www.avans.pl Open in urlscan Pro
157.25.21.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ns1.bankanswer.net/
Effective URL:
https://www.avans.pl/lp,promocja-zakonczona?redirect=1
Submission: On May 05 via automatic, source certstream-suspicious (May 5th 2020, 10:21:04 am UTC)

Summary HTTP 64 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 8 countries across 18 domains to perform 64 HTTP transactions. The main IP is 157.25.21.152, located in Mosina, Poland and belongs to GTSCE GTS Central Europe / Antel Germany, CZ. The main domain is www.avans.pl.
TLS certificate: Issued by Certum Organization Validation CA SHA2 on May 22nd 2017. Valid for: 3 years.

This is the only time www.avans.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	159.69.42.212 159.69.42.212	24940 (HETZNER-AS) (HETZNER-AS)
2	94.130.186.231 94.130.186.231	24940 (HETZNER-AS) (HETZNER-AS)
1 8	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	144.76.0.242 144.76.0.242	24940 (HETZNER-AS) (HETZNER-AS)
1 2	209.15.13.136 209.15.13.136	13768 (COGECO-PEER1) (COGECO-PEER1)
2	54.173.100.244 54.173.100.244	14618 (AMAZON-AES) (AMAZON-AES)
1 1	213.227.156.193 213.227.156.193	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	34.95.109.120 34.95.109.120	15169 (GOOGLE) (GOOGLE)
1 1	63.34.164.135 63.34.164.135	16509 (AMAZON-02) (AMAZON-02)
2 28	157.25.21.152 157.25.21.152	5588 (GTSCE GTS...) (GTSCE GTS Central Europe / Antel Germany)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	51.144.190.215 51.144.190.215	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	52.232.109.51 52.232.109.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.166.122.138 52.166.122.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	51.144.164.212 51.144.164.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
64	19

2 159.69.42.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.42.69.159.clients.your-server.de

ns1.bankanswer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.186.231 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.231.186.130.94.clients.your-server.de

track.tkbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.0.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.0.76.144.clients.your-server.de

track.traffic.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.15.13.136 (Toronto, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

dprtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.173.100.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-100-244.compute-1.amazonaws.com

usa.khurshid-sus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.193 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

onehorizon.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.109.120 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wrap.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.164.135 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-164-135.eu-west-1.compute.amazonaws.com

redir.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 157.25.21.152 (Mosina, Poland) 2 redirects

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)

www.avans.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avans.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

www.snrcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.190.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ai.synerise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.232.109.51 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

proxy.snrbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.166.122.138 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tck.snrbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.144.164.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.snrbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	avans.pl 2 redirects www.avans.pl avans.pl	828 KB
8	google-analytics.com 1 redirects www.google-analytics.com	38 KB
5	google.de www.google.de	593 B
5	google.com 3 redirects www.google.com	773 B
5	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
5	snrbox.com proxy.snrbox.com tck.snrbox.com dc.snrbox.com	5 KB
3	tradedoubler.com 2 redirects clk.tradedoubler.com redir.tradedoubler.com wrap.tradedoubler.com	3 KB
2	snrcdn.net www.snrcdn.net	81 KB
2	polyfill.io cdn.polyfill.io	3 KB
2	khurshid-sus.com usa.khurshid-sus.com	3 KB
2	dprtb.com 1 redirects dprtb.com	3 KB
2	traffic.club track.traffic.club	2 KB
2	tkbo.com track.tkbo.com	2 KB
2	bankanswer.net ns1.bankanswer.net	2 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	synerise.com ai.synerise.com	29 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	g2afse.com 1 redirects onehorizon.g2afse.com	237 B
64	18

	Domain	Requested by
27	www.avans.pl	1 redirects usa.khurshid-sus.com www.avans.pl
8	www.google-analytics.com	1 redirects ns1.bankanswer.net www.googletagmanager.com www.google-analytics.com www.avans.pl
5	www.google.de	www.avans.pl
5	www.google.com	3 redirects www.avans.pl
3	stats.g.doubleclick.net	3 redirects
2	googleads.g.doubleclick.net	www.googleadservices.com
2	dc.snrbox.com	www.snrcdn.net
2	proxy.snrbox.com	www.snrcdn.net
2	www.snrcdn.net	www.avans.pl www.snrcdn.net
2	cdn.polyfill.io	www.avans.pl
2	usa.khurshid-sus.com	dprtb.com usa.khurshid-sus.com
2	dprtb.com	1 redirects track.traffic.club
2	track.traffic.club	track.tkbo.com track.traffic.club
2	track.tkbo.com	ns1.bankanswer.net track.tkbo.com
2	ns1.bankanswer.net	ns1.bankanswer.net
1	tck.snrbox.com	www.snrcdn.net
1	wrap.tradedoubler.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ai.synerise.com	www.avans.pl
1	avans.pl	1 redirects
1	www.googletagmanager.com	www.avans.pl
1	redir.tradedoubler.com	1 redirects
1	clk.tradedoubler.com	1 redirects
1	onehorizon.g2afse.com	1 redirects
64	24

This site contains links to these domains. Also see Links.

Domain
avans.pl

Subject Issuer	Validity	Valid
ns1.bankanswer.net Let's Encrypt Authority X3	`2020-05-05` - `2020-08-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
track.tkbo.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2021-02-26`	a year	crt.sh
traffic.club GlobeSSL DV Certification Authority 2	`2019-01-07` - `2021-01-06`	2 years	crt.sh
*.avans.pl Certum Organization Validation CA SHA2	`2017-05-22` - `2020-05-21`	3 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-16` - `2021-04-17`	a year	crt.sh
sni1a72cgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-11-09` - `2021-11-17`	2 years	crt.sh
*.synerise.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-09` - `2021-03-09`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2	`2018-12-10` - `2021-01-27`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
Frame ID: F631E0CBA49491ECB1161633EA0E3E4A
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ns1.bankanswer.net/ Page URL
http://track.tkbo.com/?mid=138&f=138&domain=bankanswer.net Page URL
https://track.tkbo.com/go.php?mid=138&f=138&domain=bankanswer.net&ref= Page URL
https://track.traffic.club/helper/forward.php?target=aHR0cDovL2RwcnRiLmNvbS9jbGljaz9kYXRhPVNrb3dNbVJZZU... Page URL
https://track.traffic.club/helper/forward.php Page URL
http://dprtb.com/click?data=SkowMmRYeElSTzgtRnhsMnRkMXdyNmxLaFFmeDRBem9HeTZRallPYUxxZXJNUlBVU... Page URL
http://dprtb.com/Redirect/ HTTP 302
http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea... Page URL
http://usa.khurshid-sus.com/zcredirect?visitid=1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f&type=js&browserWidth... Page URL
https://onehorizon.g2afse.com/click?pid=2&offer_id=541 HTTP 302
https://clk.tradedoubler.com/click?p=284068&a=2813771&g=24744116&pools=535432 HTTP 302
https://redir.tradedoubler.com/projectr/?tduid=83902078d57a6da042dcc48677b487ac&utm_source=fCAdkEcDcq&utm_m... HTTP 302
https://www.avans.pl/lp,ekstra-ceny-na-wiosne?utm_campaign=2020.03.03_ekstra-ceny-na-wiosne&tduid... HTTP 302
https://www.avans.pl/lp,promocja-zakonczona?redirect=1 Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

