startup-orlen.biz Open in urlscan Pro
2606:4700:3030::6815:53aa Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://startup-orlen.biz/
Submission: On November 19 via automatic, source phishtank (November 19th 2021, 9:15:47 am UTC) — Scanned from DE

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3030::6815:53aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is startup-orlen.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 12th 2021. Valid for: a year.

This is the only time startup-orlen.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PKN Orlen (Extraction)

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3030::6815:53aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
6	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.117.59.81 34.117.59.81	15169 (GOOGLE) (GOOGLE)
37	7

25 2606:4700:3030::6815:53aa (United States)

ASN13335 (CLOUDFLARENET, US)

startup-orlen.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.59.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	startup-orlen.biz startup-orlen.biz	7 MB
6	cloudflare.com cdnjs.cloudflare.com	145 KB
2	ipinfo.io ipinfo.io	1005 B
1	jquery.com code.jquery.com	30 KB
1	facebook.net connect.facebook.net	26 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
37	6

	Domain	Requested by
25	startup-orlen.biz	startup-orlen.biz
6	cdnjs.cloudflare.com	startup-orlen.biz cdnjs.cloudflare.com
2	ipinfo.io	startup-orlen.biz
1	code.jquery.com	startup-orlen.biz
1	connect.facebook.net	startup-orlen.biz
1	www.googletagmanager.com	startup-orlen.biz
37	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-12` - `2022-11-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
ipinfo.io GTS CA 1D4	`2021-11-02` - `2022-01-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://startup-orlen.biz/
Frame ID: F2EF28DF27A5ED4FE128F2159369DAD8
Requests: 3 HTTP requests in this frame

Frame: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Frame ID: 3CF2182332887441D88D71EA584FB7A3
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rozpoczęliśmy nowe projekty inwestycyjne!

Page Statistics

37
Requests

97 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

7030 kB
Transfer

8989 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
startup-orlen.biz/ 1 KB
2 KB 439ms
389ms Document
text/html 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c579fe24021e8f17076a2f629f8ab8e65418c57a29e01b45afcfaad554e52cfd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Fri, 19 Nov 2021 09:15:42 GMT
pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FZ10v4cNg0bSZcfDwE%2BDIBohefPDZc8utsJmFKEmBAJOFaUh%2BNO2Qe9%2FmIAeQ%2BNxc0vAGoUSuM9kCjs0pOD59Uinny7qyTWF4Dg9JMp%2BZIf4wksgbKnqTStqZeB6steuIy4sdzeckayXA8tW15mLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b0855e4b9ff375c-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
30 KB 39ms
15ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a0ad134d4d2009d8668b20cbd64744e41e30161bfd1d44753dd4131adc88119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30018
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 09:15:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: MAq5+Gb24o4VX12XHf9DwliK8K47La2sWJoyYAgDP4K1WdCeHl7NMntpvbN9xhxSGWSxUx7/A8ImxDu/QluThQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 19 Nov 2021 09:15:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
startup-orlen.biz/lander/orlen-offer-obj-/land/ Frame 3CF2 260 KB
74 KB 114ms
113ms Document
text/html 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b180168f33be9dff3f39fd2f733bef61c1a4b2b8b34ce6d130cde0cb21db880

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hK0%2FSITG43r%2BEHTscXbj3%2FjhIkoJfS4Rc8et2kTAUNpIMYUYu25bfLZVdOyHlJkPI%2F8csYI7dmwcn8VXpldeQyDdUPFlHEXsJZaJrTQE2bsrXCwLNwzuW1XVsMFbJcFHAo6q3lr5TKUIbKstqsXxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b0855e74800375c-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app.css
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 3CF2 782 KB
75 KB 289ms
288ms Stylesheet
text/css 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/app.css
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-c3800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5ZBBmnUISrf7uZK%2B%2B4Jd%2Bolk1YVdsYc%2FoMv2B4xCURur2vCelI5tSrao1kzACpQ3D8GMNJ9Y7w5n%2F6QMqNeQQPHAIBi1eN6PLSrMyq72hWqb1mG2Dhye9JrhmaYpezPU0beac2uDEbrt8UtUGhwdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e819c4375c-MXP
expires: Mon, 29 Nov 2021 09:15:42 GMT

