courseorlen.biz Open in urlscan Pro
2606:4700:3030::6815:4ccd  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response courseorlen.biz/	1 KB 2 KB	378ms 345ms	Document text/html	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f6800b404db65d38d1bb17dc5784b503eda029be21c6790c7df03f7e45b6d4e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 expires 0 last-modified Thu, 18 Nov 2021 10:14:42 GMT pragma no-cache vary Accept-Encoding access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLvGvSNkACm%2B%2FF93Reo0oT0HXUhgE1A3TKOt7eoWGwu0yefyroVfo0Y5gWKVT9iSeKgZYpnGNXB%2Fsipdd6nREsewsz6A1Z2rmwtqQv%2BUOywjXlmn80J%2FteU7lD%2FKPK5NhlyyfyotNPLNK%2Fck360%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6b006ef1dc2568ec-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	74 KB 30 KB	36ms 15ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id= Requested by Host: courseorlen.biz URL: https://courseorlen.biz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 726d0d58c7c643ea4e9d9b86abb288c1928259d74cb93d3203ee1f513fdae9c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29984 x-xss-protection 0 last-modified Thu, 18 Nov 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 18 Nov 2021 10:14:42 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	22ms 7ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 25965 x-xss-protection 0 pragma public x-fb-debug 4+Rl7KPTTGbz4gFPKaXDQbD7GpnOgvdkqjVluiZJAJdXqzc3q8RE6MPo6JeYjh0icn7RlgRCJK/7yNpscyBNtQ== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 18 Nov 2021 10:14:42 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response courseorlen.biz/lander/orlen-offer-obj-/land/ Frame 867C	260 KB 74 KB	73ms 72ms	Document text/html	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Requested by Host: courseorlen.biz URL: https://courseorlen.biz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b180168f33be9dff3f39fd2f733bef61c1a4b2b8b34ce6d130cde0cb21db880 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-type text/html; charset=UTF-8 access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oo%2FJLtfxBBd5vbdQgm7OgOtvAJaZQ9QyOtj1VaVJCTqGQ%2Bxt0fj3yulVn%2BP2oke2fq2wG9EDOwYw2wD21jXsbCcPYO0vo5K6VpJXLRkwdNovB%2FBYGVEnrwYF5kAyzHOZ27lbGk9etrQzNYLd3RI%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6b006ef4196368ec-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	app.css courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 867C	782 KB 75 KB	46ms 45ms	Stylesheet text/css	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/app.css Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-c3800" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma9uv2ByIR8QYrEch3hDiD%2BE%2B%2FDwk1JFD3qkUtfGOpQdgL0LwTV%2B52CtkVv84KLOyKJtcK3TTBiR7XhuobmYa7as2igTZeOp7WvHrw4V%2Fi%2FsKP6oAD2QQccfGVqPuG2ydC4HOj4M1DovglTdxDo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef4aa9b68ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET H2	200	fonts.css courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 867C	2 KB 739 B	15ms 14ms	Stylesheet text/css	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/fonts.css Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69226 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-8d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS1M7rzrgkB6Y0Zkyo%2BqwOkxujhsE03OOzlp6CNfdazpj7HgbWv6h%2BOx9bHK%2FjmRDB8L5NpD9QsAPpnOQVd596NrU1GksotRO%2BN2Set%2FlkEv2IYOpLjkwB%2BW2p%2Bo5wRSbisG%2BOJim1sJjaTTCQA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef4aaa068ec-FRA expires Sat, 27 Nov 2021 15:00:56 GMT
GET H2	200	slick.css courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 867C	2 KB 831 B	18ms 17ms	Stylesheet text/css	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/slick.css Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69225 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-6f0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWuUe3wjrgCCk1FcXo07uQQQzJYToSKWM39PVRfT9ih474PPBxuDVewH%2F%2Ba3t1bkGr0AH9ICXJMxlDzD3cjq8Q7mdqGQMwB5oQPRV0k2YuqeDcoDxxJcV3P7Ecggp7rocFuQKvxdy7kyzXF3G1k%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef4aaa268ec-FRA expires Sat, 27 Nov 2021 15:00:57 GMT