64
Requests

94 %
HTTPS

36 %
IPv6

18
Domains

24
Subdomains

19
IPs

8
Countries

1049 kB
Transfer

4433 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://avans.pl/agd-do-zabudowy/okapy-do-zabudowy
Title: OKAPY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ns1.bankanswer.net/ Page URL
http://track.tkbo.com/?mid=138&f=138&domain=bankanswer.net Page URL
https://track.tkbo.com/go.php?mid=138&f=138&domain=bankanswer.net&ref= Page URL
https://track.traffic.club/helper/forward.php?target=aHR0cDovL2RwcnRiLmNvbS9jbGljaz9kYXRhPVNrb3dNbVJZZUVsU1R6Z3RSbmhzTW5Sa01YZHlObXhMYUZGbWVEUkJlbTlIZVRaUmFsbFBZVXh4WlhKTlVsQlZVRUZyWjFKUU9GaGphMFZQYmxkSFVrZGplbTVYYTJOMFVWUm5hazU0V0ZrekxYWXlaRzVxZVd0MVFuTmZhVlJtU1hSSU5XTmpNRzkzZFVod1pXWkVPSFZDWjBoVk5YWkhabE5zY0ROeU9VbEJibGRoWTBVME9IQldOV2RITkU1MkxVNUxkWEJuTWcyJmlkPWY0NTJhN2RmLTRlOWMtNDc2MS05OTZkLTIwMDcwNGQzYjE1Nw==&hash=4931e30114cc6f80b212d6dc98403a1f Page URL
https://track.traffic.club/helper/forward.php Page URL
http://dprtb.com/click?data=SkowMmRYeElSTzgtRnhsMnRkMXdyNmxLaFFmeDRBem9HeTZRallPYUxxZXJNUlBVUEFrZ1JQOFhja0VPbldHUkdjem5Xa2N0UVRnak54WFkzLXYyZG5qeWt1QnNfaVRmSXRINWNjMG93dUhwZWZEOHVCZ0hVNXZHZlNscDNyOUlBbldhY0U0OHBWNWdHNE52LU5LdXBnMg2&id=f452a7df-4e9c-4761-996d-200704d3b157 Page URL
http://dprtb.com/Redirect/ HTTP 302
http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea-890c-0a06ea97c507 Page URL
http://usa.khurshid-sus.com/zcredirect?visitid=1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://onehorizon.g2afse.com/click?pid=2&offer_id=541 HTTP 302
https://clk.tradedoubler.com/click?p=284068&a=2813771&g=24744116&pools=535432 HTTP 302
https://redir.tradedoubler.com/projectr/?tduid=83902078d57a6da042dcc48677b487ac&utm_source=fCAdkEcDcq&utm_medium=linktxt&utm_campaign=2020.05&utm_content=2813771&_td_deeplink=https://www.avans.pl/lp,ekstra-ceny-na-wiosne?utm_campaign=2020.03.03_ekstra-ceny-na-wiosne HTTP 302
https://www.avans.pl/lp,ekstra-ceny-na-wiosne?utm_campaign=2020.03.03_ekstra-ceny-na-wiosne&tduid=83902078d57a6da042dcc48677b487ac&utm_source=fCAdkEcDcq&utm_medium=linktxt&utm_content=2813771 HTTP 302
https://www.avans.pl/lp,promocja-zakonczona?redirect=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://dprtb.com/Redirect/ HTTP 302
http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea-890c-0a06ea97c507

Request Chain 34

https://avans.pl/lp/avans/lp/promocja-zakonczona/popup.png HTTP 301
https://www.avans.pl/lp/avans/lp/promocja-zakonczona/popup.png

Request Chain 49

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-60471910-1&cid=108400082.1588674046&jid=1218421066&gjid=766448003&_gid=1579254724.1588674046&_u=aGBAgEAL~&z=876124834 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=1218421066&_v=j81&z=876124834 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=1218421066&_v=j81&z=876124834&slf_rd=1&random=2340844771

Request Chain 51

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-60471910-2&cid=108400082.1588674046&jid=1493188480&gjid=674938506&_gid=1579254724.1588674046&_u=aGDAgEAL~&z=2056739862 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-2&cid=108400082.1588674046&jid=1493188480&_v=j81&z=2056739862 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-2&cid=108400082.1588674046&jid=1493188480&_v=j81&z=2056739862&slf_rd=1&random=2720370615

Request Chain 52

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2027067456&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&ul=en-us&de=UTF-8&dt=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Error&ea=Script%20error.&el=0%3A%20%20%7C%20%2Flp%2Cpromocja-zakonczona&_u=aGDAAEAL~&jid=246029752&gjid=1306683251&cid=108400082.1588674046&tid=UA-60471910-1&_gid=1579254724.1588674046&_r=1&gtm=2wg4m0TLJR8B&cd7=108400082.1588674046&cd12=www.avans.pl&z=1402725887 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-60471910-1&cid=108400082.1588674046&jid=246029752&_gid=1579254724.1588674046&gjid=1306683251&_v=j81&z=1402725887 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=246029752&_v=j81&z=1402725887 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=246029752&_v=j81&z=1402725887&slf_rd=1&random=357535146

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
ns1.bankanswer.net/ 2 KB
1 KB 248ms
87ms Document
text/html 159.69.42.212
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ns1.bankanswer.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.69.42.212 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.212.42.69.159.clients.your-server.de

Software

openresty /

Resource Hash

539753a0cf843549f255ac27dfe30934bacc49c66357a7ed3e9ab608506a6973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ns1.bankanswer.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: openresty
date: Tue, 05 May 2020 10:14:02 GMT
content-type: text/html; charset=utf8
set-cookie: ndsp=eyJkb21haW5OYW1lIjoiYmFua2Fuc3dlci5uZXQiLCJtZW1iZXIiOiIxNCIsInRlbXBsYXRlIjoic2VkbzEyNiIsInVzZXJBZ2VudCI6Ik1vemlsbGFcLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdFwvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lXC83NC4wLjM3MjkuMTY5IFNhZmFyaVwvNTM3LjM2Iiwic2Vzc2lvbiI6IjAwYzViMDViNTk1OTAxNjM3YjBhNjAxM2RhNDcwZjRjIiwidGltZV9pbml0IjoxNTg4NjczNjQyfQ%3D%3D; expires=Tue, 05-May-2020 21:59:59 GMT; Max-Age=42357; path=/
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 banner_ads.js Show response
ns1.bankanswer.net/ 111 B
326 B 61ms
61ms Script
application/javascript 159.69.42.212
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ns1.bankanswer.net/banner_ads.js
Requested by: Host: ns1.bankanswer.net
URL: https://ns1.bankanswer.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.42.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.212.42.69.159.clients.your-server.de
Software: openresty /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: https://ns1.bankanswer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 05 May 2020 10:14:02 GMT
last-modified: Thu, 26 Sep 2019 08:13:05 GMT
server: openresty
etag: "5d8c7311-6f"
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 111
expires: Thu, 04 Jun 2020 10:14:02 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 125ms
89ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=138&f=138&domain=bankanswer.net

Requested by

Host: ns1.bankanswer.net
URL: https://ns1.bankanswer.net/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Tue, 05 May 2020 10:20:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H2 200 analytics.js
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ns1.bankanswer.net
URL: https://ns1.bankanswer.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ns1.bankanswer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5062
date: Tue, 05 May 2020 08:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Tue, 05 May 2020 10:56:20 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
14ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1017143150&t=event&ni=1&_s=1&dl=https%3A%2F%2Fns1.bankanswer.net%2F&ul=en-us&de=UTF-8&dt=bankanswer.net&sd=24-bit&sr=1600x1200&vp=1600x1185&je=0&ec=Blocking%20Ads&ea=No&_u=YEBAAEAB~&jid=509331602&gjid=585488384&cid=1624781296.1588674042&tid=UA-43967021-7&_gid=1802342984.1588674042&_r=1&cd1=sedo126&cd2=14&cd3=yes&z=302312569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ns1.bankanswer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=1017143150&t=pageview&_s=2&dl=https%3A%2F%2Fns1.bankanswer.net%2F&ul=en-us&de=UTF-8&dt=bankanswer.net&sd=24-bit&sr=1600x1200&vp=1600x1185&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1624781296.1588674042&tid=UA-43967021-7&_gid=1802342984.1588674042&cd1=sedo126&cd2=14&cd3=yes&z=1102089922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ns1.bankanswer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:17:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2696605
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 go.php Show response
track.tkbo.com/ 914 B
948 B 671ms
555ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.tkbo.com/go.php?mid=138&f=138&domain=bankanswer.net&ref=

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=138&f=138&domain=bankanswer.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

00358b27c07cd2f7daf7da47daf2a24f7b87c8eced1be57df706fe299eeb6627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /go.php?mid=138&f=138&domain=bankanswer.net&ref=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://track.tkbo.com/?mid=138&f=138&domain=bankanswer.net
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://track.tkbo.com/?mid=138&f=138&domain=bankanswer.net

