tradpolin.com Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Submission: On November 06 via api (November 6th 2024, 7:30:45 am UTC) from PL — Scanned from NL

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 48 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is tradpolin.com.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.

This is the only time tradpolin.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PKN Orlen (Extraction)

Domain & IP information

	IP Address	AS Autonomous System
15	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
5	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 7	2600:9000:225... 2600:9000:225e:3a00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
7	2a04:4e42:200... 2a04:4e42:200::626	54113 (FASTLY) (FASTLY)
2	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::626 2a04:4e42::626	54113 (FASTLY) (FASTLY)
2	2600:9000:235... 2600:9000:235a:7a00:2:cecb:23c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:e200:1b:6b7c:c940:93a1	16509 (AMAZON-02) (AMAZON-02)
48	13

15 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

tradpolin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:225e:3a00:1:a3fa:7cc0:93a1 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)

assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:235a:7a00:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

videos-cloudfront-usp.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:e200:1b:6b7c:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)

prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	tradpolin.com tradpolin.com	6 MB
8	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	157 KB
7	jwplayer.com 4 redirects cdn.jwplayer.com — Cisco Umbrella Rank: 2532	56 KB
6	jwpsrv.com assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4534 videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 6646	610 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	61 KB
4	jwpcdn.com ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2047	266 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
1	jwpltx.com prd.jwpltx.com — Cisco Umbrella Rank: 2190	202 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	31 KB
48	10

	Domain	Requested by
15	tradpolin.com	tradpolin.com
8	cdn.jsdelivr.net	tradpolin.com cdn.jsdelivr.net
7	cdn.jwplayer.com	4 redirects tradpolin.com cdn.jwplayer.com ssl.p.jwpcdn.com
5	cdnjs.cloudflare.com	tradpolin.com
4	assets-jpcust.jwpsrv.com	tradpolin.com
4	ssl.p.jwpcdn.com	cdn.jwplayer.com
2	videos-cloudfront-usp.jwpsrv.com	ssl.p.jwpcdn.com
2	www.facebook.com	tradpolin.com
2	connect.facebook.net	tradpolin.com connect.facebook.net
1	prd.jwpltx.com
1	code.jquery.com	tradpolin.com
48	11

This site contains no links.

Subject Issuer	Validity	Valid
tradpolin.com WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2024-09-25` - `2025-10-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-15` - `2024-11-13`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-07-02` - `2025-08-03`	a year	crt.sh
jwpsrv.com Amazon RSA 2048 M03	`2024-02-17` - `2025-03-16`	a year	crt.sh
jwpltx.com Amazon RSA 2048 M03	`2024-09-11` - `2025-10-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Frame ID: 6AFE3C9B2E9B0F7AFA006FA84CF12FB2
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PKN ORLEN

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

90 %
HTTPS

67 %
IPv6

10
Domains

11
Subdomains

13
IPs

4
Countries

7726 kB
Transfer

10201 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://cdn.jwplayer.com/strips/S00oOWsS-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/S00oOWsS-120.vtt

Request Chain 38

https://cdn.jwplayer.com/v2/media/S00oOWsS/poster.jpg?width=720 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/qi7iudk4-720.jpg

Request Chain 39

https://cdn.jwplayer.com/v2/media/S00oOWsS/poster.jpg?width=1280 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/qi7iudk4-1280.jpg

Request Chain 41

https://cdn.jwplayer.com/strips/S00oOWsS-120.jpg HTTP 301
https://assets-jpcust.jwpsrv.com/strips/S00oOWsS-120.jpg

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request sNz2byYF Show response
tradpolin.com/ 234 KB
72 KB 213ms
165ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 53584bc9f8f874836074dab9ab2ea65945389a23a643e6cc93aed84cf0a959e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8de36122cf1f66ff-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Nov 2024 07:30:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HP1gXxJDR1UPZ1ShtsDKmHRNIfxlCAXKMHzu%2BvBf7K87W6eTqflawoMpYiEGxgI5ntGLkDFBhuABH9LHvZABnSyaUIvN%2BXK%2BbcQe4PDXUxPGT38G3GCxO8gPfFTW%2B8b0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=15267&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4521&delivery_rate=696&cwnd=12000&unsent_bytes=0&cid=617ca5170c077254&ts=174&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 fonts.css
tradpolin.com/lander/pl-orlen/css/ 3 KB
1 KB 31ms
30ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradpolin.com/lander/pl-orlen/css/fonts.css
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e285f5522374678e8777ce328beb07b729521e3f0ffcc30dc6499dbf319a4ee7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66f40ac8-da2"
age: 58428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0PllXhEz%2F4yI9Egp5AOR6pbL0HyGUZQKxqDWImcQVrUjNdWvCogs40ST7LkGV%2FQaZq%2B0%2BWTjIhopa3Uqf1c6EDs79VSYkusyx%2FnjIGPovS4k7MLX9j0XGH4R9fk0sGq"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 15:16:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15092&sent=27&recv=21&lost=0&retrans=0&sent_bytes=17943&recv_bytes=6746&delivery_rate=441467&cwnd=19200&unsent_bytes=0&cid=617ca5170c077254&ts=211&x=1", cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36123d87c66ff-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 app.css
tradpolin.com/lander/pl-orlen/css/ 888 KB
86 KB 45ms
40ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradpolin.com/lander/pl-orlen/css/app.css
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f1186e9445e21cfc0021ddff77aaae13797e606a5121e15145f357bd2cfc48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f40ac8-de1a7"
age: 58428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oJGnqcvXrgX0sxuva4Fu4SLpY5XCTAMul5HN8KUX1xNI9A4ybjuHH2T8925aZ6Uzmqn3MaSJxnS9F6bvOoH7iLdf%2F0NS2dz6lUTZCdQXG7BkIkIcssRz9CIceg9OEzj"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 15:16:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15092&sent=45&recv=21&lost=0&retrans=0&sent_bytes=37143&recv_bytes=6746&delivery_rate=441467&cwnd=19200&unsent_bytes=0&cid=617ca5170c077254&ts=217&x=1", cfHdrFlush;dur=9
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36123e88466ff-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
944 B 57ms
16ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
age: 2278348
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220022-FRA, cache-ams21029-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 484
x-jsd-version: 1.8.1