GET
H2 200 fonts.css
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 3CF2 2 KB
697 B 139ms
138ms Stylesheet
text/css 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/fonts.css
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-8d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLMSkvIoNQMkKrzAZLybn5OczVkRJowUJMECvXRoj5ol3uhldyzfjjf%2B%2BoyMnW6LzaNkOr1AEsdxdOiyqgbHAw67kmpVJVpHpqg63u9KclevIPeZhm1DmyEVV27%2B66xjjO0NbXJnP4lOvD2JseSsmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e819c6375c-MXP
expires: Mon, 29 Nov 2021 09:15:42 GMT

GET
H2 200 slick.css
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 3CF2 2 KB
1 KB 138ms
137ms Stylesheet
text/css 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/slick.css
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZMR7tb5wN%2BSAmPWnrX8KEOuGCR9w7zCkF86A44NvB0Jz1pPEm1UFZB7TdnRYS3S4ySQMSpJQV%2B0gdsmDxcq74%2F6plyWaMJ8j6VfZwm9k37Sg91BWcrqPfZ%2Bb20V8GdiMFBFkpNfRvWiq0Yh2BDXsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e819ca375c-MXP
expires: Mon, 29 Nov 2021 09:15:42 GMT

GET
H2 200 ion.rangeSlider.min.css
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 3CF2 11 KB
2 KB 35ms
34ms Stylesheet
text/css 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/ion.rangeSlider.min.css
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17167
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-2b4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y9WhURNqxK3EwdZtOdO1%2BEVOCFCxWeSuiys8IPWYaeN1Y1Rr%2F%2BIX0H3U%2BRQg6%2Big1hOjqjryqCYlIL9KMPQ75qzuRIHmiVsMygVcqHqhDDmccmo%2FOS1Zi9eejDeyFYp2dyhLewigu%2FZz4hHsyYWVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e819cb375c-MXP
expires: Mon, 29 Nov 2021 04:29:35 GMT

GET
H2 200 jquery.fancybox.min.css
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/ Frame 3CF2 12 KB
3 KB 27ms
26ms Stylesheet
text/css 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/css/jquery.fancybox.min.css
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17167
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqpJkDDvcNQ0k2luH6iCGkJb%2FefugiNhczHWAoujSi3HJs4Gix4Q7%2Fch0ZuWZCTLX70fkK8FfArYfaK3Wafe2tmFLuAnds0RVJLnK1e4M9M0iH5LOUB6XyOgF7WVQJsk7PgKDbLHwg%2BZhsrxREWq%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e819ce375c-MXP
expires: Mon, 29 Nov 2021 04:29:35 GMT

GET
H2 200 9.svg
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/fonts/ Frame 3CF2 2 KB
1 KB 147ms
147ms Image
image/svg+xml 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/fonts/9.svg
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-70a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4jNhEiRAF0KUhzOSAbybxdnG386R2Klbwv2%2BzD93zub2m%2F420Ay%2FSxgYkey3fiy%2F8YD0croU5dGBSASyoAIIOCsqQZDeMNOHFYU2tlPumKkoV1Rl47EH6jXaqLEZFXvzr5jaVxJFi0H8oW%2B6HxBwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e819d0375c-MXP
expires: Mon, 29 Nov 2021 09:15:42 GMT