Response headers

status: 200
server: nginx
date: Tue, 05 May 2020 10:20:42 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: XID=3ej87rh25ii60ih6a7rfgs5jej; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H/1.1 200
OK Cookie set forward.php Show response
track.traffic.club/helper/ 129 B
828 B 268ms
59ms Document
text/html 144.76.0.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.traffic.club/helper/forward.php?target=aHR0cDovL2RwcnRiLmNvbS9jbGljaz9kYXRhPVNrb3dNbVJZZUVsU1R6Z3RSbmhzTW5Sa01YZHlObXhMYUZGbWVEUkJlbTlIZVRaUmFsbFBZVXh4WlhKTlVsQlZVRUZyWjFKUU9GaGphMFZQYmxkSFVrZGplbTVYYTJOMFVWUm5hazU0V0ZrekxYWXlaRzVxZVd0MVFuTmZhVlJtU1hSSU5XTmpNRzkzZFVod1pXWkVPSFZDWjBoVk5YWkhabE5zY0ROeU9VbEJibGRoWTBVME9IQldOV2RITkU1MkxVNUxkWEJuTWcyJmlkPWY0NTJhN2RmLTRlOWMtNDc2MS05OTZkLTIwMDcwNGQzYjE1Nw==&hash=4931e30114cc6f80b212d6dc98403a1f

Requested by

Host: track.tkbo.com
URL: https://track.tkbo.com/go.php?mid=138&f=138&domain=bankanswer.net&ref=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.76.0.242 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.242.0.76.144.clients.your-server.de

Software

nginx / PHP/5.3.10-1ubuntu3.25

Resource Hash

2f2792a94fdf35b39240ed6e151dd7e1ced76fdc0ae49f6957db59666fd79a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.traffic.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://track.tkbo.com/go.php?mid=138&f=138&domain=bankanswer.net&ref=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://track.tkbo.com/go.php?mid=138&f=138&domain=bankanswer.net&ref=

Response headers

Server: nginx
Date: Tue, 05 May 2020 10:20:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.10-1ubuntu3.25
Set-Cookie: kkl6hi=aHR0cDovL2RwcnRiLmNvbS9jbGljaz9kYXRhPVNrb3dNbVJZZUVsU1R6Z3RSbmhzTW5Sa01YZHlObXhMYUZGbWVEUkJlbTlIZVRaUmFsbFBZVXh4WlhKTlVsQlZVRUZyWjFKUU9GaGphMFZQYmxkSFVrZGplbTVYYTJOMFVWUm5hazU0V0ZrekxYWXlaRzVxZVd0MVFuTmZhVlJtU1hSSU5XTmpNRzkzZFVod1pXWkVPSFZDWjBoVk5YWkhabE5zY0ROeU9VbEJibGRoWTBVME9IQldOV2RITkU1MkxVNUxkWEJuTWcyJmlkPWY0NTJhN2RmLTRlOWMtNDc2MS05OTZkLTIwMDcwNGQzYjE1Nw%3D%3D; expires=Tue, 05-May-2020 10:20:53 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set forward.php Show response
track.traffic.club/helper/ 381 B
747 B 61ms
61ms Document
text/html 144.76.0.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.traffic.club/helper/forward.php

Requested by

Host: track.traffic.club
URL: https://track.traffic.club/helper/forward.php?target=aHR0cDovL2RwcnRiLmNvbS9jbGljaz9kYXRhPVNrb3dNbVJZZUVsU1R6Z3RSbmhzTW5Sa01YZHlObXhMYUZGbWVEUkJlbTlIZVRaUmFsbFBZVXh4WlhKTlVsQlZVRUZyWjFKUU9GaGphMFZQYmxkSFVrZGplbTVYYTJOMFVWUm5hazU0V0ZrekxYWXlaRzVxZVd0MVFuTmZhVlJtU1hSSU5XTmpNRzkzZFVod1pXWkVPSFZDWjBoVk5YWkhabE5zY0ROeU9VbEJibGRoWTBVME9IQldOV2RITkU1MkxVNUxkWEJuTWcyJmlkPWY0NTJhN2RmLTRlOWMtNDc2MS05OTZkLTIwMDcwNGQzYjE1Nw==&hash=4931e30114cc6f80b212d6dc98403a1f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.76.0.242 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.242.0.76.144.clients.your-server.de

Software

nginx / PHP/5.3.10-1ubuntu3.25

Resource Hash

d91568113029bb4a2850266bcba1261f083c67180780ae8ab34f14245a769162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.traffic.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://track.traffic.club/helper/forward.php?target=aHR0cDovL2RwcnRiLmNvbS9jbGljaz9kYXRhPVNrb3dNbVJZZUVsU1R6Z3RSbmhzTW5Sa01YZHlObXhMYUZGbWVEUkJlbTlIZVRaUmFsbFBZVXh4WlhKTlVsQlZVRUZyWjFKUU9GaGphMFZQYmxkSFVrZGplbTVYYTJOMFVWUm5hazU0V0ZrekxYWXlaRzVxZVd0MVFuTmZhVlJtU1hSSU5XTmpNRzkzZFVod1pXWkVPSFZDWjBoVk5YWkhabE5zY0ROeU9VbEJibGRoWTBVME9IQldOV2RITkU1MkxVNUxkWEJuTWcyJmlkPWY0NTJhN2RmLTRlOWMtNDc2MS05OTZkLTIwMDcwNGQzYjE1Nw==&hash=4931e30114cc6f80b212d6dc98403a1f
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kkl6hi=aHR0cDovL2RwcnRiLmNvbS9jbGljaz9kYXRhPVNrb3dNbVJZZUVsU1R6Z3RSbmhzTW5Sa01YZHlObXhMYUZGbWVEUkJlbTlIZVRaUmFsbFBZVXh4WlhKTlVsQlZVRUZyWjFKUU9GaGphMFZQYmxkSFVrZGplbTVYYTJOMFVWUm5hazU0V0ZrekxYWXlaRzVxZVd0MVFuTmZhVlJtU1hSSU5XTmpNRzkzZFVod1pXWkVPSFZDWjBoVk5YWkhabE5zY0ROeU9VbEJibGRoWTBVME9IQldOV2RITkU1MkxVNUxkWEJuTWcyJmlkPWY0NTJhN2RmLTRlOWMtNDc2MS05OTZkLTIwMDcwNGQzYjE1Nw%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://track.traffic.club/helper/forward.php?target=aHR0cDovL2RwcnRiLmNvbS9jbGljaz9kYXRhPVNrb3dNbVJZZUVsU1R6Z3RSbmhzTW5Sa01YZHlObXhMYUZGbWVEUkJlbTlIZVRaUmFsbFBZVXh4WlhKTlVsQlZVRUZyWjFKUU9GaGphMFZQYmxkSFVrZGplbTVYYTJOMFVWUm5hazU0V0ZrekxYWXlaRzVxZVd0MVFuTmZhVlJtU1hSSU5XTmpNRzkzZFVod1pXWkVPSFZDWjBoVk5YWkhabE5zY0ROeU9VbEJibGRoWTBVME9IQldOV2RITkU1MkxVNUxkWEJuTWcyJmlkPWY0NTJhN2RmLTRlOWMtNDc2MS05OTZkLTIwMDcwNGQzYjE1Nw==&hash=4931e30114cc6f80b212d6dc98403a1f

Response headers

Server: nginx
Date: Tue, 05 May 2020 10:20:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.10-1ubuntu3.25
Set-Cookie: kkl6hi=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT tc_rvs=1; expires=Tue, 05-May-2020 10:20:46 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set click Show response
dprtb.com/ 5 KB
3 KB 336ms
280ms Document
text/html 209.15.13.136
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: http://dprtb.com/click?data=SkowMmRYeElSTzgtRnhsMnRkMXdyNmxLaFFmeDRBem9HeTZRallPYUxxZXJNUlBVUEFrZ1JQOFhja0VPbldHUkdjem5Xa2N0UVRnak54WFkzLXYyZG5qeWt1QnNfaVRmSXRINWNjMG93dUhwZWZEOHVCZ0hVNXZHZlNscDNyOUlBbldhY0U0OHBWNWdHNE52LU5LdXBnMg2&id=f452a7df-4e9c-4761-996d-200704d3b157
Requested by: Host: track.traffic.club
URL: https://track.traffic.club/helper/forward.php
Protocol: HTTP/1.1
Server: 209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 6ecd478dce0640b8884ae5792d0566d2f228ed476669bae783f11b870f650bf6

