ofertagroup.space Open in urlscan Pro
2606:4700:3030::ac43:813f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ofertagroup.space/
Submission: On December 14 via api (December 14th 2021, 6:54:50 am UTC) from FR — Scanned from FR

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3030::ac43:813f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ofertagroup.space.
TLS certificate: Issued by R3 on December 13th 2021. Valid for: 3 months.

This is the only time ofertagroup.space was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PKN Orlen (Extraction)

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:303... 2606:4700:3030::ac43:813f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	2.16.186.242 2.16.186.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3031::6815:5a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:46e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
53	11

28 2606:4700:3030::ac43:813f (United States)

ASN13335 (CLOUDFLARENET, US)

ofertagroup.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:5a19 (United States)

ASN13335 (CLOUDFLARENET, US)

companyapidata.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46e9 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	ofertagroup.space ofertagroup.space	7 MB
5	googletagmanager.com www.googletagmanager.com	194 KB
4	tiktok.com analytics.tiktok.com	87 KB
3	google.fr www.google.fr	764 B
3	google.com www.google.com	764 B
3	doubleclick.net googleads.g.doubleclick.net	4 KB
2	jsdelivr.net cdn.jsdelivr.net	12 KB
1	geojs.io get.geojs.io	845 B
1	companyapidata.info companyapidata.info Failed
1	googleadservices.com www.googleadservices.com	14 KB
53	10

	Domain	Requested by
28	ofertagroup.space	ofertagroup.space
5	www.googletagmanager.com	ofertagroup.space www.googletagmanager.com
4	analytics.tiktok.com	ofertagroup.space analytics.tiktok.com
3	www.google.fr	ofertagroup.space
3	www.google.com	ofertagroup.space
3	googleads.g.doubleclick.net	www.googleadservices.com
2	cdn.jsdelivr.net	ofertagroup.space
1	get.geojs.io	ofertagroup.space
1	companyapidata.info	ofertagroup.space
1	www.googleadservices.com	www.googletagmanager.com
53	10

This site contains no links.

Subject Issuer	Validity	Valid
*.ofertagroup.space R3	`2021-12-13` - `2022-03-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ofertagroup.space/
Frame ID: 595470090105F4A7FF392F3C4F64AED6
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PKN ORLEN - Gaz i energia

Page Statistics

53
Requests

96 %
HTTPS

80 %
IPv6

10
Domains

10
Subdomains

11
IPs

2
Countries

7358 kB
Transfer

18704 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ofertagroup.space/ 261 KB
76 KB 391ms
263ms Document
text/html 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47067597f1e39de8f158ce1c5b57eccb91d41ea5b62733d1fd08f7d0dac9f73f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Tue, 14 Dec 2021 06:54:34 GMT
pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viAXBmo2GsOjZWnpkPFQYmU7RljvWjzbz%2BlqdhC5ZdbhI78tUSd8HW6FzugwT%2FKFMTrKRSvNMzyMVw5kZUv8i%2BUq4aZofiH0lGh%2FXRxCAZ%2FSEeLFGor6iVlXK1ME45cCy76mfAEDgoBTjYsf1iRbWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bd5858718cf3755-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 111ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10800292874

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

575b783caa9acae82ecd0b35bf7ec475a8321447af916c6c9e7eb7554515fc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39593
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Dec 2021 06:54:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 137ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10785975675

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e132bf4c80ef7bc25ddd83eb37ea1448739ebc766d5c4ae77b1af8266e4cd4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39595
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Dec 2021 06:54:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 103ms
66ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10810434159

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4798cc6b17311d2b4c47166797fc18a1fd517eea44d342c17120700512e3cfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39594
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Dec 2021 06:54:34 GMT