GET
H3 200 ion.rangeSlider.min.css
cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/css/ 11 KB
2 KB 80ms
54ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/css/ion.rangeSlider.min.css

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ea7-2b4c"
age: 536250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yVLKJoofjaqWoiHyj%2FMhotttl7BWMau31LGL0Q83%2Be6AwdmFocD1QB%2FH08rg8kbzYwvmQbxsp2Ch9j6FubDEF8WHVsWYp%2BueWU0ANVLJD2J5cR9SVHofQkmF%2FLKulOTKrGhLQkA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8de361240c4cb90f-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1860
server: cloudflare

GET
H3 200 jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 12 KB
3 KB 67ms
41ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e58-31fb"
age: 19948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPFxhcy%2FHSA9b9MYBVSojN6JScJQksPYfkHa4H0V2EAeNf1s14XGRh5CpdX3QBdPKNF09RKf%2B9m19QUle829gKr%2BcNs2uKreNS8uDIsoOkdsT4Jzs5%2Fcn7UW7BAjkdCywPqWwUfx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8de361240c4bb90f-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2695
server: cloudflare

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/ 88 KB
28 KB 81ms
55ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/jquery.min.js

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6408b256-6d83"
age: 46103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YbF7d8lUIXphn3FbSQlNYkQvudQPqP3Pp2j08XUTizTNcgkoePgUQ9RRJrlyXiuORjnFW%2FlkMCO%2FkNAE9bmUizy3I%2FZWvruP8B%2FyOxb%2FxhI0cwHg4s374xWvan3IQ%2BprOw4%2FGCCu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 08 Mar 2023 16:05:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8de361240c4db90f-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28035
server: cloudflare

GET
H3 200 ion.rangeSlider.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/js/ 40 KB
8 KB 65ms
40ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/js/ion.rangeSlider.min.js

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67adfdac93b9ec1899cd00e55ac1b217e109dc5b379c3e2940f91f8a64f2dd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ea7-a0d3"
age: 52908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkKn5EO1NqrjvB5gBXeqH6AvWjOMuynDtXUTGJQgGCeLPlCZr%2FVu22L3Bbd%2BQF1XLXzSN7MjODK9bIb%2BDlK7xXawg%2BJWnZ2FyNZrmWq7HvLrB%2BjWSdhJxP9rdYmgu%2F2Z9PIW%2BMOW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8de361240c49b90f-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7685
server: cloudflare

GET
H3 200 jquery.fancybox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 67 KB
19 KB 50ms
25ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e58-10a9d"
age: 706523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRFB3mbe%2BsML9Rf8qLnJEoBTZ1gmXohghZv4uiH%2BxDsJZ%2BqHAOEA%2FT0ANJ%2FzIJo2LFAScKMUithKj5yJPAjnXtL1Tle5asytITmXjuNLeersdqUFPID7y%2FoU0BW54ufJvgQN313K"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8de361240c46b90f-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19249
server: cloudflare

GET
H3 200 form.css
tradpolin.com/lander/pl-orlen/css/ 9 KB
2 KB 111ms
107ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradpolin.com/lander/pl-orlen/css/form.css
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 411b88f5217814d49bcbca3552e949b9bfc936e04de3ae1f9dec9b969a6d7150

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66f40ac8-23c3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03v2xv6N%2FO%2F3zHwnGCQWuRH5UEBRod%2BTIaLvIHaDyQR0qXuRIeuY01doy44VRkG0YjajL%2FNpEgMEzNQL70cwPYE4QIS%2BB2P6n7ZZb9QZrEiG2OUlFPv08djH8YjDQS2J"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15557&sent=194&recv=70&lost=0&retrans=0&sent_bytes=200636&recv_bytes=8910&delivery_rate=5791118&cwnd=98400&unsent_bytes=0&cid=617ca5170c077254&ts=292&x=1", cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36123e88666ff-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 9.svg
tradpolin.com/lander/pl-orlen/img/ 2 KB
2 KB 42ms
41ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/9.svg
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66f40ac8-70a"
age: 58428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p6NhY9oPv%2BET4fbE9ltBPInWKrKyQL4xvlOMHqghvrHDZ5QekNvVdZz7ttVQaqdp2iB%2BqzJ1Kw2kTs%2BzfV%2BAzuQw%2Fe3Z6PFsVn4UcnX7LZDhxPDs96rTFvMJXV2ONNjz"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 15:16:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15092&sent=45&recv=21&lost=0&retrans=0&sent_bytes=37143&recv_bytes=6746&delivery_rate=441467&cwnd=19200&unsent_bytes=0&cid=617ca5170c077254&ts=219&x=1", cfHdrFlush;dur=8
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36123e88766ff-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gerb.png
tradpolin.com/lander/pl-orlen/img/ 25 KB
26 KB 30ms
29ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/gerb.png
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1af272e19a4e8bc389478e7acbb3210362aaf7032ea5b8e40d47dfc9d4410d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cf-cache-status: HIT
etag: "66f40ac8-63f3"
age: 60800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3X9V6pdkw6oiJUloKa7FKFGLDiXozQ7GRrfRFYtqAdTWFYBKzlL4EkV5P7bmNlVKPk6ZoM2vOnfYY%2Fsfu1hZzWHE5Y4cApdTeM6VV6uV1uXw19rDOs6%2BSlIEvBQEOSyH"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:37:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15092&sent=36&recv=21&lost=0&retrans=0&sent_bytes=26488&recv_bytes=6746&delivery_rate=441467&cwnd=19200&unsent_bytes=0&cid=617ca5170c077254&ts=216&x=1", cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36123e88a66ff-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25587
server: cloudflare