GET
H2 404 poster.jpg
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 3CF2 564 B
564 B 139ms
138ms Image
text/html 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrUmXaYCfGJ5Hii1g22w0A4f7H1wu4eBY6uAKN9QR%2B6p1kzl%2BFn79OHO2mJKjQI1ErwYsJI8hDG62uLt1u9pJSsP%2BYysBvRgk9xOQxBSaNztRFWFqrPX5DdnH3BalXLK7z35ViO2nmBF2Wdks93WJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6b0855e819d1375c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 3CF2 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3CF2 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 video.mp4
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 3CF2 48 KB
0 41ms
41ms Media
video/mp4 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/video.mp4
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17162
Content-Range: bytes 0-4107132/4107133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 4107133
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-3eab7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k88J%2FtXlETNRgdfwmUD7ZqAp6Aauc0TsZjktRKHFmWJbb1RFWSjyWDVf%2B76x99AKM2upuxw5JGXeospLgb%2FIs2Bb1U4EuB3YOja30ZVcItAdWhrSzHJpKrPJrQ3ai0AoedoBXGWDKup7pwYpGcv1xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e83a03375c-MXP
expires: Mon, 29 Nov 2021 04:29:40 GMT

GET
H2 200 10.jpg
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 3CF2 77 KB
77 KB 274ms
273ms Image
image/jpeg 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/10.jpg
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78371
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-13223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAnHcnFznw6D0VqGMF0%2FDTjqDiNCDMvn8Re%2B54IqJCs1Z4nFAlRlg7%2F%2BHU8WIWgeNIrxtc2hP96u%2BKPvg%2BJxSt61DIPLoPt1MA%2FN9TDMuJDB%2BaUAcFzcESS8RRgH9MR2wpsXm1cSyk5LR7KWTd%2BNIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b0855e85a40375c-MXP
expires: Mon, 29 Nov 2021 09:15:42 GMT

GET
H2 200 11.png
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 3CF2 1 MB
1 MB 34ms
33ms Image
image/png 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/11.png
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17165
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1150172
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-118cdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uqg3CBaBTn3Uq%2B%2BU0KEYfgk3hHYdhXra3rr2xBCbixcJKsSHdDVBvDry%2FkB9ktKWz0W5hUpqyIit3Cz2D5BzPNf56xpDUkwhdV%2FTarp3oprDSqWAuTrlY50ethlRQUjbPgZRmYSdxMg94nZ%2Fbslthg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b0855e85a45375c-MXP
expires: Mon, 29 Nov 2021 04:29:37 GMT

GET
H2 200 12.png
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 3CF2 577 KB
578 KB 333ms
333ms Image
image/png 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/12.png
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 591037
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-904bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Up34iDE0i6qml%2FE3Q%2FCUT%2BfBK8dLBmQcUZTP%2FcfIq59EQ%2Fxzfr34ohWxjGBOri%2FspB1zVzujXVCFfoyXNHiBla7N%2FbJ5%2FQ7fYTq9G9drLFipGPOUrkG485g6xPvMfRQZOeGqyA4rl96qtDcQcnThJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b0855e85a46375c-MXP
expires: Mon, 29 Nov 2021 09:15:42 GMT

GET
H2 200 13.png
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 3CF2 617 KB
618 KB 55ms
55ms Image
image/png 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/13.png
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17165
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 631847
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-9a427"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TUNXmJFK2eKL6cpvsCKuh9zsMntXdgVLnpRKFgGMHvUYgwvS7eYoyea0m3SdHpQOlzpILFkJD17vq6E7JZVOzEz6M%2FN3hm9jegfMrszE%2Bwq24i8%2B9I075GjoZNNFMRXP1iSaSuN7u4kvxqYCh4E3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b0855e85a47375c-MXP
expires: Mon, 29 Nov 2021 04:29:37 GMT