GET
H2 200 fonts.css
ofertagroup.space/site/orlen-pl/css/ 3 KB
1 KB 147ms
144ms Stylesheet
text/css 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/css/fonts.css
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e19f718b757d12c217db8d4925f5e0e92ecd662b53de444587adec676bc70a3d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-b34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFFy8aU%2F8W1iRiCxU1mlAfKAcOL0F%2FmVgLRavGLpgW8mq%2FA1vxVaoCYsEhJb0O7LDMr7M91NGlD%2Ftn4ZRAOk8PLXveQx2ZVctxj%2B51lsZFS4Wg0lYPiS8T%2Bj2kgksNQbNZ57xtJF1Lh4%2B34BMPyBYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db6e3755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 app.css
ofertagroup.space/site/orlen-pl/css/ 828 KB
75 KB 202ms
199ms Stylesheet
text/css 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/css/app.css?v3.1
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2efee6d4c639143008cf87e7a07a36bba7fae77cce92a4042de181ee73a2e58a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-cefd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LK%2Foz6wunWqydD14RaAWczoRfL7D422riN5dC55w6InOKoipgegdtKm1kkY2%2FkECTJ58mXlNYRoE9MAE9%2FGVhM7fEUegldzADpxT4AglYrNXMXShciuUIT05rY%2BDTyRt9orNH%2BtvYZ45CYU%2B4%2Fgd%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db6f3755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 163ms
52ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4270062
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-mxp6924-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6bd585896ea0d600-MXP

GET
H2 200 ion.rangeSlider.min.css
ofertagroup.space/site/orlen-pl/css/ 11 KB
2 KB 156ms
154ms Stylesheet
text/css 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/css/ion.rangeSlider.min.css
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-2b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReUgIAKX9W3gxHrYDAD6E6jWl0XoKxxQNpoJrC2RujhK85FgL5UXaRBU%2BC2W112B3ruFkfQX84nZu8nM1uWnNfmcAHrTa4htM7jSdNT6IXhh%2BsdYFsag7GESvzmEnQT1dA6tDDV3ySiIVEl7JAF0Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db703755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 jquery.fancybox.min.css
ofertagroup.space/site/orlen-pl/css/ 12 KB
3 KB 142ms
140ms Stylesheet
text/css 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/css/jquery.fancybox.min.css
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeJFSTIGUoM9QD7b%2ByD%2BHFJ3NoBA6pzJDp1eXWhFl51dnmYaapb7d5lLSzpD%2FNPl8BP11kB1vSw8FwsoQ6jLh%2BEQyCh2tUoGzJITWBmhtBoheeDllC%2BbhLwfKVMY0%2Blz4TFJhll0EVuC2AEOimjrDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db723755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 jquery.min.js Show response
ofertagroup.space/site/orlen-pl/js/ 86 KB
31 KB 102ms
100ms Script
application/javascript 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/jquery.min.js
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-15853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3PoP%2BnQ%2FQsQ8Ne5l0wco3qtHLVrbMIW6oplB%2Ff4ikjDEGMZlDe7oAytK81ivKpxNGCsWauGfsumictXSdWztuV6ocePYNZpfPFCBlajLp%2BR%2BFZg0mwisJ77hmyL1WIm9DOsX0exd2NG%2F1yHG37fiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db763755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 video-js.css
ofertagroup.space/site/orlen-pl/js/videoJS/ 40 KB
10 KB 161ms
159ms Stylesheet
text/css 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/videoJS/video-js.css
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e76177722cff7661c6bf7cc77b62223a75a62b8238d029001b6a5c25e78a417

