Submitted URL: http://ges.vg/zz50
Effective URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_conten...
Submission: On January 21 via manual from PL

Summary

This website contacted 26 IPs in 8 countries across 23 domains to perform 68 HTTP transactions. The main IP is 149.126.77.234, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is www.provident.pl.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 8th 2020. Valid for: 2 years.
This is the only time www.provident.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.9.148.101 49447 (NICEIT)
2 2 52.209.135.184 16509 (AMAZON-02)
1 2 35.187.117.15 15169 (GOOGLE)
23 149.126.77.234 19551 (INCAPSULA)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.23.102 15169 (GOOGLE)
1 65.9.73.108 16509 (AMAZON-02)
1 2 172.217.22.2 15169 (GOOGLE)
1 5 54.77.136.51 16509 (AMAZON-02)
3 145.239.22.125 16276 (OVH)
1 212.77.100.251 12827 (WIRTUALNA...)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 3 37.157.2.234 198622 (ADFORM)
1 37.157.2.249 198622 (ADFORM)
1 65.9.73.70 16509 (AMAZON-02)
1 2 212.77.100.82 12827 (WIRTUALNA...)
2 2a00:1450:400... 15169 (GOOGLE)
1 51.89.155.117 16276 (OVH)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a03:2880:f12... 32934 (FACEBOOK)
1 65.9.73.24 16509 (AMAZON-02)
2 2 185.33.221.15 29990 (ASN-APPNEX)
1 18.195.155.181 16509 (AMAZON-02)
1 2a03:2880:f02... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
2 162.247.243.147 13335 (CLOUDFLAR...)
68 26
Domain Requested by
23 www.provident.pl www.provident.pl
6 www.google-analytics.com www.provident.pl
www.google-analytics.com
www.googletagmanager.com
3 www.google.de www.provident.pl
3 www.google.com www.provident.pl
3 www.facebook.com 1 redirects www.provident.pl
3 track.adform.net 2 redirects www.provident.pl
3 connect.facebook.net www.provident.pl
connect.facebook.net
3 prf.audiencemanager.de 1 redirects www.provident.pl
2 bam-cell.nr-data.net js-agent.newrelic.com
2 api2.push-ad.com app.push-ad.com
2 ib.adnxs.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 www.audiencemanager.de prf.audiencemanager.de
www.provident.pl
2 stats.g.doubleclick.net www.google-analytics.com
2 dot.wp.pl 1 redirects www.provident.pl
2 4289377.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.googletagmanager.com www.provident.pl
www.googletagmanager.com
2 nsm.tr.netsalesmedia.pl 1 redirects
2 go.lead-click.com 2 redirects
1 js-agent.newrelic.com www.provident.pl
1 cx.atdmt.com www.provident.pl
1 e1.emxdgt.com www.provident.pl
1 vars.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 play.adtonos.com www.provident.pl
1 script.hotjar.com static.hotjar.com
1 s2.adform.net www.provident.pl
1 px.wp.pl www.provident.pl
1 app.push-ad.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 ges.vg 1 redirects
68 32
Subject Issuer Validity Valid
www.provident.pl
GlobalSign RSA OV SSL CA 2018
2020-04-08 -
2022-05-31
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
www.googleadservices.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.audiencemanager.de
Go Daddy Secure Certificate Authority - G2
2019-08-11 -
2021-10-10
2 years crt.sh
app.push-ad.com
R3
2021-01-13 -
2021-04-13
3 months crt.sh
*.wp.pl
RapidSSL RSA CA 2018
2020-02-13 -
2021-03-14
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-12-22 -
2021-03-21
3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
api.adtonos.com
R3
2020-12-22 -
2021-03-22
3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2020-05-18 -
2021-07-17
a year crt.sh
*.push-ad.com
nazwaSSL
2020-09-21 -
2021-09-17
a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2020-12-04 -
2021-03-03
3 months crt.sh
www.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
www.google.de
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-12-28 -
2021-05-07
4 months crt.sh
*.tr.netsalesmedia.pl
AlphaSSL CA - SHA256 - G2
2020-02-11 -
2021-05-06
a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh
*.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.google.de
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Frame ID: D591F84B1FE8FCFFC1659DCBD8D65CDA
Requests: 65 HTTP requests in this frame

Frame: https://4289377.fls.doubleclick.net/activityi;dc_pre=CPfr1cjVrO4CFQNDGAodEIcMqw;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt;u6=netsales_bolt;u7=afiliacja;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt
Frame ID: 3602B6D464421354C14139C05C5595A7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: DE705F3222B05115AA50FDA16E916F65
Requests: 1 HTTP requests in this frame

Frame: https://www.audiencemanager.de/log/profile/get-piggybacks?pid=5596911bb1a43da97f8b4567&requesterId=8427f76009436ceab8a075537247588327966&cookieId=5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1
Frame ID: F5D5FEC9836772597AD1FF0EBBE21ACF
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://ges.vg/zz50 HTTP 302
    https://go.lead-click.com/SHFaP HTTP 302
    https://go.lead-click.com/aff_r?offer_id=2459&aff_id=64535&url=https%3A%2F%2Fnsm.tr.netsalesmedia.pl%2... HTTP 302
    https://nsm.tr.netsalesmedia.pl/ts/i5533769/tsc?amc=networks.cubegroup.444615.459615.143241&tst=!!TIMESTAMP!... HTTP 302
    https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