GET
H2 200 14.png
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 3CF2 1 MB
1 MB 265ms
264ms Image
image/png 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/14.png
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1166276
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-11cbc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTPe3tkMbXO%2FYDZ4ZBBcBupC5r6gUN8MiwSMeh%2BVgzhUTZCVo7dCV7DacQ8rIVG%2FSo7oTy9BNGGQGBKdYa4ChjCLdhYn19%2BV0mDFNNDc2Z38%2Fx%2BQRACUvI%2B7SwKZMDej0ZhSg4ZuXVWiX4OrMjOebQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b0855e85a4b375c-MXP
expires: Mon, 29 Nov 2021 09:15:42 GMT

GET
H2 200 15.jpg
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 3CF2 3 MB
3 MB 277ms
276ms Image
image/jpeg 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/15.jpg
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2746610
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-29e8f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9v94VXLHzqYDpBo%2FtZjevPMSNkSbsrsmeV4HCfotFquK0A%2FVp9ruSVOTGEjUZZIwNEtdnUmOd3ssozG7LGr3QzQ6ghUn2hhkA%2FoH2ZjLWVg9UM9QEIjNn5vjloJ0Dy5lwqYv7ctNu%2FJO%2FZw%2FhlbeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b0855e86a4c375c-MXP
expires: Mon, 29 Nov 2021 09:15:42 GMT

GET
H2 200 16.jpg
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/ Frame 3CF2 57 KB
57 KB 30ms
30ms Image
image/jpeg 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/images/16.jpg
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17164
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57989
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-e285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3twOCRztFGde6yu27N1qN8KC1JAwNaNA%2FQvO1APfh%2F6aDXab8RMxnEw7z57WNcokKsSh%2BxzJrVTAGERSOV1HzlJ%2FtDsTNDp7%2BkmMip9hAc7oxAMsSriCP5JlY%2FjGidryYCE6vtCzWG3sfE1JdRhtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 6b0855e86a4e375c-MXP
expires: Mon, 29 Nov 2021 04:29:38 GMT

GET
H2 206 video.mp4
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 3CF2 75 KB
75 KB 33ms
32ms Media
video/mp4 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/video.mp4
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9a6ae62b2ffcb59419370f3f16cd2e9b117264a34627001ac48e449281a9d5

Request headers

Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=4030464-

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17162
Content-Range: bytes 4030464-4107132/4107133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 76669
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-3eab7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vB8VI0woZl7Yo4fCUnCl79e6hk7otUR74Uks1K%2FyOwopezVvX0FNgqM3ZHKu1XLEwdLp3CiFw7K%2Fi64KpacQoaSe0cbxH2VAf8QksaSW29EqzBgalobTtOqy1BUWl2R3wCL8AIVMIrlOZbh2AuaX9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e88ab9375c-MXP
expires: Mon, 29 Nov 2021 04:29:40 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ Frame 3CF2 87 KB
30 KB 71ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1637313342.dop033.ml1.t,1637313342.cds203.ml1.hn,1637313342.cds001.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery.min.js Show response
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 3CF2 86 KB
31 KB 33ms
31ms Script
application/javascript 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLW3deX2O%2FOOG%2Bgo1yy%2BOpSOvaX22A2pYIGICv%2FE3F8TynT4VWss6VFJS5Y63q3WIzuwIMZK4CRZ8%2FR%2B8FF8%2F9JaLIBcDqmPiP%2BGcXB5AKAi2m07f7cnOcpQ9J%2FZpXlM2IpfJTxRYChamlWQuznqZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e8baf3375c-MXP
expires: Mon, 29 Nov 2021 04:29:36 GMT

GET
H2 200 ion.rangeSlider.min.js Show response
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 3CF2 40 KB
10 KB 32ms
29ms Script
application/javascript 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/ion.rangeSlider.min.js
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-a0fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bepp6IrtW%2FZShnUVHiJzamaFT5sOr0W0fiNa1mR06XHjqMv%2BzM0h6BqfUFCYy1VAgqavi5F8aMvQ6%2BnpzYMlRUl65wqi7UKlzQmonPOoumP8a8Itz74U5Mkf%2FbX1Cyim4YCGJnSLwBFrMKcvfb9g3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e8baf5375c-MXP
expires: Mon, 29 Nov 2021 04:29:36 GMT