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-9ed4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbn8SL6SpDOH%2BX1sVFpigkL3eFYU1SigdOe3UAxUwb1Am2fpeMzZL14aISsoHipfKs4YyCgwJU8hbAVBpMVjuQ930%2FVfO4O8lzsHcQwijlmPARcu9MT9iWB68ExGi394aP2GyX6OvEoh%2Fx8keQS8tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db733755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 video.js Show response
ofertagroup.space/site/orlen-pl/js/videoJS/ 1 MB
334 KB 238ms
236ms Script
application/javascript 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/videoJS/video.js
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d3349232417f89dec7f5c26a3872bb542fceaba22361b580b78f6e8d92ef2c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-173a79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMc3lT5ypLYuP0EOKIbJcswZGjJweWTJAKlV4Ppgi142Pr2xEO6YB3VofsrwbMOdNAweHlHO5Hu7klmNh0giOQcWSXKDAs5Z8kVv3lBAOPVFLVvOcRUWACrAKcwAK9qNl6QtykgZSpOI092KvQHTTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db773755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 ion.rangeSlider.min.js Show response
ofertagroup.space/site/orlen-pl/js/ 40 KB
10 KB 164ms
162ms Script
application/javascript 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/ion.rangeSlider.min.js
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd9603ca964bc0cc45314f6906cdb9f58ce78b1386a51cafe27aefc79f5c697a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-a0fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDey6pGq0dnD%2FEWUhzKABUyd8Bm2SXuP1jFZa8KEvv1Xxl4Z8RqTSoOJriHei1TQnZQfJhzhM4%2Fg%2Bt9aL9GRArCvUBNY7ExxH0MQ2qjjsgCufSr1g0hyA7OQLXm3ZOQ1sxa9gAGxlWqgct2CBGVQFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db783755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 jquery.fancybox.min.js Show response
ofertagroup.space/site/orlen-pl/js/ 67 KB
22 KB 165ms
164ms Script
application/javascript 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/jquery.fancybox.min.js
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c02caf2a0f16318965676fd4b265265728d64fba2794a20b07151a4e891fca6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-10aa9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12NrcGVcU3%2Br7TyHUfMbWiAcvq1Y0DKor%2FZY7Gz9t61D1rGeN9P2x2KgsvXF8Kt1Pa0uzhDPsYykHvG5%2B3%2F8qj4Kk%2F0f0Vftf2s8qAJkoQTM7zXAbsSVN8vAitglS4MnvcbSoswFcRMeU3L%2FA3nl4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db7a3755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 intlTelInput.css
ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/css/ 26 KB
3 KB 143ms
142ms Stylesheet
text/css 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/css/intlTelInput.css
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d66ddce0898e40dc42ec747cf843340defa57df8ccd855c97ce77c61d84eb0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-6646"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVaiDhZTw9FzEPlRjokipzEIudACzxJTZ7XFIPurWy5ftXo3%2B0oiKnRSe%2Fd4z%2FJaFVejnfGUDViQM6NoyWyZlk42UBJ%2FJl0YLEeFIu9jwEevivwrtZED5EpoUTQDbV7PL3RV%2Bx3Qnabj2V82p3hBGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588db7d3755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 registerForm.css
ofertagroup.space/site/orlen-pl/js/registerForm/ 2 KB
882 B 159ms
158ms Stylesheet
text/css 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/registerForm/registerForm.css?v=1
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6185c4ecfedfdb5e9b9e84c20e9b080c3700fb643d50898020fb5fef9e119a3a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-625"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AcrQrH9qgv3AiRR4XCPcHf5q1LjIFkFyUFqEbLsJw8VWVWMK7PI2kB1oA9UBkFtIC38dTV250p5ew9XQFXpSCTYRDrK8v5GR2lSLwZcLZ41iagpwSN5Py8zrN0fPIkkKacSS3QEY5JIzYaKS8bhaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd58588fba03755-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 9.svg
ofertagroup.space/site/orlen-pl/img/ 2 KB
2 KB 546ms
543ms Image
image/svg+xml 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/9.svg
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-70a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPWTDhHvLKQP73ASFZrxyPBWeNJMCxPbJLuZcKM1MjJB%2FuTYJ9R6GMyR2B5vi0n3av%2FZPJQlhocU0yEEEVD%2BdQ6fnc8vciTtniUIzjFFbLRBocvR3svTtvurthlCTdhDplilpd2w6ihzkWaVjnwVEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd5858adfd483af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 gerb.png
ofertagroup.space/site/orlen-pl/img/ 25 KB
26 KB 243ms
240ms Image
image/png 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/gerb.png
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1af272e19a4e8bc389478e7acbb3210362aaf7032ea5b8e40d47dfc9d4410d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25587
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-63f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrVjqSzzWdtYaZN3KhZ3RyoSHeg6PwkfgYz27kAJgAV34kkf9wpi9Sz%2B8mwdW578jREMUQFpgExHU73OLSNe1YLPV0gJDf75Kvbs56NuhrcytyM2RlYjVPqJQJm74fnihJSS8aGtVakmAmeoiPKthA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfd583af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 preloader.gif
ofertagroup.space/site/orlen-pl/img/ 9 KB
9 KB 243ms
240ms Image
image/gif 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/preloader.gif
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d645c0ce08af9538f2ee909785e6bd6fd19c314fc28f2e58435d0af82d04cd23