Request headers

Host: dprtb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: FjCNuUdmBUCFhzN=FjCNuUdmBUCFhzN; path=/
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 05 May 2020 10:20:43 GMT
Content-Length: 2186

GET
H/1.1

200
OK

1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f Show response
usa.khurshid-sus.com/zcvisitor/
Redirect Chain

http://dprtb.com/Redirect/
http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea-890c-0a06ea97c507

1010 B
2 KB

298ms
256ms

Document
text/html

54.173.100.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea-890c-0a06ea97c507

Requested by

Host: dprtb.com
URL: http://dprtb.com/click?data=SkowMmRYeElSTzgtRnhsMnRkMXdyNmxLaFFmeDRBem9HeTZRallPYUxxZXJNUlBVUEFrZ1JQOFhja0VPbldHUkdjem5Xa2N0UVRnak54WFkzLXYyZG5qeWt1QnNfaVRmSXRINWNjMG93dUhwZWZEOHVCZ0hVNXZHZlNscDNyOUlBbldhY0U0OHBWNWdHNE52LU5LdXBnMg2&id=f452a7df-4e9c-4761-996d-200704d3b157

Protocol

HTTP/1.1

Server

54.173.100.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-173-100-244.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

d47cf4124c77916d60214f2419ce39bf6f45369d7154886d57413886c67492bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usa.khurshid-sus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dprtb.com/click?data=SkowMmRYeElSTzgtRnhsMnRkMXdyNmxLaFFmeDRBem9HeTZRallPYUxxZXJNUlBVUEFrZ1JQOFhja0VPbldHUkdjem5Xa2N0UVRnak54WFkzLXYyZG5qeWt1QnNfaVRmSXRINWNjMG93dUhwZWZEOHVCZ0hVNXZHZlNscDNyOUlBbldhY0U0OHBWNWdHNE52LU5LdXBnMg2&id=f452a7df-4e9c-4761-996d-200704d3b157
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: http://dprtb.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://dprtb.com/click?data=SkowMmRYeElSTzgtRnhsMnRkMXdyNmxLaFFmeDRBem9HeTZRallPYUxxZXJNUlBVUEFrZ1JQOFhja0VPbldHUkdjem5Xa2N0UVRnak54WFkzLXYyZG5qeWt1QnNfaVRmSXRINWNjMG93dUhwZWZEOHVCZ0hVNXZHZlNscDNyOUlBbldhY0U0OHBWNWdHNE52LU5LdXBnMg2&id=f452a7df-4e9c-4761-996d-200704d3b157

Response headers

Date: Tue, 05 May 2020 10:20:44 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZeroPark-Traffic

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea-890c-0a06ea97c507
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 05 May 2020 10:20:43 GMT
Content-Length: 239

GET
H/1.1 200
OK zcredirect Show response
usa.khurshid-sus.com/ 290 B
987 B 275ms
275ms Document
text/html 54.173.100.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usa.khurshid-sus.com/zcredirect?visitid=1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: usa.khurshid-sus.com
URL: http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea-890c-0a06ea97c507

Protocol

HTTP/1.1

Server

54.173.100.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-173-100-244.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

4fc0254bc3186881403b7a3ff48febd6b2fa6c3720f32061d8d951eb121fc667

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usa.khurshid-sus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea-890c-0a06ea97c507
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://usa.khurshid-sus.com/zcvisitor/1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f?campaignid=43a92750-6dec-11ea-890c-0a06ea97c507

Response headers

Date: Tue, 05 May 2020 10:20:44 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZeroPark-Traffic

GET
H2

200

Primary Request lp,promocja-zakonczona Show response
www.avans.pl/
Redirect Chain

https://onehorizon.g2afse.com/click?pid=2&offer_id=541
https://clk.tradedoubler.com/click?p=284068&a=2813771&g=24744116&pools=535432
https://redir.tradedoubler.com/projectr/?tduid=83902078d57a6da042dcc48677b487ac&utm_source=fCAdkEcDcq&utm_medium=linktxt&utm_campaign=2020.05&utm_content=2813771&_td_deeplink=https://www.avans.pl/l...
https://www.avans.pl/lp,ekstra-ceny-na-wiosne?utm_campaign=2020.03.03_ekstra-ceny-na-wiosne&tduid=83902078d57a6da042dcc48677b487ac&utm_source=fCAdkEcDcq&utm_medium=linktxt&utm_content=2813771
https://www.avans.pl/lp,promocja-zakonczona?redirect=1

1 MB
75 KB

34ms
34ms

Document
text/html

157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Requested by

Host: usa.khurshid-sus.com
URL: http://usa.khurshid-sus.com/zcredirect?visitid=1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

3ca423338f6f48b6ba156c5bb2e67491af3c1ef7dcb411bffb15aceb68fcbb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.avans.pl
:scheme: https
:path: /lp,promocja-zakonczona?redirect=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=n0fvfksqft2o5ro05v1065e60n; device_view=full; 2c3a31aa9e353b308f950a852d04ae5b=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://usa.khurshid-sus.com/zcredirect?visitid=1348c9a9-8eba-11ea-bc36-0ab0e7c20c7f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, s-maxage=300
date: Tue, 05 May 2020 12:19:37 GMT
x-frame-options: DENY
content-encoding: gzip
age: 69
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 76111
strict-transport-security: max-age=16000000; includeSubDomains; preload;

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=n0fvfksqft2o5ro05v1065e60n; expires=Thu, 04-Jun-2020 10:20:45 GMT; Max-Age=2592000; path=/; HttpOnly device_view=full; expires=Fri, 05-Jun-2020 10:20:45 GMT; Max-Age=2678400; path=/; HttpOnly 2c3a31aa9e353b308f950a852d04ae5b=0; expires=Fri, 05-Jun-2020 10:20:45 GMT; Max-Age=2678400; path=/; HttpOnly
date: Tue, 05 May 2020 12:20:45 GMT
location: /lp,promocja-zakonczona?redirect=1
cache-control: private, no-cache
age: 0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 380
strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 vendor.1bd535.min.js Show response
www.avans.pl/assets/js/ 762 KB
212 KB 73ms
72ms Script
application/javascript 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/js/vendor.1bd535.min.js

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

15ed0818ca46f8c87d2d350a09f4ba6d06f6a23a4bc93c6c25a202be9145337d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 14:21:03 GMT
age: 253830
etag: W/"5ea98d4f-be82f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 216630
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:16 GMT

GET
H2 200 common.e99ba1.min.js Show response
www.avans.pl/assets/js/ 1 MB
194 KB 49ms
49ms Script
application/javascript 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/js/common.e99ba1.min.js

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

a9a6859dd7e5e406c4c6369ba164a67c6b9365458de10d3500aba276a88a17e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 14:21:03 GMT
age: 253834
etag: W/"5ea98d4f-104be9"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 198441
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:11 GMT

GET
H2 200 cms.9cd8a9.min.js Show response
www.avans.pl/assets/js/ 3 KB
2 KB 73ms
73ms Script
application/javascript 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/js/cms.9cd8a9.min.js

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

a6232abd92709991adc4978536db710fbe2f5f2e463c7ebb98b4816a04052362

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 14:21:03 GMT
age: 253823
etag: W/"5ea98d4f-b10"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 1410
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:22 GMT

GET
H2 200 webfont-a589a9d186d3a1a486f75d5952d1f8ee.woff
www.avans.pl/assets/fonts/webfont/ 17 KB
18 KB 124ms
123ms Font
application/font-woff 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/fonts/webfont/webfont-a589a9d186d3a1a486f75d5952d1f8ee.woff?a589a9d186d3a1a486f75d5952d1f8ee

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

5fd07630728474c0c3f22cf234ea71b62b9e5de0d10e9548c26cd1374023da87

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
Origin: https://www.avans.pl

Response headers

date: Sat, 02 May 2020 11:50:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 14:19:43 GMT
age: 253836
etag: "5ea98cff-44f4"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/font-woff
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17652
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:09 GMT