GET
H2 200 S00oOWsS-DZ9rNWWS.js Show response
cdn.jwplayer.com/players/ 146 KB
53 KB 241ms
175ms Script
text/javascript 2600:9000:225e:3a00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/players/S00oOWsS-DZ9rNWWS.js
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 632c7cc4aef2f26f878a298e7265062cb090e02ba8c3d8492006261b7a21a63e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180
content-encoding: gzip
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 53716
x-amz-cf-id: GfVykOq9x4Z7fd-1g1SrvYkMb9qwtFcALVei1_YPUaGk2VdqbeHqaQ==
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/javascript; charset=utf-8
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 185ms
25ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ml92zbtT' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ml92zbtT' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4529, tp=11, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: mv1wyXJdUKd06Gyq14PvERCFPmvbuQXdWQMYHoWTokJf3qy3aJsbLeu5A7NmnWFT9Hea3xpfIuuHc1Y5hiDNlQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 10.jpg
tradpolin.com/lander/pl-orlen/img/ 77 KB
77 KB 169ms
168ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/10.jpg
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cf-cache-status: MISS
etag: "66f40ac8-13223"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfLJiEgsh7lARaT01765AK1zq0%2FV7lv%2Blx5rckkLrDVOkdHBKVd7uWPFOxUiiimnC6QJh6XLzqIR2nupKAoZAlkPM2szn7dQUvo51Ltry2k%2Ff2JhVfCnmx4XJv%2FChkyE"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18229&sent=1634&recv=195&lost=76&retrans=76&sent_bytes=1911909&recv_bytes=17626&delivery_rate=21687332&cwnd=335730&unsent_bytes=0&cid=617ca5170c077254&ts=446&x=1", cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36124791b66ff-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78371
server: cloudflare

GET
H3 200 11.png
tradpolin.com/lander/pl-orlen/img/ 1 MB
1 MB 36ms
29ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/11.png
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cf-cache-status: HIT
etag: "66f40ac8-118cdc"
age: 123103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hslM%2F2JlKcEoHZpysQqO3oNQDXUjMxr45EOljGiV%2BUzGxQhrWJ8BHDysGvhp07%2FOgAfuG%2Bdxr1FNOG2VoYJvFOiKoJ9N6Q2YVNob%2FiuOMxd00UWyzQhKMf8zU%2FUmcARg"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 21:18:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15618&sent=200&recv=79&lost=0&retrans=0&sent_bytes=203169&recv_bytes=12190&delivery_rate=128222&cwnd=98400&unsent_bytes=0&cid=617ca5170c077254&ts=347&x=1", cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36124b96266ff-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1150172
server: cloudflare

GET
H3 200 12.png
tradpolin.com/lander/pl-orlen/img/ 577 KB
578 KB 113ms
104ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/12.png
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cf-cache-status: HIT
etag: "66f40ac8-904bd"
age: 123147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pK9PJq%2BLorGrTHNtSWEh6wCUqCNAPUsFAx7QEy2%2FKqL9%2Bpkt1qV9ajkusuTwA9zKSM13FnroTRDBqXR5aMPbQLABGidQ6s1EV1NrnByykdSOCvXopkuq%2BWlcGyVd3XDQ"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 21:18:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15618&sent=282&recv=79&lost=0&retrans=0&sent_bytes=301569&recv_bytes=12190&delivery_rate=128222&cwnd=98400&unsent_bytes=0&cid=617ca5170c077254&ts=355&x=1", cfHdrFlush;dur=9
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36124b96566ff-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 591037
server: cloudflare

GET
H3 200 13.png
tradpolin.com/lander/pl-orlen/img/ 617 KB
618 KB 139ms
136ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/13.png
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cf-cache-status: HIT
etag: "66f40ac8-9a427"
age: 64111
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5v8QY8tUycZ1qSljegRKTPvFxrvN7Bx2k%2B3JB6tfF9VgRxM18TtUcScjsZwuiWzBLoLhdnI6AGFcaT7HJDGr5al%2FkNV2ClZu2wt4K%2Baxqdlw6U2mn1XbUTj8UCXgl1%2B"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 13:42:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15618&sent=282&recv=79&lost=0&retrans=0&sent_bytes=301569&recv_bytes=12190&delivery_rate=128222&cwnd=98400&unsent_bytes=0&cid=617ca5170c077254&ts=355&x=1", cfHdrFlush;dur=9
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36124b96b66ff-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 631847
server: cloudflare

GET
H3 200 14.png
tradpolin.com/lander/pl-orlen/img/ 1 MB
1 MB 197ms
194ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/14.png
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cf-cache-status: MISS
etag: "66f40ac8-11cbc4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UwjdV4%2B4%2FkbcILWBkn1%2B%2F9NG9pTRBwFUNugWLVB8zsbPUEghKwk8ezqC%2FKQaoTkqzQY8ctRQ5AbFaMpJaV500b3KyJhFD5apBszAb6WIUOXTfB%2FyQDKDte7zg%2FYtQutN"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19061&sent=2484&recv=288&lost=139&retrans=139&sent_bytes=2920049&recv_bytes=21902&delivery_rate=10962929&cwnd=237530&unsent_bytes=0&cid=617ca5170c077254&ts=512&x=1", cfHdrFlush;dur=1
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36124b96c66ff-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1166276
server: cloudflare