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8852
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-2294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyRV1B%2FuMZQ2WErClNvVeU3FJP7D5oWP0fmyEYFQuZzLySzkGRw2gyX0OMWyVsU0yza9h%2FHSLN5gL4fxioQTDr2%2Bwf9SYhgZPNsEyc8bXgFkhBIe%2BQyrMhVL0r8AyKH2lMQ0uP1U4tP%2Fbo8az4QLiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfd783af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 10.jpg
ofertagroup.space/site/orlen-pl/img/ 77 KB
77 KB 546ms
544ms Image
image/jpeg 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/10.jpg
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78371
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-13223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3DDcou5WdKHiC9H2BqlPCv0y5QmzRgT2Gbh2oHydX4Tp3RbuEmulUy9t%2Fbj6TWS22HSn%2BSafvdMsv3bqhJ1eMO%2FSNoPpSzdJufrqbaE3hzU0IfKgBWUFvRuGbepXzsY1EBikespZakCxHy%2FCW870w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfd983af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 11.png
ofertagroup.space/site/orlen-pl/img/ 1 MB
1 MB 484ms
481ms Image
image/png 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/11.png
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1150172
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-118cdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2By90VbfyVv6WnTDfTZwJDHlq6V5ENXHjZh%2BVlauqk%2BtqtdyW%2FymB%2FjhKpXI7yRFrfa701hz8MvMSYHdSmXYVnPez81z1PfQQ3W0Lv%2BugG6hPfVJPsdrV%2FxlndP3%2FMgV%2BBBfMdJgOG3ZBzAn51DkUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfdb83af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 12.png
ofertagroup.space/site/orlen-pl/img/ 577 KB
578 KB 245ms
242ms Image
image/png 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/12.png
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 591037
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-904bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05HvEsvmTxlUYtCl77u2ZCYLAgdkjinCKbRKP2I1aohRva%2BMck8zJWpSO9j7fFVCaW5YsluvpopL1hVNFN7e8GEA4AZzSlAGn%2BmA%2BFk2sHLiLw3Xq0p8lc626lTnXvNH1vwJK0CyWQ%2B7hyTusBP0dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfde83af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 13.png
ofertagroup.space/site/orlen-pl/img/ 617 KB
618 KB 3185ms
3183ms Image
image/png 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/13.png
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 631847
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-9a427"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOtq%2FY4msLkscYL97sZAOVrMTbnuURi89km4GfCYdzfX2lvIqUxMKG18nyIdSh8vCHkgOARXoXmrHY0C5cWHrcCsKW9TgYI6z%2BgSabqvgPZl4ohDHXjbNxRwucyVNGWkBVUYyhqrhB9fGmOmxyupBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfdf83af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 14.png
ofertagroup.space/site/orlen-pl/img/ 1 MB
1 MB 6329ms
6327ms Image
image/png 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/14.png
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1166276
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-11cbc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKHSkTYxSWEYUTUCTjzbb2SRIoeN%2BbuTyMlpYMJEKRJIBpkgf%2FnOEbIAJSl7tBt2IcADo9i1RS2PdteSE8pd%2BbmycmgG7o%2FLK5y02XqTe%2FHoe5z%2FPGYc7iF8tRiJsdAgwbfl3RIT6uqLp08%2BbZFGkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfe083af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 15.jpg
ofertagroup.space/site/orlen-pl/img/ 3 MB
3 MB 118ms
117ms Image
image/jpeg 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/15.jpg
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2746610
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-29e8f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0V4RgJjCS811KXuXlies59P1UJF2CCJRzwQ%2FqbOMr2UvANgcU9ywRdhJWyS9QUTxJIC3Fm3Od2TuTb9nhqsE6xWG1JN0vUMuE%2F00RvJjqSgwh%2FdZEtBgYRJil3UQ4u0WJeJoUDbKnAGb41Olvm5Ijw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfe183af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 16.jpg
ofertagroup.space/site/orlen-pl/img/ 57 KB
57 KB 11660ms
11658ms Image
image/jpeg 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/16.jpg
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57989
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-e285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BCVvgGV79%2BCX9R3Iqd0lIzxN89Mzq9rvzwg92PvmofolXx01Ue0AhkqmDoF7H8lLRDfl9BOikbSfUSNxOV9NIEXzWspHo1TuI%2BuIAgK%2FRZ3%2FXd9CurnTXs15BKkq0WpQlls5GSE48Ey6YJos5QdmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858adfe283af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 108ms
56ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4270060
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19147-FRA, cache-mxp6927-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6bd5858a8ef3374a-MXP

