdvg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b29675668ff7cc8-LAX
expires: Fri, 03 Dec 2021 09:34:47 GMT

GET
H3 200 jquery.fancybox.min.js Show response
orlen-news.us/lander/orlen-offer-obj-/land/assets/js/ Frame C067 67 KB
22 KB 700ms
699ms Script
application/javascript 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/js/jquery.fancybox.min.js
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-10a9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pccDR6ywSjKbXMiFdRgTRqYiAy9aXyosfdCoSwyZFq9mOxXas0oPfQ%2FgbM8rrMA7PNxzdXiuiR71ihJBYKYcW6GgTkILQII5oWvXsDnSo%2BXtx1qLwbK4K0ItFEJHrvebctnw9CGp0Bfqn5jR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b29675669017cc8-LAX
expires: Fri, 03 Dec 2021 09:34:47 GMT

GET
H3 200 slick.min.js Show response
orlen-news.us/lander/orlen-offer-obj-/land/assets/js/ Frame C067 42 KB
11 KB 684ms
682ms Script
application/javascript 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/js/slick.min.js
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh5SP%2BkmvCClzQ%2F3dBr2YlBbDQxgntRN7ACdWDIR3jA6%2Fslez4wcSvzS%2BjYYG2wY3ZgnTf7ZzyRddOqwNOsVYn6bkw%2FGDbe1H%2F3O1ZZNoqYVcExtRqnIwRKG1TBk3l2oLHvRMA94ABtkHH%2BF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b29675669027cc8-LAX
expires: Fri, 03 Dec 2021 09:34:47 GMT

GET
H3 200 chunk-vendors.js Show response
orlen-news.us/lander/orlen-offer-obj-/land/assets/js/ Frame C067 539 KB
195 KB 991ms
989ms Script
application/javascript 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/js/chunk-vendors.js
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: W/"6196836a-86abf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cc4g49XzB0c1lSaI6TGd%2FQQs0Be5Xq4LDgC5Qp%2B%2Bnj7AcQCDbM1V%2FPRO%2BA7E1qU%2BYi1l65OuvqayBRksTfR%2FJvLA%2F0AKJVDIQy5j%2FDj63Sj14QhYPOvXnwrCnCEsq16GNOe7hHan%2FkdTXE4Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b29675669067cc8-LAX
expires: Fri, 03 Dec 2021 09:34:47 GMT

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame C067 29 KB
9 KB 330ms
196ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 481166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8889
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-72d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53PfhDVGzl%2B5YZ%2BHPHeSgd6HorsfLn6zzHA3MVW2b2iQaSGxLd0C9VGqxg0mhUc7hboKTjiigYeu8dX4EmaOKGnOFZatWTPTCqymZ10WPWWxzmFdqYkUaGF0BhX8yiLkzOn6AH8Q1ACDqRPH7q1jn7xq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2967574b857bc1-LAX
expires: Sun, 13 Nov 2022 09:34:46 GMT

GET
H2 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame C067 238 KB
44 KB 207ms
73ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 480912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44414
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e29-3b7cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BinS8IqwUUbKiuW45Qtq%2B0egY%2FvUYvnsTCdS4FjonRlNIxbA96P%2FPit6uKfCSANewFXsiA9tcVOpyCw7IeQWSSj7bWu18MxBad4XwdqQCVc%2Bf7%2FoQH3EODNUlNYhhlvALRutlT3VY4M8OMrVFNZOSUSP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2967574b867bc1-LAX
expires: Sun, 13 Nov 2022 09:34:46 GMT

GET
H2 200 inputmask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame C067 110 KB
19 KB 339ms
205ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/inputmask.js

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 480977
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19017
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTxAV%2FAqnrFDO4oruwISa3rgn%2BBwfdA0fCx7KQxL0PCv8SH%2Bwl7qqWgwhI5pMQvv81J2yhs5Re%2BmP91pSFmsHbBSVwxESEA1JjbdNk67Bo8eYxuwmC6rjrBb3mQ7Yi1l4JCGlUgQbymQbHubtK6Ih1l1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2967574b8a7bc1-LAX
expires: Sun, 13 Nov 2022 09:34:46 GMT

GET
H2 200 jquery.inputmask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame C067 3 KB
975 B 356ms
223ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/jquery.inputmask.js

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 479617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 655
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=di%2BhwHen4kSqPPci5msuKu8%2BtyUauyZF0WTBV9JF%2F9YBHQnKHVVmZYxecD5AJve1b7I1swaFdaieuhB7IgapgImDX4oz3J%2FJcPfp%2FaH1QKAKbnEK1qEsxfgHN9vD%2FM6OUwKBoJyb3jTMGc6R%2BuaPz01u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2967574b8c7bc1-LAX
expires: Sun, 13 Nov 2022 09:34:46 GMT

GET
H2 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ Frame C067 25 KB
3 KB 202ms
69ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 481159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1970
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-62a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l64NIU7WgenkwwUazJrMCAVvJs%2FT87dL654DHwjvIl2Apvm5abdXm6LJka4gm%2B1Il7%2BZwHC%2FbZlcHruE4WqI4U6zKrR6%2FzcewfMRQwNoQegn4Y11l9MtQdjke0C6YXTuKvjI2F7dj2bhsg2qFzXcNEVv"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2967574b887bc1-LAX
expires: Sun, 13 Nov 2022 09:34:46 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 156ms
155ms Image
image/gif 2607:f8b0:4006:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=&cv=1&v=3&t=t&pid=973205391&rv=ba1&es=1&e=gtm.dom&eid=5&tc=0&z=0