GET
H3 200 15.jpg
tradpolin.com/lander/pl-orlen/img/ 3 MB
3 MB 191ms
188ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/15.jpg
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cf-cache-status: MISS
etag: "66f40ac8-29e8f2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oSsWKPNRmrDJsJWCbKBSBxkBw%2B5cKicC6i2YB3lltQbe3lLLrnXXeWqw2h8NG%2FrJwJilRY7rO1OGTj9%2BfYx8HkUVEH1VKR2KF6Dlv0s56Qx7tflYrJISVA5mcOH3M4qL"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19372&sent=2474&recv=287&lost=139&retrans=139&sent_bytes=2908049&recv_bytes=21852&delivery_rate=15247124&cwnd=237530&unsent_bytes=0&cid=617ca5170c077254&ts=508&x=1", cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36124b96d66ff-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2746610
server: cloudflare

GET
H3 200 16.jpg
tradpolin.com/lander/pl-orlen/img/ 57 KB
57 KB 183ms
181ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradpolin.com/lander/pl-orlen/img/16.jpg
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cf-cache-status: HIT
etag: "66f40ac8-e285"
age: 123832
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHq1x5wf9qAdGrl8bV%2BEtw4H912BYAuP45WiJTczzauXyMCGllwkFTFT7wP4A3zRQswxfBwUyBoc33if24Rk2AN1CGkD7Wh%2B7RcYZPFH1S5sOUQy1zWc2GZf%2F1JbLCmO"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 21:06:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15618&sent=282&recv=79&lost=0&retrans=0&sent_bytes=301569&recv_bytes=12190&delivery_rate=128222&cwnd=98400&unsent_bytes=0&cid=617ca5170c077254&ts=352&x=1", cfHdrFlush;dur=12
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36124b97066ff-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57989
server: cloudflare

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
10 KB 28ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
age: 543214
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230159-FRA, cache-ams21029-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9994
x-jsd-version: 1.8.1

GET
H3 200 main.js Show response
tradpolin.com/lander/pl-orlen/js/ 2 KB
1 KB 141ms
136ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradpolin.com/lander/pl-orlen/js/main.js
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea27d6a8e4dbcb46bb1e8a08327066daf3ed96011b68a1c3181b57d918867a99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"66f40ac8-890"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCO2KimdLW3mtxuwxEMmlT%2F1JKLryU6lQwp4KzrfR3bqZqrQQx53k%2FKFSUAYDNOsONXhxnOTe40YD8oTeKK9oBM9yen6ZAHDCLD%2FWS%2F%2F5O%2FzJyw8myAmoPMRJ7lzlOWA"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 07:30:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16498&sent=1358&recv=167&lost=76&retrans=76&sent_bytes=1581819&recv_bytes=16361&delivery_rate=22245915&cwnd=334530&unsent_bytes=0&cid=617ca5170c077254&ts=431&x=1", cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 13:06:16 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8de36124b96a66ff-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 182ms
19ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 1895126
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 51, 81601
x-served-by: cache-lga21931-LGA, cache-bru1480075-BRU
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1730878240.636007,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H2 200 intlTelInput.css
cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/css/ 20 KB
3 KB 25ms
19ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/css/intlTelInput.css

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

28935fb56147fa4e2c0d5fbf29253527b085d9cc832a4c18b2ce5baa5fe7c9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"502c-P41QDMS6pnMeBv0vqCJ4NGPqaE8"
age: 1305954
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220100-FRA, cache-ams21029-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2995
x-jsd-version: 23.3.2

GET
H2 200 intlTelInput.min.js Show response
cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/js/ 29 KB
10 KB 25ms
19ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/js/intlTelInput.min.js

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8aa5f8f647356dcd4fc5dbbe0efd5bc0e8da74026bc61e24636e2e1f5749b0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"72b4-sY3bJzPjWNRQqHDemSqTogh1rVM"
age: 604208
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230090-FRA, cache-ams21029-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10533
x-jsd-version: 23.3.2

GET
H2 200 globalOffer.css
cdn.jsdelivr.net/gh/t-cult/integration@v1.2.0/ 4 KB
2 KB 26ms
21ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/t-cult/integration@v1.2.0/globalOffer.css

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7136b4898cd5ce710a6f38d87d3cdec70cba2e35f6b579610fbc9aaf6860c3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"e3b-Z26mU3eGDOYUbfx5ZCce1Rkf080"
age: 416487
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220142-FRA, cache-ams21029-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1113
x-jsd-version: 1.2.0

GET
H2 200 offerApp.js Show response
cdn.jsdelivr.net/gh/t-cult/integration@v1.2.0/ 21 KB
7 KB 26ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/t-cult/integration@v1.2.0/offerApp.js

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0dd933269916b2310a3718cd006deef17f7ae2f500cc779944d1ed11a3ab3e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"535f-GXt5MUjOgPb4XtAlL6oOSyYhisY"
age: 1294247
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230100-FRA, cache-ams21029-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6785
x-jsd-version: 1.2.0

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.36.2/ 66 KB
20 KB 85ms
20ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/S00oOWsS-DZ9rNWWS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780218bda13c8a2362d45ebec297989e456e2511e83aa574c1deeee9df6127fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
etag: "1ce002c93317733cda35dcef121db9b4"
age: 366
x-cache: HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
last-modified: Mon, 16 Sep 2024 18:29:50 GMT
vary: Accept-Encoding
x-cache-hits: 125
content-type: application/javascript
x-served-by: cache-ams21025-AMS
cache-control: max-age=900, immutable
x-timer: S1730878240.785693,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19880
server: AmazonS3