GET
H2 200 jquery.fancybox.min.js Show response
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 3CF2 67 KB
22 KB 36ms
33ms Script
application/javascript 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/jquery.fancybox.min.js
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-10a9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQzx8uuv10QZeekiib769T6aQ5prYANyVT6%2Bk2LTLu9HqKOPH2DolY0wPfrwhF9qNFNFXLCaBQ2%2F3oDearU3KBIIPuW%2FUkd%2BDdoItd2LHvxEuhL2oANQd6mlbUa5qqO0ln%2F64YMUs%2BNfbOSJtdy04A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e8baf8375c-MXP
expires: Mon, 29 Nov 2021 04:29:36 GMT

GET
H2 200 slick.min.js Show response
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 3CF2 42 KB
11 KB 34ms
31ms Script
application/javascript 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/slick.min.js
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWjRv7RnRJybemEdJKmLCN%2F4PZSxelvFwRxY4yH7FMUnAbZSYu39LgyBy0JiA1qrwglk5CduvY3J7eLhQIuliqc8Biid1xdStZS6Frx9ulOtOFHkUadaOfMVBOcLUJtxUTyjsdxtVgY9u1ohf618wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e8baf9375c-MXP
expires: Mon, 29 Nov 2021 04:29:36 GMT

GET
H2 200 chunk-vendors.js Show response
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/ Frame 3CF2 539 KB
195 KB 39ms
37ms Script
application/javascript 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/chunk-vendors.js
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: W/"617a7648-86abf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKNBlLK7x0yQl4qmXJaCaq6D7Brmq%2FrVxrGH7ba%2FJuW74%2Bhgt8oUhg3jUYZY%2BUbmxVEmEbu%2FswSx6XRUFJkw6UajGy%2FQGm7sq7r7YFyaaKdvBPpeitHT8lt4lVLyCFPIIzYgEhZir%2Bw8JkQ1TkMh8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e8bafa375c-MXP
expires: Mon, 29 Nov 2021 04:29:36 GMT

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame 3CF2 29 KB
9 KB 73ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1179203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8889
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-72d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63jyzGf58yVHTrWS1Qb7MDGhjGrJ9zoduc%2FwsDNdNh3WZyhB8gt4PeHDTO86EmslCZ7JluP44sqECPL4J1tvQRqF%2BKsimPMDltmDoRMNfWfPlWQnp79%2FbLYuXlHn2lUEfNJO8arUmTghkc32H9JXdAZ2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b0855e8ff060e2a-MXP
expires: Wed, 09 Nov 2022 09:15:42 GMT

GET
H2 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ Frame 3CF2 238 KB
44 KB 75ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.min.js

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 133751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44414
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e29-3b7cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N400X%2BAWwOYy0OeR5vbflZZRj85xeII%2Bd090KrFESZy9RgjRXDpkWR%2BlB4eYub27cqQ9UubEuipt9Pm517tu1Caapv%2F9M%2FVqdBjssUkLFnhTGb1p9AUhvBAasPJIbxDi%2FwnPDxPvE5LALWmSl6jx3EXQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b0855e90f080e2a-MXP
expires: Wed, 09 Nov 2022 09:15:42 GMT

GET
H2 200 inputmask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame 3CF2 110 KB
19 KB 86ms
38ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/inputmask.js

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1381134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19017
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yE2UmAoClTniHpuY9w2r88P2i9DyaK%2FoN8g%2BPfrymb%2BR%2BinSeqJfFbmFqpEMWUselp8deHctsEt%2FHO9k7yyww5QTTg9TdxZbGAvf8Sy9X7%2BidHpKjlT4l6cRd3e%2B3h%2Fzp%2Bk0ek36%2FrRCLo2Jr%2FKp7cb%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b0855e90f0c0e2a-MXP
expires: Wed, 09 Nov 2022 09:15:42 GMT