GET
H3 200 intlTelInput.js Show response
ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/js/ 88 KB
21 KB 209ms
208ms Script
application/javascript 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/js/intlTelInput.js
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a3ec7fe8e0ea7fe1eb2624f0707244f8086f9cd06fef732e995d7973d8dd5c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-15fcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IBeinx5PlnwlhKKZeZww3DX1u7POzVySQcVlmiMQp5IvqMZgUHefcToc0GPRuBvkqDqB%2FGmEGRia2GutfO4dhjiUvI4hQAHZBq%2FSWJc9AlyPngRavo2StsdmOmylu1xTwbnEHzeHd%2FxOHogNT7%2Fjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd5858abfad83af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 registerForm.js Show response
ofertagroup.space/site/orlen-pl/js/registerForm/ 10 KB
4 KB 182ms
180ms Script
application/javascript 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/registerForm/registerForm.js
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cda76553468ec4134f070e6acba95281b6fbf90016fdf9e62a490a7c620a7e3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-2750"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GNPjmejelJpgfBdvICeCKe0sEYNauO6qzjeAxHYBU7lj6wv3Wic%2F7RG2Mk7KgVXMKoBq%2F5fd0bjfMTC1lWd07cMgV%2BaH6xdlmAgAj%2Bdl988qsaq8A6VBs2l0a0ecWo4SetpGMSPiSmL3kOyTQYYOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd5858adfcf83af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 118ms
50ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10800292874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 06:54:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 75ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10785975675&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10800292874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fa0e834039ed6ffef7dbed2aa81b8708214fc258a3addb7f5d51c5a64e82f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39597
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Dec 2021 06:54:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 86ms
52ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10810434159&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10800292874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6db145dabd817b224928e5823f768d672c38d7a5febf8b3c48c09849bb96a48f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39596
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Dec 2021 06:54:34 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 118 KB
36 KB 231ms
138ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7834930d02299cc017b7ba4ee8e823d43c86515b46a6ce4c967b982c3f8cba14

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 2872257
date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: gzip
upstream-caught: 1639464874823921
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
pragma: no-cache
server: nginx
x-tt-logid: 202112140654340101131350791F72B478
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,2.16.186.238
x-tt-trace-host: 013e3c1e11bbe5889bc763e80c20ae3f609025b37c30be1906f37e0477922fbad5d8a4f48f9b4ceb005961c6dbf21c0b19d323f13ffc337692a71325caa4ef1ccaac8778a595d1365da25bbe06dad89b27b401fb6dafd2910306ed93a516f3d19b
expires: Tue, 14 Dec 2021 06:54:34 GMT

GET
BLOB 200
OK 4171b692-c5ca-4ac1-baff-db77b47c7ce6
https://ofertagroup.space/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ofertagroup.space/4171b692-c5ca-4ac1-baff-db77b47c7ce6
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET STRATEGIA.mp4
companyapidata.info/video/orlen/ 0
0

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe425a4f92df6dac0628adfbd3c931fc75988842caad39f3745a109e4a9f459e

Request headers

Referer
Origin: https://ofertagroup.space
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 arrow.png
ofertagroup.space/site/orlen-pl/img/ 2 KB
3 KB 11592ms
11592ms Image
image/png 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/arrow.png
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e1001118a4f9c12416a62abd82bf27297f63e0155220f0c7515e23ae43610a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2190
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-88e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTnTLAIoeMiTD5Ix0X0cj6S%2BHVApADFYnDC7W7aZsrJ9V6gQSnCxP03hiazNs3n2XNeB2mkuHMR5r1sGilssT8UiuY4SUz2mIHL4ZHw404Q6gQMi4V7Nj1watgDzhaQ8XrsTqbC7ZEZ8zh3IHUJkRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858b88e883af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H3 200 arrow1.png
ofertagroup.space/site/orlen-pl/img/ 2 KB
3 KB 11606ms
11605ms Image
image/png 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/img/arrow1.png
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a47586f8967de7e9e530eddc3e6e5b8a977f217d03bd89ec065765a590ad062