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.36.2/ 322 KB
85 KB 84ms
21ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/S00oOWsS-DZ9rNWWS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efd4bdf5c117754802f889555f4396867101f917ce259303d8171371e2903589

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
etag: "96388c8374190b02b1c684940b0c267c"
age: 1190401
x-cache: HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
last-modified: Thu, 12 Sep 2024 17:51:58 GMT
vary: Accept-Encoding
x-cache-hits: 24218
content-type: application/javascript
x-served-by: cache-ams21025-AMS
cache-control: max-age=31536000, immutable
x-timer: S1730878240.785725,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 86413
server: AmazonS3

GET
H2 200 playback.json Show response
cdn.jwplayer.com/v2/sites/LzlcdTVT/media/S00oOWsS/ 2 KB
942 B 201ms
144ms XHR
application/json 2600:9000:225e:3a00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/sites/LzlcdTVT/media/S00oOWsS/playback.json?recommendations_playlist_id=z6et6XYN
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/S00oOWsS-DZ9rNWWS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash: 384252b8dbf9da2d0dc08e0d732fb38b146bb369ad45caf1348c75d7b476e259

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

x-robots-tag: none, indexifembedded
cache-control: max-age=180
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: Xp2W9MW7G80vAw0_-DzgRCrLjhnP_7dxqPDYMm7_eUD5qipNRLr3gg==
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/json
vary: Accept-Encoding
server: uvicorn
x-amz-cf-pop: FRA60-P4

GET
H3 200 465807986472994 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 201ms
200ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/465807986472994?v=2.9.176&r=stable&domain=tradpolin.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

d7014ab5f7728cd38ddc7e9c83258d8d5c245315b052632dc376770b234f46cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-y5gQF9nw' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-y5gQF9nw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=71, mss=1232, tbw=70417, tp=67, tpl=0, uplat=177, ullat=0
pragma: public
x-fb-debug: ID/WoIPXI16vsQuAOSGHM7cBeqajPyqIM1SMCw/Mh+0nnIm6oqDYpmC0Gsyaie7PF/TT3PDHLYoQdZpew4MKlQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 flags.png
cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/img/ 69 KB
69 KB 21ms
21ms Image
image/png 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/img/flags.png?1

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/css/intlTelInput.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

54dc5bc49fbe41359681fa0af8add039fa1383a4f4eade34f7a0a5a257dd1caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/css/intlTelInput.css

Response headers

access-control-expose-headers: *
etag: W/"112b5-tFG020MXScxAzCpfJx+YB8oh8dM"
age: 3103508
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
content-type: image/png
x-served-by: cache-fra-eddf8230150-FRA, cache-bru1480046-BRU
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70325
x-jsd-version: 23.3.2

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.36.2/ 451 KB
137 KB 16ms
15ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/S00oOWsS-DZ9rNWWS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 423fb0c266f4a755fb3e2d9093f92b92a7e9bfe4c0c4a900b4342c5b9f6ea0cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
etag: "283d59c375ad57728e89bd2fd1b6af1d"
age: 812151
x-cache: HIT
date: Wed, 06 Nov 2024 07:30:39 GMT
last-modified: Thu, 12 Sep 2024 17:52:00 GMT
vary: Accept-Encoding
x-cache-hits: 19603
content-type: application/javascript
x-served-by: cache-ams21025-AMS
cache-control: max-age=31536000, immutable
x-timer: S1730878240.931820,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 139783
server: AmazonS3

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 82ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=465807986472994&ev=PageView&dl=https%3A%2F%2Ftradpolin.com%2FsNz2byYF%3Faff%3D38%26pix%3D465807986472994%26com%3D1032&rl=&if=false&ts=1730878240019&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730878240017.736258722449958772&ler=empty&cdl=API_unavailable&it=1730878239752&coo=false&rqm=GET

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2945, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 251ms
193ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=465807986472994&ev=PageView&dl=https%3A%2F%2Ftradpolin.com%2FsNz2byYF%3Faff%3D38%26pix%3D465807986472994%26com%3D1032&rl=&if=false&ts=1730878240019&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730878240017.736258722449958772&ler=empty&cdl=API_unavailable&it=1730878239752&coo=false&rqm=FGET

Requested by

Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434065434514905913"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434065434514905913", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: P4s6N7cvxJaWDw3qMpWcYqv6/6mCe38433Ysa9lmWgmpCHgt8V2xtKKshgZhnXXYRb0bsPyt7LWisE8S/XZa2A==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1297, tbw=3263, tp=-1, tpl=-1, uplat=168, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2

200

S00oOWsS-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/S00oOWsS-120.vtt
https://assets-jpcust.jwpsrv.com/strips/S00oOWsS-120.vtt

2 KB
788 B

160ms
101ms

XHR
text/vtt

2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/S00oOWsS-120.vtt
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H2
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8974fbd293204be5f2dda13d3b63f37d39d9569154ab2b5360b0893d0febdaac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-max-age: 180
content-encoding: gzip
etag: "0c7ee0c3b37d3fdf2a430a9a5a746df5"
age: 266
access-control-allow-methods: GET
x-cache: HIT, MISS
date: Wed, 06 Nov 2024 07:30:40 GMT
last-modified: Mon, 05 Dec 2022 14:59:36 GMT
content-type: text/vtt
x-served-by: cache-iad-kiad7000139-IAD, cache-bru1480027-BRU
x-cache-hits: 1, 0
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=300
x-timer: S1730878240.275101,VS0,VE83
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 315
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
location: https://assets-jpcust.jwpsrv.com/strips/S00oOWsS-120.vtt
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 166
x-amz-cf-id: hzvELERjnB40nDzByDQsRXOuqP5f9mUSYluvGnOFYnTCtwdp7POe_g==
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: text/html
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.36.2/ 103 KB
25 KB 17ms
17ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/related.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/S00oOWsS-DZ9rNWWS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f265c7c3a2bb240d9528e75627e369f77867f62488f1bea1f9d73e2ec6fd1273