GET
H2 200 jquery.inputmask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/ Frame 3CF2 3 KB
969 B 87ms
38ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/inputmask/jquery.inputmask.js

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1298499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 655
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTZbRW1s9XP6QvHbI09ifbJ4IuJrrT4Jw8XGAEa5vyHI113uzqgv6%2B7lKh0XW1lb2uInUPh3FJ8cTXgTiOmGYeugQTHzqlmA9lvB3qC1z%2FNgRSlUTcWDnPLq09kipwnhJ5xsZcHZ3oIeaqFqHeeNuaL2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b0855e90f0e0e2a-MXP
expires: Wed, 09 Nov 2022 09:15:42 GMT

GET
H2 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ Frame 3CF2 25 KB
2 KB 86ms
38ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2555481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1970
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-62a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FVUU%2FmArH%2FIc0ejz0elfM%2FsS9oJNqM9kUJVyQc0k04bmPzMQ0XU5wtf9z153GYQ4uwDyhR%2BUyTwm29TEL1xfFIGBRHSGtiCqtKmgv6L8%2BQPIUtKsD8NuN0C8spEE11x9PpAdbVIFEfEGhu4rDaFansb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b0855e90f090e2a-MXP
expires: Wed, 09 Nov 2022 09:15:42 GMT

GET video.mp4
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 3CF2 0
0

GET
H2 206 video.mp4
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 3CF2 11 KB
11 KB 28ms
27ms Media
video/mp4 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/video.mp4
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9934f57450167b3e3e217c6fd9817d9b8f9fed42748480e608c23eef4ca45ec7

Request headers

Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=4096000-

Response headers

date: Fri, 19 Nov 2021 09:15:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17162
Content-Range: bytes 4096000-4107132/4107133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 11133
last-modified: Thu, 28 Oct 2021 10:07:04 GMT
server: cloudflare
etag: "617a7648-3eab7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TZKTRgz%2FeLj%2F5B7tnCrv7lyfr8z1DAKT1rh5PQHdBqwqBnwqlGE50LqZgnVdIX8A86cwKD5UMHTwl6QnF3PgLoArmhG9wIv6%2ByHNABjCF0TPYtvrVR%2BtGmeYzYQ6hX1sz0Bf13wCsXoju3wWhfFhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6b0855e8cb24375c-MXP
expires: Mon, 29 Nov 2021 04:29:40 GMT

GET
DATA 200
OK truncated
/ Frame 3CF2 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3CF2 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 poster.jpg
startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/ Frame 3CF2 564 B
564 B 23ms
23ms Image
text/html 2606:4700:3030::6815:53aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg
Requested by: Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:53aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/lander/orlen-offer-obj-/land/?_token=uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZL%2BPFY%2FQDMqlUCOZaECG353OtXzB1y3rHk1%2BFHwGUC%2BaAb%2FUK357HHAeqw417u2hMc4JA0Kql1I7QZQtdt5k65dpwXtUVRYhkMLxZdaVEayVweeikOBrCb%2BH%2FlXcDUSCj1WgeIgRfgI8huGsJPHbjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6b0855ea5e99375c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
ipinfo.io/ Frame 3CF2 616 B
596 B 137ms
120ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?callback=jQuery34108025914688052438_1637313343104&_=1637313343105

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

47c418277937d49c08324aef9849a18ba35257bffe012118fdd6c181383d8949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 1
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
ipinfo.io/ Frame 3CF2 616 B
409 B 138ms
121ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?callback=jQuery34108025914688052438_1637313343106&_=1637313343107