GET
H2 200 content.min.css
www.avans.pl/assets/css/ 26 KB
5 KB 85ms
85ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/css/content.min.css?v=1588169994

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

78ab73b316eba2c07ed8266317f03bdd09bc9a7a0634b90de5a48255ae6d171f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 14:19:54 GMT
age: 253749
etag: W/"5ea98d0a-6725"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 4881
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:51:37 GMT

GET
H2 200 style.min.css
www.avans.pl/assets/css/ 318 KB
49 KB 115ms
114ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/css/style.min.css?v=1588169992

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

82ff2ba86687ece4abd2562c706e10e6b2a89ff5d04985b454b51c2b1e1a02bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 14:19:52 GMT
age: 253834
etag: W/"5ea98d08-4f9a9"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 49337
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:11 GMT

GET
H2 200 common.b8f7be.css
www.avans.pl/assets/js/ 231 B
501 B 122ms
122ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/js/common.b8f7be.css

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

ccf64dd2737d4366903e377563411fb5187fb9305fa1883ebb52ce5a078b9d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 14:21:03 GMT
age: 253830
etag: W/"5ea98d4f-e7"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 130
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:16 GMT

GET
H2 200 logo.png
www.avans.pl/assets/images/logos/ 3 KB
3 KB 43ms
40ms Image
image/png 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avans.pl/assets/images/logos/logo.png

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

8e4f5298395b026bc33149b7d92462966d22ad0802611bce3b5d0500edc51971

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 May 2018 07:25:13 GMT
age: 253828
etag: W/"5b0e51d9-cfe"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 2882
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
40 KB 34ms
31ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLJR8B

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3dae0dd128c4c048841f025915c2bce0db2e70af02b27de15dd922c265dd8fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40938
x-xss-protection: 0
last-modified: Tue, 05 May 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 May 2020 10:20:46 GMT

GET
H2 200 001-rtv_avans_menu_286x360.jpg
www.avans.pl/media/cache/resolve/filemanager_original/images/z_banery_menu_i_glowne_promowane/ 23 KB
22 KB 39ms
36ms Image
image/jpeg 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avans.pl/media/cache/resolve/filemanager_original/images/z_banery_menu_i_glowne_promowane/001-rtv_avans_menu_286x360.jpg

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

302c04a48c1daec5c4dd4d7f951ddd4f8ff7305f5b42a225a981b9c1fdd3e6f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Nov 2019 11:02:51 GMT
age: 253834
etag: W/"5dd66edb-5ad9"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 21888
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:12 GMT

GET
H2 200 6561-lg_avans_menu_286x360.jpg
www.avans.pl/media/cache/resolve/filemanager_original/images/z_promocje/6561/ 25 KB
25 KB 37ms
34ms Image
image/jpeg 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avans.pl/media/cache/resolve/filemanager_original/images/z_promocje/6561/6561-lg_avans_menu_286x360.jpg

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

162f7797e633c4010b194771cc141f742fcc20ed66bdcb005bc403ae9ae7d3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 11:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Jan 2020 10:23:42 GMT
age: 253829
etag: W/"5e0dc4ae-63dc"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 24729
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:16 GMT

GET
H2 200 AVANS_menu_286x360.jpg
www.avans.pl/media/cache/resolve/filemanager_original/images/z_kontry/k-1693/ 33 KB
33 KB 38ms
36ms Image
image/jpeg 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avans.pl/media/cache/resolve/filemanager_original/images/z_kontry/k-1693/AVANS_menu_286x360.jpg

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

43ae36c59b78570c1ceb5dba7bb5bcf11515d2efb04e180e49fbc35d8e57d487

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 08:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 May 2020 08:41:40 GMT
age: 92326
etag: W/"5eafd544-83fa"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 33510
x-xss-protection: 1; mode=block
expires: Tue, 04 May 2021 08:42:00 GMT

GET
H2 200 7230-sony_avans_menu_286x360.jpg
www.avans.pl/media/cache/resolve/filemanager_original/images/z_promocje/7230/ 30 KB
30 KB 40ms
38ms Image
image/jpeg 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avans.pl/media/cache/resolve/filemanager_original/images/z_promocje/7230/7230-sony_avans_menu_286x360.jpg

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

26c5b6dd4d08d758760a71f0c48755ce07bfbcc1cc2f81860f06e75cf8ec3053

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 07:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 May 2020 07:31:10 GMT
age: 96552
etag: W/"5eafc4be-7885"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 30736
x-xss-protection: 1; mode=block
expires: Tue, 04 May 2021 07:31:33 GMT

GET
H2 200 style.css
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/ 16 KB
3 KB 34ms
34ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/style.css?05050278

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

ccd6515d4df369f4cd8ae825b7c9693d28dc451807545207eccd200bcc45b913

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:55 GMT
age: 557
etag: W/"5eb13a83-4155"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 2991
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:11:28 GMT

GET
H2 200 aktualne-promocje.css
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/ 6 KB
2 KB 39ms
35ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/aktualne-promocje.css?05050278

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

ada39dc34daa36d6e85043780b44e2ad6e025ff1e6669ab3f13ecc63184e0c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:55 GMT
age: 255
etag: W/"5eb13a83-19d7"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 1796
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:16:31 GMT

GET
H2 200 belki-kategorii.css
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/ 1 KB
879 B 38ms
34ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/belki-kategorii.css?05050278

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

14365af65f0033981a8934c1f22734ae94745eb5710578ab1e8f67689fed9de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:55 GMT
age: 255
etag: W/"5eb13a83-52b"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 510
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:16:31 GMT

GET
H2 200 cechy.css
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/ 274 B
562 B 37ms
33ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/cechy.css?05050278

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

df41f333e8c50c5bd3cb81017aeca250773a4781fec5ce2bc39a1564eba47d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:54 GMT
age: 255
etag: W/"5eb13a82-112"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 193
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:16:31 GMT

GET
H2 200 piktogramy.css
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/ 219 B
523 B 38ms
34ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/piktogramy.css?05050278

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

fae5ea981c4d262458e7fc4b32c9ab1f891f2b2e771af06b3ac2764279c6953a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:55 GMT
age: 255
etag: W/"5eb13a83-db"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 155
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:16:31 GMT

GET
H2 200 zawieszki.css
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/ 176 B
495 B 43ms
39ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/zawieszki.css?05050278

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

6dbb449b7825e378ee9f04c4904c34ec6f86b7c7dce02949df56875d443c6ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:55 GMT
age: 255
etag: W/"5eb13a83-b0"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 127
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:16:31 GMT

GET
H2 200 heropoz.css
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/ 1 KB
865 B 38ms
34ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/heropoz.css?05050278?1

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

31feeb36eb52314d776c6a942306853a89c8f63c72cf444943f0b321c821d9ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:55 GMT
age: 255
etag: W/"5eb13a83-542"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 496
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:16:31 GMT

GET
H2 200 zmiany.css
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/ 2 KB
1 KB 42ms
39ms Stylesheet
text/css 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/zmiany.css?05050278?7

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

2272b022ac7350fb6cc0d1798189bbc4489d35ba53a45bbf58704d8385782b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:55 GMT
age: 255
etag: W/"5eb13a83-903"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 812
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:16:31 GMT

GET
H2 200 phldr.png
www.avans.pl/lp/avans/promocje/aktualne-promocje-new/resources/images/ 438 B
579 B 41ms
39ms Image
image/png 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje-new/resources/images/phldr.png?05050278

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

678ec17e48d5218c5685c3e1a3906a4800db068271c61be9995a91ea5547a1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Oct 2019 12:55:30 GMT
age: 557
etag: W/"5da9b642-1b6"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 209
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:11:28 GMT

GET
H2

200

popup.png
www.avans.pl/lp/avans/lp/promocja-zakonczona/
Redirect Chain

https://avans.pl/lp/avans/lp/promocja-zakonczona/popup.png
https://www.avans.pl/lp/avans/lp/promocja-zakonczona/popup.png

125 KB
123 KB

43ms
41ms

Image
image/png

157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avans.pl/lp/avans/lp/promocja-zakonczona/popup.png

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

e4f4f115a973ea333e3fef6f9f036938e6cade74df293bd6ee3c8760b9ab4db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 12:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2015 11:50:52 GMT
age: 251982
etag: W/"55f9579c-1f390"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 125289
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 12:21:04 GMT