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
etag: "16de044a359043958153c7928fd2fa94"
age: 362210
x-cache: HIT
date: Wed, 06 Nov 2024 07:30:40 GMT
last-modified: Thu, 12 Sep 2024 17:52:02 GMT
vary: Accept-Encoding
x-cache-hits: 19386
content-type: application/javascript
x-served-by: cache-ams21025-AMS
cache-control: max-age=31536000, immutable
x-timer: S1730878240.107546,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25127
server: AmazonS3

GET
H2 200 S00oOWsS.m3u8 Show response
cdn.jwplayer.com/manifests/ 2 KB
728 B 163ms
157ms XHR
application/vnd.apple.mpegurl 2600:9000:225e:3a00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/manifests/S00oOWsS.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 59e1648adc89a1a8b30651ce09fb9c11a0b1c91675cb06b6e5dfb39517f9489b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 377
x-amz-cf-id: euvdhYOAKNlA_VtCzOJF3262rv0sT_SP_hooZXT6654lwo0QmgCbYQ==
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: application/vnd.apple.mpegurl; charset=utf-8
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H2

200

qi7iudk4-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/S00oOWsS/poster.jpg?width=720
https://assets-jpcust.jwpsrv.com/thumbnails/qi7iudk4-720.jpg

85 KB
82 KB

104ms
103ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/qi7iudk4-720.jpg
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H2
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da6399723e9ff2087af6794b0849f655a5caf7c5b30667544b0ae73334a01794

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
etag: "e3c8e2917bc186607aafa501d41affa2"
age: 268
x-cache: HIT, MISS
date: Wed, 06 Nov 2024 07:30:40 GMT
last-modified: Mon, 05 Dec 2022 14:59:20 GMT
content-type: image/jpeg
x-served-by: cache-iad-kjyo7100140-IAD, cache-ams21025-AMS
x-cache-hits: 2, 0
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=900
x-timer: S1730878240.246916,VS0,VE86
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83688
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
location: https://assets-jpcust.jwpsrv.com/thumbnails/qi7iudk4-720.jpg
access-control-allow-methods: GET
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: ohDEJlxKdmqJyZxJcfWlsWH-HPLAzYk7QRspPXuvnhAUBvnIrzvtDA==
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: image/jpeg
x-amz-cf-pop: FRA60-P4
server: openresty
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language

GET
H2

200

qi7iudk4-1280.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/S00oOWsS/poster.jpg?width=1280
https://assets-jpcust.jwpsrv.com/thumbnails/qi7iudk4-1280.jpg

179 KB
170 KB

207ms
207ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/qi7iudk4-1280.jpg
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H2
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: de32ed07ad1d346cc9cb3dec4cd6df498b870bb5b3f7970f76bbf2ee6cce3006

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
etag: "b63fced8d1e7d3266212b1a264bba1ed"
age: 0
x-cache: MISS, MISS
date: Wed, 06 Nov 2024 07:30:40 GMT
last-modified: Mon, 05 Dec 2022 14:59:19 GMT
content-type: image/jpeg
x-served-by: cache-iad-kiad7000111-IAD, cache-ams21025-AMS
x-cache-hits: 0, 0
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=900
x-timer: S1730878240.247031,VS0,VE190
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 173864
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
location: https://assets-jpcust.jwpsrv.com/thumbnails/qi7iudk4-1280.jpg
access-control-allow-methods: GET
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: BDGQsA0R8Z5sYr5MQEpalF_Z9anpylMlbf3D1CZz1PFcaXWJIUMl-g==
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: image/jpeg
x-amz-cf-pop: FRA60-P4
server: openresty
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language

GET
H2 200 manifest-audio_eng=112059-video_eng=408204.m3u8 Show response
videos-cloudfront-usp.jwpsrv.com/672bc3e0_10ff1a373436ff2fb8c08544151d9784ed9fb63b/site/LzlcdTVT/media/S00oOWsS/version/S00oOWsS/manifest.ism/ 1 KB
2 KB 114ms
25ms XHR
application/vnd.apple.mpegurl 2600:9000:235a:7a00:2:cecb:23c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudfront-usp.jwpsrv.com/672bc3e0_10ff1a373436ff2fb8c08544151d9784ed9fb63b/site/LzlcdTVT/media/S00oOWsS/version/S00oOWsS/manifest.ism/manifest-audio_eng=112059-video_eng=408204.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:7a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 167046aec8ac254036030b2ae446b05a7e78766a5f5230fc68995287d71ba00f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-expose-headers: server,range,date,x-cdn-forward
etag: "usp-A8B6BC47"
age: 162818
x-cache: Hit from cloudfront
x-amz-cf-id: LJUGjxsujfAsu5LY4xqA1VfuSYYFKdpSuM6wJFCT9kEftdrADjbQAg==
date: Mon, 04 Nov 2024 10:17:02 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
access-control-allow-headers: origin, range, x-cdn-forward
cache-control: max-age=2592000
timing-allow-origin: *
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1284
x-amz-cf-pop: FRA60-P9
server: Apache

GET
H2

200

S00oOWsS-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/S00oOWsS-120.jpg
https://assets-jpcust.jwpsrv.com/strips/S00oOWsS-120.jpg