GET H2	200	ion.rangeSlider.min.css courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 867C	11 KB 2 KB	17ms 16ms	Stylesheet text/css	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/ion.rangeSlider.min.css Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-2b4e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EqdtLNrHaikgcLqg2WCXuYJ0Jl6hDUwYxDbRqJOWqzgVOFNAYu8tSBgbnCC1WQ3Ncm7ap4cGGDlPcYNJ6Hl6RJuedA%2BGj%2Fbgb6Q2FjTRoMUpJXpAKRSTg6SqgeAqwF9YfzKk%2FaeO%2FdQvFBEsKY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef4aaa468ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET H2	200	jquery.fancybox.min.css courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 867C	12 KB 3 KB	16ms 15ms	Stylesheet text/css	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/css/jquery.fancybox.min.css Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69225 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-31fb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWUcrNH04GI9URVuCWVmxEn3CAGl3TZHipglKIvTRvlMVyEPYeUy2pitufohDaNatIeKH%2BI700i3FBoQI%2F8nq95yLv7mBx836acjsuZPuVX9L6%2FJElkNOhktU6ljPqzteYuXvJSkwzPuXB6eVlY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef4aaa568ec-FRA expires Sat, 27 Nov 2021 15:00:57 GMT
GET H2	200	9.svg courseorlen.biz/lander/orlen-offer-obj-/land/assets/fonts/ Frame 867C	2 KB 1 KB	15ms 14ms	Image image/svg+xml	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/fonts/9.svg Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-70a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbvekGVXlmzzsCPNFA1f9g%2FCAtuDZb3LCf6YKnm8rlhCrw1rHbXbxjgvBA%2FoTJt77ekXxQHp%2BPQZFAghtnE7w4GhTKDSxx9lqivZBub8YJa69puDIDI2rG7vJSLTpV%2BOJXLYZYlmRq7nK4heSw0%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef4aaa868ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET H2	404	poster.jpg courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 867C	564 B 564 B	18ms 18ms	Image text/html	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 50 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKwwFrQakYCQa47AdSVc%2BJtRWcCpj1i9aLUVRjNryGQYAvXnbqLv9c7OwLNYDQDd84V7WCjYhNdBJzf2X%2FhxJVomf9LaCeAtUYYH%2FaANMojbHkvQPFOQ91HfgaMCmdV5J2Z57%2F5L5KDBV3UU0jI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 6b006ef4aaaa68ec-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	206	video.mp4 courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 867C	64 KB 0	17ms 17ms	Media video/mp4	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/video.mp4 Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Range bytes=0- Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 Content-Range bytes 0-4107132/4107133 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 4107133 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-3eab7d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2QGIA7%2F3Lbvzyc6pwF7WZOiDNePxa6yj08XUVqoRiM1NQu38CMmiQ3v6Bt5RKKoifEvg2MffHdkgpDAmCfGjlq8N30NGlmtVuPMT9Y%2BeZob1gdrwWFMsPcfBywSOdbm2fgyWUyb4KIzgIB9Tzs%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef4bab368ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET DATA	200 OK	truncated / Frame 867C	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 867C	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 867C	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 867C	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	10.jpg courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 867C	77 KB 77 KB	37ms 35ms	Image image/jpeg	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/10.jpg Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 78371 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-13223" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l73jzdqSHKJsg5LmMGSQ%2FKg4jVb0AwQLUfGRlv80ssHPuHZ%2BE5v24he%2FbmndW2%2BGB0LdKEm9alv4OA6foFx3gpw4uvQL87AA9CC4WUjAme9HH1%2FOiGzOwYp9h9g%2BBur3zlrebt6DXM7pIGVJ2Z8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6b006ef4eb1f68ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET H2	200	11.png courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 867C	1 MB 1 MB	27ms 25ms	Image image/png	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/11.png Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1150172 