Redirect headers

status: 301
content-length: 0
location: https://www.avans.pl/lp/avans/lp/promocja-zakonczona/popup.png

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 6 KB
2 KB 40ms
23ms Script
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=default,es6,fetch,Object.entries,String.includes,Array.prototype.includes,Array.prototype.entries,Number.isSafeInteger

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

33f74c367cf3936091dceda8a523588741994fafc563638aef1e9454a8e46b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4033623
detected-user-agent: Chrome/74.0.3729
status: 200
request_came_from_shield: HHN
server-timing: HIT, fastly;desc="Edge time";dur=0, MISS-CLUSTER, fastly;desc="Edge time";dur=13
content-length: 1438
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Mar 2020 17:46:14 GMT
date: Tue, 05 May 2020 10:20:46 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/74.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 roboto-regular-webfont.woff2
www.avans.pl/assets/fonts/roboto/ 12 KB
12 KB 54ms
53ms Font
application/octet-stream 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/fonts/roboto/roboto-regular-webfont.woff2

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

aef9c6d7727c819d30e2c628c426ecd4f6a17b43fc8a5360db9f2155e8fb9271

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.avans.pl/assets/css/style.min.css?v=1588169992
Origin: https://www.avans.pl

Response headers

date: Sat, 02 May 2020 11:50:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 May 2018 12:39:34 GMT
age: 253823
etag: "5afc2686-2f9c"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/octet-stream
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12188
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:22 GMT

GET
H2 200 roboto-medium-webfont.woff2
www.avans.pl/assets/fonts/roboto/ 12 KB
12 KB 49ms
48ms Font
application/octet-stream 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avans.pl/assets/fonts/roboto/roboto-medium-webfont.woff2

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

7390af96e653334ca87233cf462ffd8f87e2ab363fc6adcbae486c5a754e5067

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.avans.pl/assets/css/style.min.css?v=1588169992
Origin: https://www.avans.pl

Response headers

date: Sat, 02 May 2020 11:50:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 May 2018 12:39:34 GMT
age: 253833
etag: "5afc2686-2f54"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/octet-stream
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12116
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 11:50:12 GMT

GET
H2 200 sg_small_pdf.png
www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/images/ 2 KB
2 KB 41ms
41ms Image
image/png 157.25.21.152
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/images/sg_small_pdf.png

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.25.21.152 Mosina, Poland, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),

Reverse DNS

Software

Resource Hash

bca2204e2bd139d2e053309797a115aad6b60467959a188a4be9cc1165defd43

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avans.pl/lp/avans/promocje/aktualne-promocje/resources/css/style.css?05050278
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 10:05:54 GMT
age: 0
etag: W/"5eb13a82-890"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 1871
x-xss-protection: 1; mode=block
expires: Wed, 05 May 2021 10:20:46 GMT

GET
H2 200 synerise-javascript-sdk-no-m.min.js Show response
www.snrcdn.net/sdk/3.0/ 262 KB
67 KB 26ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Requested by: Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9C) /
Resource Hash: ca4ae5ac5b4ab3fb9f46f34aad7e0daf959f97c4438870e8416d7db49c194274

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
content-md5: EZmpeTiUojjRceAJyyfjwQ==
age: 559
x-cache: HIT
status: 200
content-length: 67790
x-ms-lease-status: unlocked
last-modified: Mon, 27 Apr 2020 08:49:44 GMT
server: ECAcc (frc/8E9C)
etag: 0x8D7EA87EEA83668
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: bf627fbd-401e-0086-34c5-2289c8000000
cache-control: max-age=600
x-ms-version: 2009-09-19
expires: Tue, 05 May 2020 10:30:46 GMT

GET
H/1.1 200
OK synerise-ai-sdk.js Show response
ai.synerise.com/ 109 KB
29 KB 202ms
71ms Script
application/javascript 51.144.190.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.synerise.com/synerise-ai-sdk.js
Requested by: Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.190.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: openresty /
Resource Hash: 29b4cd4a64c16e08339709710cadc7dbf2194bea700a5f2d03131103fd183d9e

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 05 May 2020 10:20:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Sep 2019 20:56:15 GMT
Server: openresty
ETag: W/"5d7ab0ef-1b5a1"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,X-Request-Id,X-Business-Profile-Id,X-API-Version,DNT,X-API-Key,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Expires: Tue, 05 May 2020 10:25:40 GMT

GET
H2 200 polyfill.js
cdn.polyfill.io/v2/ 6 KB
1 KB 8ms
8ms Other
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=default,es6,fetch,Object.entries,String.includes,Array.prototype.includes,Array.prototype.entries,Number.isSafeInteger

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

33f74c367cf3936091dceda8a523588741994fafc563638aef1e9454a8e46b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4033623
detected-user-agent: Chrome/74.0.3729
status: 200
request_came_from_shield: HHN
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 1438
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Mar 2020 17:46:14 GMT
date: Tue, 05 May 2020 10:20:46 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/74.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
11 KB 252ms
90ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJR8B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

28f07389552cf9e3557433f06cf63d9cf59e406f6aace98f63ba8220bb6095a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0
server: cafe
etag: 10886962978695911934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 May 2020 10:20:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJR8B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5066
date: Tue, 05 May 2020 08:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Tue, 05 May 2020 10:56:20 GMT

GET
H2 200 wrap Show response
wrap.tradedoubler.com/ 2 KB
2 KB 101ms
93ms Script
application/javascript 34.95.109.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://wrap.tradedoubler.com/wrap?id=19243
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJR8B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.109.95.34.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 9063e96e216bb1d4e389f9934c916298b89daa85721bae8c903e78c30c99ab80

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:45 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
status: 200
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 1575

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 09:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2214
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Tue, 05 May 2020 10:43:52 GMT

GET
H2 200 getPublicConfigForContext Show response
proxy.snrbox.com/rtom/configs/ 196 B
656 B 55ms
55ms XHR
application/json 52.232.109.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy.snrbox.com/rtom/configs/getPublicConfigForContext

Requested by

Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.232.109.51 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a64f83ac4f8b804c00f90b4ab173e3ba1a4878aedd009809309d1b0251b8df79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
tracker: 01B9C2C8-22A4-4158-2421-A5ECC1A24DB6
content-type: application/json

Response headers

date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
x-b3-traceid: 2fe2718b8560aacc
age: 448
x-cache: HIT
status: 200
x-b3-parentspanid: 25856ecbdc946b2f
vary: Origin
content-length: 196
x-xss-protection: 1; mode=block
x-frame-options: DENY
etag: W/"c4-OOIQ8sVKwoBFg7at5MNVkGXg2w8"
x-download-options: noopen
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
x-b3-spanid: 5062218620edec1c
x-b3-sampled: 0
accept-ranges: bytes
access-control-allow-credentials: true

GET
H2 200 01B9C2C8-22A4-4158-2421-A5ECC1A24DB6 Show response
tck.snrbox.com/gif/ 35 B
822 B 156ms
51ms XHR
image/gif 52.166.122.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tck.snrbox.com/gif/01B9C2C8-22A4-4158-2421-A5ECC1A24DB6?ssuid=e52982b7-de94-40d6-9795-db3c3662d928&user_hash=&emailHash=&tck=01B9C2C8-22A4-4158-2421-A5ECC1A24DB6&campaign=0&host=www.avans.pl&location=%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&title=AVANS%2520Promocja%2520zosta%25C5%2582a%2520zako%25C5%2584czona%2520-%2520Avans.pl&ver=3&color=24-bit&encoding=UTF-8&lang=en-us&res=1600x1200&refdomain=&ref=&browser=Chrome&browserver=74.0.3729.169&ecookies=true&mobile=false&os=Mac%20OS%20X&osver=10_14_5&init=1588674046&last=0&current=1588674046&long=0&visits=1&s_visits=1&u24_visits=1&productRef=null&eventUUID=634d41e9-426f-443a-af1b-264207fab294&snr_sdk_version=no-m%3A3%3A2020-04-27&ogTags=%7B%22og%3Atitle%22%3A%22AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%22%2C%22og%3Aimage%22%3A%22%2Fassets%2Fimages%2Flogos%2Flogo.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22%2Fassets%2Fimages%2Flogos%2Flogo.png%22%7D