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1988
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-7c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CvY2n%2BhKteSQXGs2EjnQ24KIw8F5%2F8Z1u1pl87Yasa8SvxOygHXaQxj4n6kjS70G4bf81hBg4oHyWAM%2FC%2FNtBDPdxOU1HnjJuxu%2FjFfXpxMLJbEsWdoWkWxaILa2QN1HJ93B0IalgbuNBlBHo2B5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858b88eb83af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 206 STRATEGIA.mp4
companyapidata.info/video/orlen/ 8 MB
0 242ms
146ms Media
video/mp4 2606:4700:3031::6815:5a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://companyapidata.info/video/orlen/STRATEGIA.mp4
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ofertagroup.space/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 14 Dec 2021 06:54:34 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Oct 2021 08:30:25 GMT
server: cloudflare
etag: "61766b21-e25899"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmsvjDHkrBCegPtvh1OeWDbweiinaIBsSe1UdE1QhlOakp1Kiu%2FdGDCo0epNj9msJgBqGtduHnI7PGzb4%2F56B65e3MINsPyITwME1jA4FGYsz0ovFCw8mIZld5Asq5WaXn5ye%2BdAs2tl8Rim%2BQz1Tz9y"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-14833816/14833817
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd5858c1f6c83a6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 14833817

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10800292874/ 2 KB
1 KB 109ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10800292874/?random=1639464874792&cv=9&fst=1639464874792&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727fa238aed6c8b3e3b8171d4885343e70a2c2e116279082fc2dd7b0051e1154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1037
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10785975675/ 2 KB
1 KB 106ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10785975675/?random=1639464874797&cv=9&fst=1639464874797&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50ec7f669c62a485752d4d0432978826ecced71267472f5e2c61c63ecf184741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10810434159/ 2 KB
2 KB 92ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10810434159/?random=1639464874809&cv=9&fst=1639464874809&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceab6dad406c74e76ba1b129b8017ce5789eb525eef89b754d1d96ebfa3b1664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country.json Show response
get.geojs.io/v1/ip/ 80 B
845 B 223ms
91ms XHR
application/json 2606:4700:20::ac43:46e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/country.json

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/site/orlen-pl/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4553df08da1ac9d6e493dd67f1991e37017e1b35697a193ba986f3a275659846

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ofertagroup.space/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 2c688bca6b0d934d076115cd57750109-AMS
x-geojs-location: AMS
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2F4c1KZ4hHDfSLMgKX%2B%2FSVfsTawCH%2FbTycJyAAl%2BmnzSeOdLLGpbZzW3x%2BpuGUivxeP%2FDqFH23B%2BqTwkmySPlxQdYq4qSgDyXYMnZOz2hk8dUCCxD%2BHS4asnT4j9pZizFS3MkEm9fq0ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 6bd5858d39b90f56-MXP

GET
H3 200 flags.png
ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/img/ 69 KB
70 KB 11463ms
11463ms Image
image/png 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/img/flags.png
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/css/intlTelInput.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:35 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70857
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: "605b1060-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1eVYc4%2FlJ3XVMaJmaJkfPhZehXFgieQi7%2FRDPOs0TawqxnN296%2BPCtkcxc1iIZZze6%2F2ZLQHnLZkwUoPWkzc5RsuibZnLR8fZ7UJdceJ576vbHqJZHsBmIdqNnRMimCjcyW9HG0%2FG7j78weXk1IOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6bd5858c6a9783af-MXP
expires: Fri, 24 Dec 2021 06:54:34 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 128ms
128ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 28723f7
date: Tue, 14 Dec 2021 06:54:35 GMT
content-encoding: gzip
upstream-caught: 1639464875002252
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=0, cdn-cache; desc=MISS, edge; dur=0, origin; dur=90
pragma: no-cache
server: nginx
x-tt-logid: 2021121406543501011313507910735CB5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 90,2.16.186.238
x-tt-trace-host: 013e3c1e11bbe5889bc763e80c20ae3f609025b37c30be1906f37e0477922fbad5d8a4f48f9b4ceb005961c6dbf21c0b19d323f13ffc337692a71325caa4ef1ccaf9a427b1bf8a063b24e7894c859c6ece3fc4e46d54dff1fcbbe79bc7ce25413e
expires: Tue, 14 Dec 2021 06:54:35 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 57 KB
20 KB 132ms
132ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=&hostname=ofertagroup.space
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f0e6c0766bfc75d27c1d215174293daa455c1b8f178401fc237341c668b07616