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-118cdc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOakPZmLC8BNmiClwCLBmQC0ZDQT0730X1mDfaZC52LIR07DoJ8NCOb%2BwHVSSs4akmAhqOzaH%2BdnJAerszyg45i3t%2BDYk3PERXposgGatr5EujSmV4Mx6LMg40GNgLiePYOpNEQpNTIhz9YPYBo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6b006ef4eb2268ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET H2	200	12.png courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 867C	577 KB 578 KB	32ms 31ms	Image image/png	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/12.png Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69222 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 591037 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-904bd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jZEBKDm3XFB24eSALTVuDzzfdyO%2Bo6mPEDC5%2BWqLcKRSxOYSdvAWT3DevpGxHvd8Q%2BiEaSe6AhyvqlG90urhRCBDw2MuosGc3%2FuocJtkBJBFhOiLbFvbMbttRPMwqVbqbjb56lzTKGWaygiLdI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6b006ef4eb2468ec-FRA expires Sat, 27 Nov 2021 15:01:00 GMT
GET H2	200	13.png courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 867C	617 KB 618 KB	39ms 38ms	Image image/png	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/13.png Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 631847 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-9a427" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6gMfFM7PdTMvvGZW3f755JNX8b0ny8T6ul1lqegFyKzYjSCRbW81qTVK6O%2FkI1jzRy%2BzHXTU97V81RmYnijhybxx7QzQjfFzjKEAj%2FsklVGMvDxPD%2FMOXE716VXXvZKyUoX5HtFp49Wsd8oeiM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6b006ef4eb2568ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET H2	200	14.png courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 867C	1 MB 1 MB	36ms 35ms	Image image/png	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/14.png Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69221 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1166276 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-11cbc4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17XJkuQETWMvW%2B8xNep0wukM5Cbnb1XWDE2Der74z3UBdJ7GvWt9fAcaUHxZh7BbWigVX7UIgr7vs%2BlrRntTyvjMMBPs9qtXXXfh1UArezNApdty1Tvv6cuudrNXNR5otuF5cY4EbcIvp%2BFyUXQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6b006ef4eb2668ec-FRA expires Sat, 27 Nov 2021 15:01:01 GMT
GET H2	200	15.jpg courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 867C	3 MB 3 MB	38ms 38ms	Image image/jpeg	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/15.jpg Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69220 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2746610 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-29e8f2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV3k8h5nLBVWSEVU%2F%2Biv67PsOmEepf6AJw%2FLl1RTVK8n6USZfEauTsao1cKPYWB7KWcIfWULKrynEi4Mm81GjDBMLQ8Cpkhq2maMGwJWpj4SykwIDf80x13JV%2FET6GMpRH1LeDjIAA%2B8la7sdxk%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6b006ef4eb2a68ec-FRA expires Sat, 27 Nov 2021 15:01:02 GMT
GET H2	200	16.jpg courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 867C	57 KB 57 KB	39ms 38ms	Image image/jpeg	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/images/16.jpg Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 57989 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-e285" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVo7BvsuXWvBEVtH3ZFiukKdFUfm8ZVHmUkf4up875nWA9Nb%2FtcrEN%2FhPEXtPllZynnisMV9Sw0oxrtkVw%2F%2FkOP0fWL%2BzUP%2FLz8C1i6ea%2BBrySRiHBeIvmyl0%2BpeQPvWajxQaulA7s%2BDrhE53aw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6b006ef4eb2b68ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET H2	206	video.mp4 courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 867C	75 KB 75 KB	41ms 40ms	Media video/mp4	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/video.mp4 Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe9a6ae62b2ffcb59419370f3f16cd2e9b117264a34627001ac48e449281a9d5 Request headers Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Range bytes=4030464- Response headers date Thu, 18 Nov 2021 10:14:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3414 Content-Range bytes 4030464-4107132/4107133 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 76669 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag "617a7648-3eab7d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUSLcXyVGkc1zKQhLS%2FWRnjbdQ0b%2Fpu%2FtCjpFvhXJ5xykHBGxjVKOlG7hzIIV9OMcXrACb2VK2lw6ccXKA0ziYhoKsr1kXEHfXfPk7S3SeRFnR0YPTuMQqk5Nw6TTHSZMQHEBGSZapuHwIefnJw%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef4eb2d68ec-FRA expires Sun, 28 Nov 2021 09:17:48 GMT