Requested by

Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.166.122.138 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 10:20:46 GMT
status: 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.avans.pl
access-control-max-age: 86400
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
client-uuid: 21a1028d-4db7-4823-b813-13e23f9ae110
access-control-allow-headers: Origin,Content-Type,Accept,X-Requested-With,tracker,ver,X-CSRF-TOKEN,Authorization,Api-Key,X-Request-Id
content-length: 35
access-control-expose-headers: Client-UUID

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=2027067456&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&ul=en-us&de=UTF-8&dt=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAL~&jid=1218421066&gjid=766448003&cid=108400082.1588674046&tid=UA-60471910-1&_gid=1579254724.1588674046&gtm=2wg4m0TLJR8B&cd12=www.avans.pl&z=755933421

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:17:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2696609
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-60471910-1&cid=108400082.1588674046&jid=1218421066&gjid=766448003&_gid=1579254724.1588674046&_u=aGBAgEAL~&z=876124834
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=1218421066&_v=j81&z=876124834
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=1218421066&_v=j81&z=876124834&slf_rd=1&random=2340844771

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=1218421066&_v=j81&z=876124834&slf_rd=1&random=2340844771

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=1218421066&_v=j81&z=876124834&slf_rd=1&random=2340844771
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 7ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=2027067456&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&ul=en-us&de=UTF-8&dt=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEAL~&jid=1493188480&gjid=674938506&cid=108400082.1588674046&tid=UA-60471910-2&_gid=1579254724.1588674046&gtm=2wg4m0TLJR8B&z=703275966

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:17:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2696609
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-60471910-2&cid=108400082.1588674046&jid=1493188480&gjid=674938506&_gid=1579254724.1588674046&_u=aGDAgEAL~&z=2056739862
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-2&cid=108400082.1588674046&jid=1493188480&_v=j81&z=2056739862
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-2&cid=108400082.1588674046&jid=1493188480&_v=j81&z=2056739862&slf_rd=1&random=2720370615

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-2&cid=108400082.1588674046&jid=1493188480&_v=j81&z=2056739862&slf_rd=1&random=2720370615

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-2&cid=108400082.1588674046&jid=1493188480&_v=j81&z=2056739862&slf_rd=1&random=2720370615
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2027067456&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&ul=en-us&de=UTF-8&dt=AVANS%20Promocja%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-60471910-1&cid=108400082.1588674046&jid=246029752&_gid=1579254724.1588674046&gjid=1306683251&_v=j81&z=1402725887
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=246029752&_v=j81&z=1402725887
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=246029752&_v=j81&z=1402725887&slf_rd=1&random=357535146

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=246029752&_v=j81&z=1402725887&slf_rd=1&random=357535146

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60471910-1&cid=108400082.1588674046&jid=246029752&_v=j81&z=1402725887&slf_rd=1&random=357535146
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 synerise-javascript-sdk.css
www.snrcdn.net/sdk/3.0/ 67 KB
14 KB 7ms
7ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk.css
Requested by: Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F55) /
Resource Hash: 921b37d11decb2bc48b1f3b149efe7d53571a67f20b9c8ec6bb83cf1290baa85

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
content-md5: 3LoKzUJbE9W4eaKhvkXxVg==
age: 580
x-cache: HIT
status: 200
content-length: 14312
x-ms-lease-status: unlocked
last-modified: Mon, 27 Apr 2020 08:49:44 GMT
server: ECAcc (frc/8F55)
etag: 0x8D7EA87EEA74BCB
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-ms-request-id: fef484a6-501e-000c-42c5-22d279000000
cache-control: max-age=600
x-ms-version: 2009-09-19
expires: Tue, 05 May 2020 10:30:46 GMT

POST
H2 200 filtered Show response
dc.snrbox.com/v3/dynamicContent/ 811 B
827 B 180ms
74ms XHR
application/json 51.144.164.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.snrbox.com/v3/dynamicContent/filtered?uuid=21a1028d-4db7-4823-b813-13e23f9ae110&code=01B9C2C8-22A4-4158-2421-A5ECC1A24DB6&acceptLanguage=en-US

Requested by

Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.144.164.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4eae703a4e722944603fc74ed0b2296c67ee2513acede3773de533dac5070b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
status: 200
requestid: f8e94c05-5ee0-40f1-a3cf-d5fd045be540
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.avans.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true, true
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 get-public-config Show response
proxy.snrbox.com/rtom/web-push/ 2 KB
1 KB 52ms
52ms XHR
application/json 52.232.109.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy.snrbox.com/rtom/web-push/get-public-config?acceptLanguage=en-US

Requested by

Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.232.109.51 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8f0a1c35c54a09fcfc73fea0760d1c24ef2b6a2b1c70cf555f4ec370a5d2f635

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
tracker: 01B9C2C8-22A4-4158-2421-A5ECC1A24DB6
content-type: application/json

Response headers

date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-b3-traceid: 2d9dfd3120cfc343
age: 258
x-cache: HIT
status: 200
x-b3-parentspanid: ee8b7ddebb448377
vary: Origin, Accept-Encoding
content-length: 610
x-xss-protection: 1; mode=block
x-frame-options: DENY
etag: W/"614-YpM7N/Min/m+P1c+9dxI0kXdI7A"
x-download-options: noopen
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
x-b3-spanid: 179a558c0a0c14bf
x-b3-sampled: 0
accept-ranges: bytes
access-control-allow-credentials: true

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968099847/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968099847/?random=1588674046719&cv=9&fst=1588674046719&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&tiba=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97c2a80f538e0d72716e8c39089e3999de6fcf165f648a470afddba4c1eb50ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/973618095/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973618095/?random=1588674046722&cv=9&fst=1588674046722&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&tiba=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e30b30e3ca811c32df65fd25343c6873b005115d31dc3cb8c97d28ff11cbf8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1042
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/968099847/ 42 B
113 B 26ms
25ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/968099847/?random=1588674046719&cv=9&fst=1588672800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&tiba=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&async=1&fmt=3&is_vtc=1&random=1619819543&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/968099847/ 42 B
156 B 24ms
23ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/968099847/?random=1588674046719&cv=9&fst=1588672800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&tiba=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&async=1&fmt=3&is_vtc=1&random=1619819543&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/973618095/ 42 B
113 B 23ms
22ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/973618095/?random=1588674046722&cv=9&fst=1588672800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&tiba=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&async=1&fmt=3&is_vtc=1&random=619371185&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/973618095/ 42 B
110 B 22ms
22ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/973618095/?random=1588674046722&cv=9&fst=1588672800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.avans.pl%2Flp%2Cpromocja-zakonczona%3Fredirect%3D1&tiba=AVANS%20Promocja%20zosta%C5%82a%20zako%C5%84czona%20-%20Avans.pl&async=1&fmt=3&is_vtc=1&random=619371185&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.avans.pl
URL: https://www.avans.pl/lp,promocja-zakonczona?redirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 May 2020 10:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 byUuids Show response
dc.snrbox.com/v3/dynamicContent/ 2 KB
1 KB 56ms
56ms XHR
application/json 51.144.164.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.snrbox.com/v3/dynamicContent/byUuids?uuid=21a1028d-4db7-4823-b813-13e23f9ae110&code=01B9C2C8-22A4-4158-2421-A5ECC1A24DB6&acceptLanguage=en-US