Requested by

Host: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

7d563b5e58781c66944991d56cf7804136e16af9e3c48f40f18e6f633ca32e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://startup-orlen.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 3
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
H2 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/ Frame 3CF2 69 KB
70 KB 33ms
32ms Image
image/png 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4726959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70862
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQTDDix6JF8lywix0Mt1mDLiB1DmoSTVmKl2RQS1AT4KEu8P65M2tT9l5MAOvdsJ6EqH05eby9YNsNDUX1fRx9ayqpm%2FXOSypv6DIvzA%2BIy0mLOlxL6iWselIYOAZ%2B8o%2B4jKhJ8XGtZBTDTdgxmPPk76"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b0855eaaaf70e2a-MXP
expires: Wed, 09 Nov 2022 09:15:43 GMT

GET
DATA 200
OK truncated
/ Frame 3CF2 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3CF2 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3CF2 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: startup-orlen.biz
URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/video.mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKN Orlen (Extraction)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
startup-orlen.biz/	1970-01-19 23:33:11	Name: _subid Value: 3ad7v1m4b688
startup-orlen.biz/	1970-01-19 23:33:11	Name: _token Value: uuid_3ad7v1m4b688_3ad7v1m4b68861976b3e6d06b4.19786346
startup-orlen.biz/	1970-02-07 21:38:33	Name: e7428 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3N1wiOjE2MzczMTMzNDJ9LFwiY2FtcGFpZ25zXCI6e1wiMTE3XCI6MTYzNzMxMzM0Mn0sXCJ0aW1lXCI6MTYzNzMxMzM0Mn0ifQ.VcOqJEofxb8-Ng1pEQjRRD1moIM5yMOqeCCIQ6ozUKs

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://startup-orlen.biz/lander/orlen-offer-obj-/land/assets/video/poster.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
ipinfo.io
startup-orlen.biz
www.googletagmanager.com
startup-orlen.biz
2001:4de0:ac18::1:a:3a
2606:4700:3030::6815:53aa
2606:4700::6810:135e
2a00:1450:4001:82a::2008
2a03:2880:f02d:100:face:b00c:0:3
34.117.59.81
029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1a0ad134d4d2009d8668b20cbd64744e41e30161bfd1d44753dd4131adc88119
1b180168f33be9dff3f39fd2f733bef61c1a4b2b8b34ce6d130cde0cb21db880
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
222e7732618b465a810e44ee61dafac50157a7758ff16d1b01057f0df0a5a243
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931
3187226035ba275b49fbeaabc01d98e3a07a6aa5f8182eac9d01cf1290136695
47c418277937d49c08324aef9849a18ba35257bffe012118fdd6c181383d8949
5154560b9bd07fb45fa5d15bd3585fe634f9360ed6e8802a349d59ee2c58ca62
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
74a125f95648f5817c054743a8e03eda9da09b097e7dc81f7bb982d9041af46a
78782af1e499bd0f263c355de6babbc81f6efebe3e39866582b134ce32ab3e07
7d563b5e58781c66944991d56cf7804136e16af9e3c48f40f18e6f633ca32e50
84c14363da0a22cef3a5089d0803aa8ac11dd0a077c02c1ed5614f2e4e8d10ce
84fa5f28e69405dfdcf9e6013df8e92363ef16a88b684fd35b3656e60eb0d36c
9934f57450167b3e3e217c6fd9817d9b8f9fed42748480e608c23eef4ca45ec7
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be
c579fe24021e8f17076a2f629f8ab8e65418c57a29e01b45afcfaad554e52cfd
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cd5ab58bf994afd3ff9a1000a9a22c9619b08dda258ddb055e2d34bd41bd97e6
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe9a6ae62b2ffcb59419370f3f16cd2e9b117264a34627001ac48e449281a9d5

startup-orlen.biz Open in urlscan Pro 2606:4700:3030::6815:53aa Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

37 Requests

97 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

7030 kBTransfer

8989 kBSize

3 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

startup-orlen.biz Open in urlscan Pro
2606:4700:3030::6815:53aa Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

7030 kB
Transfer

8989 kB
Size

3
Cookies

37 HTTP transactions
7 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!