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/ Frame 867C	87 KB 30 KB	96ms 21ms	Script application/javascript	2001:4de0:ac18::1:a:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding gzip last-modified Mon, 04 May 2020 23:02:39 GMT server nginx etag W/"5eb09f0f-15d84" vary Accept-Encoding x-hw 1637230482.dop004.ml1.t,1637230482.cds206.ml1.hn,1637230482.cds001.ml1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	jquery.min.js Show response courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 867C	86 KB 31 KB	50ms 46ms	Script application/javascript	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69225 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-15851" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8walJqVcq88lI0FZdtFjiZEP5h1Ig5tE9bayYE7hqP2r6sh2oGnyMk%2B%2ByW8CPjGe7mJ8DRnXZ8a23EduWSy2uxoZvHGl9rAkKffQ1jo8Cd%2BXrU%2FGOdA%2F5OYerMtlr%2FM%2FLl%2F2ZrL%2FMpQ%2B65Pb%2FkU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef53bd568ec-FRA expires Sat, 27 Nov 2021 15:00:57 GMT
GET H2	200	ion.rangeSlider.min.js Show response courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 867C	40 KB 10 KB	46ms 42ms	Script application/javascript	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/ion.rangeSlider.min.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69225 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-a0fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtO1d9iM0p9PiEfIv1O7sb%2FwuBlzExwvhR%2BMLcYPdHwZE1dU9MFVw7nIOV%2FpOru0XiZSadcUtx6vXIgJ61uuclJ%2FGqhY2ijwAHuEX7b55v9YzYtM2X05NyMb%2FP9YMYTP72ETDfk%2FT%2FAzk7gkYsE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef53bd668ec-FRA expires Sat, 27 Nov 2021 15:00:57 GMT
GET H2	200	jquery.fancybox.min.js Show response courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 867C	67 KB 22 KB	46ms 42ms	Script application/javascript	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/jquery.fancybox.min.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69224 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-10a9d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uv3M1PrbSQRQFDmibl8s9Blfp%2B6n9otXRTDe7ilHsqTojFsOc%2Fdaj23ja1qLM%2BbUYn90EqhvKwgOpzV2jzQcU7l5XjxQ7%2Fh5TnIYjfGTiTjn60ZLReVST7RvhOZ2mdBbhiO5UvkvD%2BxbDUYwsjk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef53bd868ec-FRA expires Sat, 27 Nov 2021 15:00:58 GMT
GET H2	200	slick.min.js Show response courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 867C	42 KB 11 KB	49ms 46ms	Script application/javascript	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/slick.min.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69224 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-a76f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZ91HGrxdr1LbJcBywZXvlkiJPSumE7X3DdpZqdBQ4z0UpFxxjdFILRTti6UfkQr%2FJtEGRdQYlQz6FiI99OJ1OJtKasyF6bZ4FuVvueYVrH53HKfmPQ7UShr%2FBvz6vU7rmvRvfyyaREToq2pzh8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef53bd968ec-FRA expires Sat, 27 Nov 2021 15:00:58 GMT
GET H2	200	chunk-vendors.js Show response courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 867C	539 KB 195 KB	55ms 52ms	Script application/javascript	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/chunk-vendors.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69224 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 28 Oct 2021 10:07:04 GMT server cloudflare etag W/"617a7648-86abf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWfP%2FUl4dUvhQXV%2Ft0U2lxkwE3aFEwmuc341c%2Bc7xH5qQdsRW6k4IFw0nn2C3pKHC9PJSDRYNLvicwD1ErUDW9ba6LYj7zUWHgXFkRhmNqK77FD8V8qHHN0wSspYS2yvwP7kp3Rv1xWupv5WyRI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 6b006ef53bda68ec-FRA expires Sat, 27 Nov 2021 15:00:58 GMT