78 KB
75 KB

186ms
186ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/strips/S00oOWsS-120.jpg
Requested by: Host: tradpolin.com
URL: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032
Protocol: H2
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 651c5565dc3bdfb3342649e555256eecb007482a8a797ef66b7382e745da9d01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

content-encoding: gzip
etag: "a3ccaceec52ebd8ac6f2ca0493cff16e"
age: 0
x-cache: HIT, MISS
date: Wed, 06 Nov 2024 07:30:40 GMT
last-modified: Mon, 05 Dec 2022 14:59:35 GMT
content-type: image/jpeg
x-served-by: cache-iad-kcgs7200178-IAD, cache-ams21025-AMS
x-cache-hits: 0, 0
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=900
x-timer: S1730878241.503420,VS0,VE169
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76425
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
location: https://assets-jpcust.jwpsrv.com/strips/S00oOWsS-120.jpg
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 166
x-amz-cf-id: -Jgxy6W5_SVeJQZEA3dzOSMCY8K6XLOdSb1lHnGDm0czIUbBfFCZqw==
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: text/html
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H2 200 manifest-audio_eng=112059-video_eng=408204-1.ts Show response
videos-cloudfront-usp.jwpsrv.com/672bc3e0_10ff1a373436ff2fb8c08544151d9784ed9fb63b/site/LzlcdTVT/media/S00oOWsS/version/S00oOWsS/manifest.ism/ 279 KB
280 KB 32ms
32ms XHR
video/mp2t 2600:9000:235a:7a00:2:cecb:23c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudfront-usp.jwpsrv.com/672bc3e0_10ff1a373436ff2fb8c08544151d9784ed9fb63b/site/LzlcdTVT/media/S00oOWsS/version/S00oOWsS/manifest.ism/manifest-audio_eng=112059-video_eng=408204-1.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.36.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:7a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: c2ef55aa74310e13318865b87c1699bd466b2ae2043179b9748e1c704eb0227e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

access-control-expose-headers: server,range,date,x-cdn-forward
etag: "usp-303407B3"
age: 162818
x-cache: Hit from cloudfront
x-amz-cf-id: de1thuVlG9jXAR5T6oknISFuM2sy9gJu81XF93ZbohaeugurI5cEQw==
date: Mon, 04 Nov 2024 10:17:02 GMT
content-type: video/MP2T
access-control-allow-headers: origin, range, x-cdn-forward
link: <manifest-audio_eng=112059-video_eng=408204-2.ts>; rel="next"
cache-control: max-age=2592000
timing-allow-origin: *
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 286136
x-amz-cf-pop: FRA60-P9
server: Apache
x-usp-info1: t=1970-01-01T00:00:00Z lookahead=2

GET 05987656-a078-40db-83ab-00fb7fc3e0fb
https://tradpolin.com/ 0
0

GET
H3 200 utils.js Show response
cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/js/ 253 KB
56 KB 49ms
30ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/js/utils.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/intl-tel-input@23.3.2/build/js/intlTelInput.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a4000409a897003b1c5a8e1f9f32e18a11b022452151cc47c17ecdcb76d5223b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://tradpolin.com
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"3f362-QgRuJQx/Lu/0YZqJsL57g+AeXt8"
age: 1212107
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230108-FRA, cache-bru1480066-BRU
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56438
x-jsd-version: 23.3.2

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
202 B 380ms
294ms Image
text/plain 2600:9000:21f3:e200:1b:6b7c:c940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=2079377228&e=e&n=3923736087529994&aid=3yKlf0uPEe24AaLjAIT7fw&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=0&ed=9&emi=5dvzahpos1d6&i=0&id=S00oOWsS&lid=116cgy7zhznr&lsa=set&mt=0&pbd=1&pbr=1&pgi=1uvxwtc19zn6&ph=3&pid=DZ9rNWWS&pii=0&pl=475&plc=1&pli=aq6qaev80tpy&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=PKN%20ORLEN&pu=https%3A%2F%2Ftradpolin.com%2FsNz2byYF%3Faff%3D38%26pix%3D465807986472994%26com%3D1032&pv=8.36.2&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Orlen%20Pro%20Pl&tv=4.0.6&vb=1&vi=1&vl=90&wd=845&ab=1&cae=0&cb=0&cdid=botr_S00oOWsS_DZ9rNWWS_div&cme=0&dd=1&flc=0&fv=&ga=0&lng=pl&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FS00oOWsS.m3u8&pbc=0&pd=2&pdr=&plng=pl&plt=1000&pni=0&po=0&sp=0&st=390&sa=1730878240102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e200:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/

Response headers

via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: hG1sMdLLdtqrrvyJUVePYJsuj0ibYhGzLhXMNuve90y_AIlQMqLDZg==
date: Wed, 06 Nov 2024 07:30:41 GMT
x-amz-cf-pop: FRA2-C2
server: nginx

GET
H3 404 favicon.png
tradpolin.com/lander/pl-orlen/img/ 548 B
737 B 104ms
103ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradpolin.com/lander/pl-orlen/img/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tradpolin.com/sNz2byYF?aff=38&pix=465807986472994&com=1032

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4WytH%2FFkcQVni1COoD%2BELW8iO%2B%2FvQQ7S9VEia5hSpHKBVGdRMs6WSWF2xGdD6CsA3RJHs3lAlzh6hHTjksrzLuFzp3UJVf07rIi64zAeFrn9yhBf%2BHu6AZ%2FeQSLvw1H"}],"group":"cf-nel","max_age":604800}
cf-ray: 8de3612c7a5766ff-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16390&sent=5863&recv=656&lost=139&retrans=139&sent_bytes=6941443&recv_bytes=38976&delivery_rate=14197273&cwnd=245930&unsent_bytes=0&cid=617ca5170c077254&ts=1664&x=1", cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:30:40 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tradpolin.com
URL: blob:https://tradpolin.com/05987656-a078-40db-83ab-00fb7fc3e0fb