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id: 2872453
date: Tue, 14 Dec 2021 06:54:35 GMT
content-encoding: gzip
upstream-caught: 1639464875043756
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
pragma: no-cache
server: nginx
x-tt-logid: 2021121406543501011313509111719F71
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,2.16.186.238
x-tt-trace-host: 013e3c1e11bbe5889bc763e80c20ae3f609025b37c30be1906f37e0477922fbad5d8a4f48f9b4ceb005961c6dbf21c0b19fb21f9a159bc50d979dab9962090320c1d52878463714407d2e9c774e7c5df436b34f17bcc021a7d80ee9a9d7375c013
expires: Tue, 14 Dec 2021 06:54:35 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10810434159/ 42 B
108 B 117ms
47ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10810434159/?random=1639464874809&cv=9&fst=1639461600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&async=1&fmt=3&is_vtc=1&random=916601780&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/10810434159/ 42 B
108 B 123ms
54ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/10810434159/?random=1639464874809&cv=9&fst=1639461600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&async=1&fmt=3&is_vtc=1&random=916601780&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10785975675/ 42 B
548 B 111ms
41ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10785975675/?random=1639464874797&cv=9&fst=1639461600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&async=1&fmt=3&is_vtc=1&random=340516284&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/10785975675/ 42 B
548 B 107ms
38ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/10785975675/?random=1639464874797&cv=9&fst=1639461600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&async=1&fmt=3&is_vtc=1&random=340516284&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10800292874/ 42 B
108 B 111ms
42ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10800292874/?random=1639464874792&cv=9&fst=1639461600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&async=1&fmt=3&is_vtc=1&random=4162440971&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/10800292874/ 42 B
108 B 111ms
43ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/10800292874/?random=1639464874792&cv=9&fst=1639461600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fofertagroup.space%2F&tiba=PKN%20ORLEN%20-%20Gaz%20i%20energia&async=1&fmt=3&is_vtc=1&random=4162440971&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ofertagroup.space
URL: https://ofertagroup.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
564 B 135ms
134ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ofertagroup.space/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 06:54:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202112140654350101130060240470446A
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,2.16.186.238
x-tt-trace-host: 013e3c1e11bbe5889bc763e80c20ae3f609025b37c30be1906f37e0477922fbad5d8a4f48f9b4ceb005961c6dbf21c0b198043ecc4ec8a7c6f5d9778d91b69705f62f89c131e04aa8986f6c6f41c38b18ad5e4ac06435a8e98c5df268c62a494b6
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
x-akamai-request-id: 287258d
content-length: 0
expires: Tue, 14 Dec 2021 06:54:35 GMT

GET
H3 200 utils.js Show response
ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/js/ 240 KB
57 KB 191ms
191ms Script
application/javascript 2606:4700:3030::ac43:813f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/js/utils.js
Requested by: Host: ofertagroup.space
URL: https://ofertagroup.space/site/orlen-pl/js/registerForm/intlTelInput/js/intlTelInput.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:813f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e09fcd1c5b2a09016b0e89e8a71a0a3977b7ce074d02e399ba90e993a52f93