Requested by

Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.144.164.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18ed0d31b4baafc3d8d485b16d9aa87b5730a28605a79e37cefbddd95b3717c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.avans.pl/lp,promocja-zakonczona?redirect=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 05 May 2020 10:20:46 GMT
content-encoding: gzip
status: 200
requestid: c86a6b3f-38a1-4443-bac4-e1df0b99faa3
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.avans.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true, true
strict-transport-security: max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.avans.pl/	1970-01-30 08:05:54	Name: _snrs_puuid Value: 21a1028d-4db7-4823-b813-13e23f9ae110
.avans.pl/	1970-01-30 08:05:54	Name: _snrs_uuid Value: 21a1028d-4db7-4823-b813-13e23f9ae110
.avans.pl/	1970-01-30 08:05:54	Name: _snrs_p Value: host:www.avans.pl&permUuid:21a1028d-4db7-4823-b813-13e23f9ae110&uuid:21a1028d-4db7-4823-b813-13e23f9ae110&emailHash:&user_hash:&init:1588674046&last:1588674046&current:1588674046&uniqueVisits:1&allVisits:1
.avans.pl/	1970-01-19 09:19:20	Name: _gid Value: GA1.2.1579254724.1588674046
.avans.pl/	1970-01-19 09:17:55	Name: _snrs_sa Value: ssuid:e52982b7-de94-40d6-9795-db3c3662d928&appear:1588674046&sessionVisits:2
.avans.pl/	1970-01-19 09:17:54	Name: _gat_UA-60471910-1 Value: 1
.avans.pl/	1970-01-19 09:17:54	Name: _dc_gtm_UA-60471910-2 Value: 1
www.avans.pl/	1970-01-19 10:02:32	Name: 2c3a31aa9e353b308f950a852d04ae5b Value: 0
.avans.pl/	1970-01-19 09:17:54	Name: _dc_gtm_UA-60471910-1 Value: 1
.avans.pl/	1970-01-20 02:49:06	Name: _ga Value: GA1.2.108400082.1588674046
.avans.pl/	1970-01-19 11:27:30	Name: _gcl_au Value: 1.1.859604354.1588674046
www.avans.pl/	1970-01-19 10:02:32	Name: device_view Value: full
.avans.pl/	1970-01-19 09:17:55	Name: _snrs_sb Value: ssuid:e52982b7-de94-40d6-9795-db3c3662d928&leaves:1588674047
www.avans.pl/	1970-01-19 10:01:06	Name: PHPSESSID Value: n0fvfksqft2o5ro05v1065e60n

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.avans.pl/assets/js/common.e99ba1.min.js(Line 1) Message: Error: The route "enp_cart_verify_pickup_point" does not exist.
console-api	warning	URL: https://www.avans.pl/assets/js/common.e99ba1.min.js(Line 1) Message: Error: The route "enp_pos_api_get_posesbytype" does not exist.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ai.synerise.com
avans.pl
cdn.polyfill.io
clk.tradedoubler.com
dc.snrbox.com
dprtb.com
googleads.g.doubleclick.net
ns1.bankanswer.net
onehorizon.g2afse.com
proxy.snrbox.com
redir.tradedoubler.com
stats.g.doubleclick.net
tck.snrbox.com
track.tkbo.com
track.traffic.club
usa.khurshid-sus.com
wrap.tradedoubler.com
www.avans.pl
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.snrcdn.net
144.76.0.242
157.25.21.152
159.69.42.212
172.217.18.2
209.15.13.136
213.227.156.193
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:806::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:818::2004
2a00:1450:4001:81b::200e
2a00:1450:400c:c08::9c
2a04:4e42:1b::621
34.95.109.120
51.144.164.212
51.144.190.215
52.166.122.138
52.232.109.51
54.173.100.244
63.34.164.135
94.130.186.231
00358b27c07cd2f7daf7da47daf2a24f7b87c8eced1be57df706fe299eeb6627
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0e30b30e3ca811c32df65fd25343c6873b005115d31dc3cb8c97d28ff11cbf8f
14365af65f0033981a8934c1f22734ae94745eb5710578ab1e8f67689fed9de0
15ed0818ca46f8c87d2d350a09f4ba6d06f6a23a4bc93c6c25a202be9145337d
162f7797e633c4010b194771cc141f742fcc20ed66bdcb005bc403ae9ae7d3c2
18ed0d31b4baafc3d8d485b16d9aa87b5730a28605a79e37cefbddd95b3717c5
2272b022ac7350fb6cc0d1798189bbc4489d35ba53a45bbf58704d8385782b14
26c5b6dd4d08d758760a71f0c48755ce07bfbcc1cc2f81860f06e75cf8ec3053
28f07389552cf9e3557433f06cf63d9cf59e406f6aace98f63ba8220bb6095a5
29b4cd4a64c16e08339709710cadc7dbf2194bea700a5f2d03131103fd183d9e
2f2792a94fdf35b39240ed6e151dd7e1ced76fdc0ae49f6957db59666fd79a66
302c04a48c1daec5c4dd4d7f951ddd4f8ff7305f5b42a225a981b9c1fdd3e6f1
31feeb36eb52314d776c6a942306853a89c8f63c72cf444943f0b321c821d9ac
33f74c367cf3936091dceda8a523588741994fafc563638aef1e9454a8e46b09
3ca423338f6f48b6ba156c5bb2e67491af3c1ef7dcb411bffb15aceb68fcbb34
3dae0dd128c4c048841f025915c2bce0db2e70af02b27de15dd922c265dd8fcf
43ae36c59b78570c1ceb5dba7bb5bcf11515d2efb04e180e49fbc35d8e57d487
4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90
4eae703a4e722944603fc74ed0b2296c67ee2513acede3773de533dac5070b04
4fc0254bc3186881403b7a3ff48febd6b2fa6c3720f32061d8d951eb121fc667
539753a0cf843549f255ac27dfe30934bacc49c66357a7ed3e9ab608506a6973
5fd07630728474c0c3f22cf234ea71b62b9e5de0d10e9548c26cd1374023da87
678ec17e48d5218c5685c3e1a3906a4800db068271c61be9995a91ea5547a1ac
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dbb449b7825e378ee9f04c4904c34ec6f86b7c7dce02949df56875d443c6ea6
6ecd478dce0640b8884ae5792d0566d2f228ed476669bae783f11b870f650bf6
7390af96e653334ca87233cf462ffd8f87e2ab363fc6adcbae486c5a754e5067
78ab73b316eba2c07ed8266317f03bdd09bc9a7a0634b90de5a48255ae6d171f
82ff2ba86687ece4abd2562c706e10e6b2a89ff5d04985b454b51c2b1e1a02bf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e4f5298395b026bc33149b7d92462966d22ad0802611bce3b5d0500edc51971
8f0a1c35c54a09fcfc73fea0760d1c24ef2b6a2b1c70cf555f4ec370a5d2f635
9063e96e216bb1d4e389f9934c916298b89daa85721bae8c903e78c30c99ab80
921b37d11decb2bc48b1f3b149efe7d53571a67f20b9c8ec6bb83cf1290baa85
97c2a80f538e0d72716e8c39089e3999de6fcf165f648a470afddba4c1eb50ea
a6232abd92709991adc4978536db710fbe2f5f2e463c7ebb98b4816a04052362
a64f83ac4f8b804c00f90b4ab173e3ba1a4878aedd009809309d1b0251b8df79
a9a6859dd7e5e406c4c6369ba164a67c6b9365458de10d3500aba276a88a17e6
ada39dc34daa36d6e85043780b44e2ad6e025ff1e6669ab3f13ecc63184e0c85
aef9c6d7727c819d30e2c628c426ecd4f6a17b43fc8a5360db9f2155e8fb9271
bca2204e2bd139d2e053309797a115aad6b60467959a188a4be9cc1165defd43
ca4ae5ac5b4ab3fb9f46f34aad7e0daf959f97c4438870e8416d7db49c194274
ccd6515d4df369f4cd8ae825b7c9693d28dc451807545207eccd200bcc45b913
ccf64dd2737d4366903e377563411fb5187fb9305fa1883ebb52ce5a078b9d5f
d47cf4124c77916d60214f2419ce39bf6f45369d7154886d57413886c67492bc
d91568113029bb4a2850266bcba1261f083c67180780ae8ab34f14245a769162
df41f333e8c50c5bd3cb81017aeca250773a4781fec5ce2bc39a1564eba47d5e
e4f4f115a973ea333e3fef6f9f036938e6cade74df293bd6ee3c8760b9ab4db9
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fae5ea981c4d262458e7fc4b32c9ab1f891f2b2e771af06b3ac2764279c6953a

www.avans.pl Open in urlscan Pro 157.25.21.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

94 %HTTPS

36 %IPv6

18 Domains

24 Subdomains

19 IPs

8 Countries

1049 kBTransfer

4433 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.avans.pl Open in urlscan Pro
157.25.21.152 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

94 %
HTTPS

36 %
IPv6

18
Domains

24
Subdomains

19
IPs

8
Countries

1049 kB
Transfer

4433 kB
Size

14
Cookies

64 HTTP transactions
0 data transactions