GET H2	200	intlTelInput.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame 867C	29 KB 9 KB	70ms 23ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 58191 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 8889 timing-allow-origin * last-modified Wed, 21 Oct 2020 12:48:14 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f902e0e-72d9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4tOiqRKpQ2FALpVMjdsg3Qc8Uv01AmqesW9wG0LYFEJ396tSzQ5g92iGymm3UnxTU7pHLO2Knn45pZ47EzqPFV6nItcNBtXVa5RsWzqIZuAo%2FQFdgbvWsqE5Qjz65urU8FpelFA9c9jDyXLqwLkolHb"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b006ef58b9669a3-FRA expires Tue, 08 Nov 2022 10:14:42 GMT
GET H2	200	utils.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame 867C	238 KB 44 KB	70ms 23ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 8939182 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 44414 timing-allow-origin * last-modified Wed, 21 Oct 2020 12:48:41 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f902e29-3b7cd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rITvDi47GCTUXsn04SU7DyjNLmDUrXudKMKjRvVeKEwMkendWNWZU5zmJ7FcmzltuJSDS0lIlAbmAxbECV1fgxVJHVgt3712KBX3zTbahh%2FFig%2FKFIAcWzTxnYm34dPd8zvwO3aWSmfHudDSL%2Bl2rFvq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b006ef58b9869a3-FRA expires Tue, 08 Nov 2022 10:14:42 GMT
GET H2	200	inputmask.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame 867C	110 KB 19 KB	88ms 41ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/inputmask.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 54821 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 19017 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-1b675" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whgZpP3ri2uu83yzhrc7ppFUiZAoXaNOu3Tk6%2BxiGrMSTbZeLhLPGik7azoIoS9bX0luT9FgspBys5Nl9zD%2F%2FH35Q9ewG3UMpRwc5Ji679o%2FbawHSt0QerlmltqKUufM%2BJKStOmvNx86yOotN5ybfBgc"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b006ef58b9d69a3-FRA expires Tue, 08 Nov 2022 10:14:42 GMT
GET H2	200	jquery.inputmask.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame 867C	3 KB 995 B	87ms 40ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/jquery.inputmask.js Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1787610 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 655 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-a3a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULvt%2FmdvzygmIlo%2BmTBdIC6iwt9Y0XrOGrFi4EHJS8lTqSCWh0bHCVJ53n4UzQYisQlusrRRCYKk4m9ufnP%2FjZuCCga4V1E5iER80m2WunqlUcm7uT2hu8GMZ4h7rUPmiOqRSElgaoVmDHzZZ9%2BT5C4Y"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b006ef58b9e69a3-FRA expires Tue, 08 Nov 2022 10:14:42 GMT
GET H2	200	intlTelInput.css cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ Frame 867C	25 KB 3 KB	69ms 22ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 556099 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1970 timing-allow-origin * last-modified Wed, 21 Oct 2020 12:48:14 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f902e0e-62a6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLOskqE0HGNd93nK4sWOQxDB%2FOmcw8LJhezMEbT%2F28crBoik2XGAugyONMoNySVyZ1P1a1Yn3i1BnxtqIv%2B%2Fg6FQWoAyrH6YuSi83%2FF372irp1XnSbzwA7H5PrZCw1IpsWqHlrIbmeyNKW3sYv%2FlI00J"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b006ef58b9c69a3-FRA expires Tue, 08 Nov 2022 10:14:42 GMT
GET H2	404	poster.jpg courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 867C	564 B 564 B	29ms 28ms	Image text/html	2606:4700:3030::6815:4ccd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4ccd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 50 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehgI3eLF0aSoYpm3XZ6%2BOEq1z1lC7HKHPLpwKk2D8nUT90tYjCH7yXy9QBeyJbRG54Mvzf7zgb22CJxMsunXX9eTA1BcGkS07r%2B5f2oWMPR%2BtVi4teG8Fuuk5LXPgr9WLDtHab227TIW329HCZM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 6b006ef57c5068ec-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 867C	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 867C	351 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 867C	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response ipinfo.io/ Frame 867C	620 B 597 B	134ms 118ms	Script text/javascript	34.117.59.81 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ipinfo.io/?callback=jQuery34107995884902321881_1637230482873&_=1637230482874 Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 81.59.117.34.bc.googleusercontent.com Software / Resource Hash d1c172e459ffdb49c0dac3af778c4c5c2d53352c2921ed5ab0b9832142f83e90 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin access-control-allow-origin * x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 via 1.1 google vary Accept-Encoding x-envoy-upstream-service-time 2 x-content-type-options nosniff alt-svc clear x-xss-protection 1; mode=block