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 09:34:47 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 poster.jpg
orlen-news.us/lander/orlen-offer-obj-/land/assets/video/ Frame C067 564 B
564 B 73ms
72ms Image
text/html 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/video/poster.jpg
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e%2BK9YAQ%2F3p9b0ouIJZRPTUO1tBjz07PIJ4TIFIGm9XMMi%2FvS3qX9pqNd5GEtpFMx5GAMRBiUcTaPg7cw3O8%2FzlcBl7suOhI1wHl9i7esWpW9PVH2HPf9%2B9CorZb8%2BxlL%2Ftzazux0WjAGz5N"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6b29675abca17cc8-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame C067 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C067 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C067 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
ipinfo.io/ Frame C067 638 B
598 B 251ms
115ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?callback=jQuery341036465525671459864_1637660087480&_=1637660087481

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

9fabdbe2d54f1f25234805b890ee5e6808d957f58cdd8a5fd922450793880ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 1
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
ipinfo.io/ Frame C067 638 B
407 B 251ms
116ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?callback=jQuery341036465525671459864_1637660087482&_=1637660087483

Requested by

Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

376c54c61dc222b1fff5c34fde3ee95d77bf79356a813714c5ec72372980b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://orlen-news.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 1
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
H3 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/ Frame C067 69 KB
70 KB 142ms
76ms Image
image/png 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 09:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 480989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70862
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U1vxhE7EbuenQ3MEJaYya5qEU2Sc%2FsUgNuOZXARsB8OlJrlbM3zQjaGE3oeQPOMAsMVuqViSvemIZ46QkL9EsCeJm5S2%2FlSFQD4C%2BfR3ZE14ZqVT0A9NIkxhlw2k98RtOwQ2kIWQsWI8%2BL2l%2FJegOHn"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b29675d68917b02-LAX
expires: Sun, 13 Nov 2022 09:34:47 GMT

GET
H3 206 video.mp4
orlen-news.us/lander/orlen-offer-obj-/land/assets/video/ Frame C067 75 KB
76 KB 1968ms
1967ms Media
video/mp4 2606:4700:3032::ac43:d940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/video/video.mp4
Requested by: Host: orlen-news.us
URL: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9a6ae62b2ffcb59419370f3f16cd2e9b117264a34627001ac48e449281a9d5

Request headers

Referer: https://orlen-news.us/lander/orlen-offer-obj-/land/?_token=uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387&
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=4030464-

Response headers

date: Tue, 23 Nov 2021 09:34:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
Content-Range: bytes 4030464-4107132/4107133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 76669
last-modified: Thu, 18 Nov 2021 16:46:34 GMT
server: cloudflare
etag: "6196836a-3eab7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAsBh%2B84rssgSrQYjRzOigFuRUBqAAwbY2FgUX7E4yLqq%2FeIU2Gk2btHd%2FyfTSdv7MrcQ8gdZLvZjr6S9xl673xx%2FP0uNAm9tpNYb4p6DimvBByeG0T8xix%2BpRNcFsvfXgoN49zGIcQMaswc"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b2967630b237cc8-LAX
expires: Fri, 03 Dec 2021 09:34:47 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
orlen-news.us/	1970-01-19 23:38:58	Name: _subid Value: c3e2s91vnd
orlen-news.us/	1970-01-19 23:38:58	Name: _token Value: uuid_c3e2s91vnd_c3e2s91vnd619cb5b5ae78a3.69810387
orlen-news.us/	1970-02-07 21:50:06	Name: e94fd Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NjhcIjoxNjM3NjYwMDg1fSxcImNhbXBhaWduc1wiOntcIjk5OVwiOjE2Mzc2NjAwODV9LFwidGltZVwiOjE2Mzc2NjAwODV9In0.PmPk1ugUwAdgyeZIlKZ6zbQ61G6iz_4PPsM2v3FR2YA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/video/poster.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://orlen-news.us/lander/orlen-offer-obj-/land/assets/video/poster.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
ipinfo.io
orlen-news.us
www.googletagmanager.com
2001:4de0:ac18::1:a:1b
2606:4700:3032::ac43:d940
2606:4700::6810:135e
2607:f8b0:4006:808::2008
2a03:2880:f012:8:face:b00c:0:1
34.117.59.81
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1b180168f33be9dff3f39fd2f733bef61c1a4b2b8b34ce6d130cde0cb21db880
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931
3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695
376c54c61dc222b1fff5c34fde3ee95d77bf79356a813714c5ec72372980b526
5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a
78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07
84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce
84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c
9fabdbe2d54f1f25234805b890ee5e6808d957f58cdd8a5fd922450793880ebc
a0f70ba5eeef9c7de571640647e792de7b54aa6276eb0d303137327f41a65490
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be
c1e5ec7351a0f73e9ea49d063f48e7c9f593795542e87fd9c720987f70409f68
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe9a6ae62b2ffcb59419370f3f16cd2e9b117264a34627001ac48e449281a9d5

orlen-news.us Open in urlscan Pro 2606:4700:3032::ac43:d940 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

39 Requests

100 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

7 IPs

2 Countries

4334 kBTransfer

6831 kBSize

3 Cookies

0 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

orlen-news.us Open in urlscan Pro
2606:4700:3032::ac43:d940 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

4334 kB
Transfer

6831 kB
Size

3
Cookies

39 HTTP transactions
7 data transactions