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKN Orlen (Extraction)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tradpolin.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2fbd11h5c4458vnud2mvrhvh46
			.tradpolin.com/	1970-01-21 02:57:34	Name: _fbp Value: fb.1.1730878240017.736258722449958772

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	info	URL: blob:https://tradpolin.com/05987656-a078-40db-83ab-00fb7fc3e0fb Message: [log] > Debug logs enabled for "main" in hls.js version 1.5.13
network	error	URL: https://tradpolin.com/lander/pl-orlen/img/favicon.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-jpcust.jwpsrv.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
prd.jwpltx.com
ssl.p.jwpcdn.com
tradpolin.com
videos-cloudfront-usp.jwpsrv.com
www.facebook.com
tradpolin.com
104.17.25.14
151.101.1.229
157.240.252.13
188.114.96.3
2600:9000:21f3:e200:1b:6b7c:c940:93a1
2600:9000:225e:3a00:1:a3fa:7cc0:93a1
2600:9000:235a:7a00:2:cecb:23c0:93a1
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::626
2a04:4e42::485
2a04:4e42::626
2a04:4e42::649
029f62dc5e23f6683887a718e7061799807ee68d89d7a8d36aeb767322e9af4e
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0dd933269916b2310a3718cd006deef17f7ae2f500cc779944d1ed11a3ab3e44
114d4e772fcb300487ff941a9c7898ff2a4cae5a118d7f81bd8ad27d59aed7b9
167046aec8ac254036030b2ae446b05a7e78766a5f5230fc68995287d71ba00f
28935fb56147fa4e2c0d5fbf29253527b085d9cc832a4c18b2ce5baa5fe7c9b3
28efaa05a0266f7dc51cd185d0bb5a2e7c807efe0f3f5c031d49abdd4bccb931
384252b8dbf9da2d0dc08e0d732fb38b146bb369ad45caf1348c75d7b476e259
411b88f5217814d49bcbca3552e949b9bfc936e04de3ae1f9dec9b969a6d7150
423fb0c266f4a755fb3e2d9093f92b92a7e9bfe4c0c4a900b4342c5b9f6ea0cb
52f1186e9445e21cfc0021ddff77aaae13797e606a5121e15145f357bd2cfc48
53584bc9f8f874836074dab9ab2ea65945389a23a643e6cc93aed84cf0a959e2
54dc5bc49fbe41359681fa0af8add039fa1383a4f4eade34f7a0a5a257dd1caa
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
59e1648adc89a1a8b30651ce09fb9c11a0b1c91675cb06b6e5dfb39517f9489b
5e1af272e19a4e8bc389478e7acbb3210362aaf7032ea5b8e40d47dfc9d4410d
632c7cc4aef2f26f878a298e7265062cb090e02ba8c3d8492006261b7a21a63e
651c5565dc3bdfb3342649e555256eecb007482a8a797ef66b7382e745da9d01
67adfdac93b9ec1899cd00e55ac1b217e109dc5b379c3e2940f91f8a64f2dd2f
7136b4898cd5ce710a6f38d87d3cdec70cba2e35f6b579610fbc9aaf6860c3f9
780218bda13c8a2362d45ebec297989e456e2511e83aa574c1deeee9df6127fe
83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca
8974fbd293204be5f2dda13d3b63f37d39d9569154ab2b5360b0893d0febdaac
8aa5f8f647356dcd4fc5dbbe0efd5bc0e8da74026bc61e24636e2e1f5749b0ce
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1892b05f4dd7fa1157024b692046399c3e7e22feb05c6f57f5f43039f2feec4
a4000409a897003b1c5a8e1f9f32e18a11b022452151cc47c17ecdcb76d5223b
a45ead96c27aab89cca6d435e9a1a601f8428db328c7079584a08a84738effc0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bd4797ff17cf151c8be084dad9fe9d2835a017d4fdd58111913012fe4cc466be
c2ef55aa74310e13318865b87c1699bd466b2ae2043179b9748e1c704eb0227e
c9cc57e3297605c9c6c2005da874e1309d15c9c70d8576eb29d3ff101fef5ea9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d7014ab5f7728cd38ddc7e9c83258d8d5c245315b052632dc376770b234f46cd
da6399723e9ff2087af6794b0849f655a5caf7c5b30667544b0ae73334a01794
dc171b08542a14b6fc5ff79d0004dcadba97c71868b3ded665038fbe78633c1e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de32ed07ad1d346cc9cb3dec4cd6df498b870bb5b3f7970f76bbf2ee6cce3006
e285f5522374678e8777ce328beb07b729521e3f0ffcc30dc6499dbf319a4ee7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea27d6a8e4dbcb46bb1e8a08327066daf3ed96011b68a1c3181b57d918867a99
efd4bdf5c117754802f889555f4396867101f917ce259303d8171371e2903589
f265c7c3a2bb240d9528e75627e369f77867f62488f1bea1f9d73e2ec6fd1273
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

tradpolin.com Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

90 %HTTPS

67 %IPv6

10 Domains

11 Subdomains

13 IPs

4 Countries

7726 kBTransfer

10201 kBSize

2 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tradpolin.com Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

90 %
HTTPS

67 %
IPv6

10
Domains

11
Subdomains

13
IPs

4
Countries

7726 kB
Transfer

10201 kB
Size

2
Cookies

48 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!