GET H2	200	/ Show response ipinfo.io/ Frame 867C	620 B 409 B	134ms 119ms	Script text/javascript	34.117.59.81 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ipinfo.io/?callback=jQuery34107995884902321881_1637230482875&_=1637230482876 Requested by Host: courseorlen.biz URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 81.59.117.34.bc.googleusercontent.com Software / Resource Hash a0761a4680178bb1a95efd29e2edb857ca57a559a57339fa40ba3f92a919a281 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://courseorlen.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin access-control-allow-origin * x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 via 1.1 google vary Accept-Encoding x-envoy-upstream-service-time 1 x-content-type-options nosniff alt-svc clear x-xss-protection 1; mode=block
GET H2	200	flags.png cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/ Frame 867C	69 KB 70 KB	17ms 17ms	Image image/png	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 18 Nov 2021 10:14:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3310041 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 70862 timing-allow-origin * last-modified Wed, 21 Oct 2020 12:48:14 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f902e0e-114c9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YM7hhyC7Ag0NRM%2Fas7TtifO7J2FXB6%2FUvIViXXEwG075G9Rd7%2B55h%2FdYrvksX96M7TqgF7gowCgwoloFcFgkNzox6E2B1yFCxIq6bHQXeBFy0Nzo3GNgBdtff3nDjWftzMdjknhV44WREo%2BqUIFJOTs4"}],"group":"cf-nel","max_age":604800} content-type image/png; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b006ef63d8669a3-FRA expires Tue, 08 Nov 2022 10:14:42 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKN Orlen (Extraction)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| fbq function| _fbq function| gtag object| dataLayer object| google_tag_manager

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			courseorlen.biz/	1970-01-19 23:31:48	Name: _subid Value: p6h38h49b4t
			courseorlen.biz/	1970-01-19 23:31:48	Name: _token Value: uuid_p6h38h49b4t_p6h38h49b4t6196279267dce9.88002751
			courseorlen.biz/	1970-02-07 21:35:47	Name: e7428 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzcyMzA0ODJ9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNzIzMDQ4Mn0sXCJ0aW1lXCI6MTYzNzIzMDQ4Mn0ifQ.sYodytMAaSqTVSiaamI7kvSmgRZyLhaGxLBUavqVoSc

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://courseorlen.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
courseorlen.biz
ipinfo.io
www.googletagmanager.com
2001:4de0:ac18::1:a:2b
2606:4700:3030::6815:4ccd
2606:4700::6810:125e
2a00:1450:4001:829::2008
2a03:2880:f02d:12:face:b00c:0:3
34.117.59.81
029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1b180168f33be9dff3f39fd2f733bef61c1a4b2b8b34ce6d130cde0cb21db880
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931
3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695
5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
726d0d58c7c643ea4e9d9b86abb288c1928259d74cb93d3203ee1f513fdae9c9
74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a
78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07
7f6800b404db65d38d1bb17dc5784b503eda029be21c6790c7df03f7e45b6d4e
84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce
84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c
a0761a4680178bb1a95efd29e2edb857ca57a559a57339fa40ba3f92a919a281
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6
d1c172e459ffdb49c0dac3af778c4c5c2d53352c2921ed5ab0b9832142f83e90
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe9a6ae62b2ffcb59419370f3f16cd2e9b117264a34627001ac48e449281a9d5