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ofertagroup.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 06:54:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 10:11:44 GMT
server: cloudflare
etag: W/"605b1060-3c1cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F98BKjwFkaADewzgLuSlO4QU1ulWjx7QYO7dLKNuz%2F1hgxSjIxKqLZoJttFYAxOXuhzKmeUHf8qiwWFCEbI5CoPVGfAqYyr%2FbULta5u3ern58%2FSYEM0HFgAhUBq2ywuuwaUhgjVDnAtIYQTbaHqoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6bd585d44e4983af-MXP
expires: Fri, 24 Dec 2021 06:54:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: companyapidata.info
URL: https://companyapidata.info/video/orlen/STRATEGIA.mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKN Orlen (Extraction)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ofertagroup.space/	1970-01-20 00:09:03	Name: _subid Value: 1k2gv464mv27
ofertagroup.space/	1970-01-20 00:09:03	Name: _token Value: uuid_1k2gv464mv27_1k2gv464mv2761b83faa3f6e00.55200236
ofertagroup.space/	1970-02-07 22:50:16	Name: 31bcb Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIwMVwiOjE2Mzk0NjQ4NzR9LFwiY2FtcGFpZ25zXCI6e1wiODJcIjoxNjM5NDY0ODc0fSxcInRpbWVcIjoxNjM5NDY0ODc0fSJ9.Oseul-vLKKyu4qVLt7t8f4HDAnLAGcyH5_Ia3zNNne0
.ofertagroup.space/	1970-01-20 01:34:00	Name: _gcl_au Value: 1.1.1463272653.1639464874
.doubleclick.net/	1970-01-19 23:24:25	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdn.jsdelivr.net
companyapidata.info
get.geojs.io
googleads.g.doubleclick.net
ofertagroup.space
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
companyapidata.info
142.250.186.34
2.16.186.242
2606:4700:20::ac43:46e9
2606:4700:3030::ac43:813f
2606:4700:3031::6815:5a19
2606:4700::6810:5514
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9
14e1001118a4f9c12416a62abd82bf27297f63e0155220f0c7515e23ae43610a
1c02caf2a0f16318965676fd4b265265728d64fba2794a20b07151a4e891fca6
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931
2efee6d4c639143008cf87e7a07a36bba7fae77cce92a4042de181ee73a2e58a
40d66ddce0898e40dc42ec747cf843340defa57df8ccd855c97ce77c61d84eb0
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
4553df08da1ac9d6e493dd67f1991e37017e1b35697a193ba986f3a275659846
47067597f1e39de8f158ce1c5b57eccb91d41ea5b62733d1fd08f7d0dac9f73f
4798cc6b17311d2b4c47166797fc18a1fd517eea44d342c17120700512e3cfc7
4e76177722cff7661c6bf7cc77b62223a75a62b8238d029001b6a5c25e78a417
50ec7f669c62a485752d4d0432978826ecced71267472f5e2c61c63ecf184741
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
575b783caa9acae82ecd0b35bf7ec475a8321447af916c6c9e7eb7554515fc6b
5e1af272e19a4e8bc389478e7acbb3210362aaf7032ea5b8e40d47dfc9d4410d
6185c4ecfedfdb5e9b9e84c20e9b080c3700fb643d50898020fb5fef9e119a3a
6a47586f8967de7e9e530eddc3e6e5b8a977f217d03bd89ec065765a590ad062
6db145dabd817b224928e5823f768d672c38d7a5febf8b3c48c09849bb96a48f
727fa238aed6c8b3e3b8171d4885343e70a2c2e116279082fc2dd7b0051e1154
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7834930d02299cc017b7ba4ee8e823d43c86515b46a6ce4c967b982c3f8cba14
7e132bf4c80ef7bc25ddd83eb37ea1448739ebc766d5c4ae77b1af8266e4cd4a
7fa0e834039ed6ffef7dbed2aa81b8708214fc258a3addb7f5d51c5a64e82f76
82a3ec7fe8e0ea7fe1eb2624f0707244f8086f9cd06fef732e995d7973d8dd5c
83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca
96d3349232417f89dec7f5c26a3872bb542fceaba22361b580b78f6e8d92ef2c
9cda76553468ec4134f070e6acba95281b6fbf90016fdf9e62a490a7c620a7e3
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3e09fcd1c5b2a09016b0e89e8a71a0a3977b7ce074d02e399ba90e993a52f93
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9
cd9603ca964bc0cc45314f6906cdb9f58ce78b1386a51cafe27aefc79f5c697a
ceab6dad406c74e76ba1b129b8017ce5789eb525eef89b754d1d96ebfa3b1664
d645c0ce08af9538f2ee909785e6bd6fd19c314fc28f2e58435d0af82d04cd23
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e19f718b757d12c217db8d4925f5e0e92ecd662b53de444587adec676bc70a3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e6c0766bfc75d27c1d215174293daa455c1b8f178401fc237341c668b07616
fe425a4f92df6dac0628adfbd3c931fc75988842caad39f3745a109e4a9f459e

ofertagroup.space Open in urlscan Pro 2606:4700:3030::ac43:813f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

53 Requests

96 %HTTPS

80 %IPv6

10 Domains

10 Subdomains

11 IPs

2 Countries

7358 kBTransfer

18704 kBSize

5 Cookies

0 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ofertagroup.space Open in urlscan Pro
2606:4700:3030::ac43:813f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

80 %
IPv6

10
Domains

10
Subdomains

11
IPs

2
Countries

7358 kB
Transfer

18704 kB
Size

5
Cookies

53 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!