68
Requests

100 %
HTTPS

31 %
IPv6

23
Domains

32
Subdomains

26
IPs

8
Countries

1217 kB
Transfer

3960 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ges.vg/zz50 HTTP 302
    https://go.lead-click.com/SHFaP HTTP 302
    https://go.lead-click.com/aff_r?offer_id=2459&aff_id=64535&url=https%3A%2F%2Fnsm.tr.netsalesmedia.pl%2Fts%2Fi5533769%2Ftsc%3Famc%3Dnetworks.cubegroup.444615.459615.143241%26tst%3D%21%21TIMESTAMP%21%26smc1%3D102ccbaa1ec05f8d0b117e85a737fb%26smc2%3D64535&urlauth=580954687714518492456200843807 HTTP 302
    https://nsm.tr.netsalesmedia.pl/ts/i5533769/tsc?amc=networks.cubegroup.444615.459615.143241&tst=!!TIMESTAMP!&smc1=102ccbaa1ec05f8d0b117e85a737fb&smc2=64535 HTTP 302
    https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://4289377.fls.doubleclick.net/activityi;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt;u6=netsales_bolt;u7=afiliacja;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt HTTP 302
  • https://4289377.fls.doubleclick.net/activityi;dc_pre=CPfr1cjVrO4CFQNDGAodEIcMqw;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt;u6=netsales_bolt;u7=afiliacja;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt
Request Chain 23
  • https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567 HTTP 307
  • https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567?cookieId=5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1
Request Chain 27
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 35
  • https://dot.wp.pl/s2917384196/px.gif?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3D%26shost%3Dundefined%26ssid%3D3fc2d1a72f364dd568335f13b764c0b0&pg=https%3A//www.provident.pl/pozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt HTTP 301
  • https://dot.wp.pl/r1611219821/pxn?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3D%26shost%3Dundefined%26ssid%3D3fc2d1a72f364dd568335f13b764c0b0&pg=https%3A//www.provident.pl/pozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt
Request Chain 47
  • https://cm.g.doubleclick.net/pixel?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&google_nid=nano_dmp&google_cm&google_sc&cb=1611219820 HTTP 302
  • https://cm.g.doubleclick.net/pixel?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&google_nid=nano_dmp&google_cm=&google_sc=&cb=1611219820&google_tc= HTTP 302
  • https://prf.audiencemanager.de/log/profile/map?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&cb=1611219820&google_gid=CAESEKEI4fAxdLhbWpXq5JFeIaM&google_cver=1
Request Chain 48
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fwww.audiencemanager.de%2Fcm%3Fprovider%3DAppNexus%26sourceId%3D55969105b1a43d9f7f8b4567%26sourceType%3Da%26adnxs_uid%3D%24UID%26cb%3D1611219820 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fwww.audiencemanager.de%252Fcm%253Fprovider%253DAppNexus%2526sourceId%253D55969105b1a43d9f7f8b4567%2526sourceType%253Da%2526adnxs_uid%253D%2524UID%2526cb%253D1611219820 HTTP 302
  • https://www.audiencemanager.de/cm?provider=AppNexus&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&adnxs_uid=4070948427816039450&cb=1611219820
Request Chain 52
  • https://www.facebook.com/tr/?id=569634303396026&ev=PageView&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&rl=&if=false&ts=1611219821077&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611219821015.1530360728&it=1611219820965&coo=false&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=10803326975167969267&f=AYzoy1H_PUrwpzlOXmbHvN4IPo5E3nkyQnRklcVY3ddO35BOV1wh_NF2bxDEVXYEbZuROAucBN705tA9_PBKDezV&id=569634303396026&l=3&v=0
Request Chain 55
  • https://track.adform.net/Serving/TrackPoint/?pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=213795961877&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=213795961877&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set pozyczka-samoobslugowa2
www.provident.pl/
Redirect Chain
  • http://ges.vg/zz50
  • https://go.lead-click.com/SHFaP
  • https://go.lead-click.com/aff_r?offer_id=2459&aff_id=64535&url=https%3A%2F%2Fnsm.tr.netsalesmedia.pl%2Fts%2Fi5533769%2Ftsc%3Famc%3Dnetworks.cubegroup.444615.459615.143241%26tst%3D%21%21TIMESTAMP%21...
  • https://nsm.tr.netsalesmedia.pl/ts/i5533769/tsc?amc=networks.cubegroup.444615.459615.143241&tst=!!TIMESTAMP!&smc1=102ccbaa1ec05f8d0b117e85a737fb&smc2=64535
  • https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
49 KB
14 KB
Document
General
Full URL
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
e3b7847c5ac562933fe0b1bd85ee9a3de42898dbab94eaef00695d90629f40d6

Request headers

Host
www.provident.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=hp5ofxuwzg0pbibjwdenge4z; path=/; Secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=2a426e9eaca44e3788426a132b2c373b|False; expires=Sun, 19-Jan-2031 09:03:39 GMT; path=/; Secure; HttpOnly T4G-80-STICKY-COOKIE=ffffffff0925151d45525d5f4f58455e445a4a423660;expires=Thu, 21-Jan-2021 11:03:39 GMT;path=/;secure;httponly visid_incap_192409=H2IGfIw8RDyQTO5TOJ9snGtDCWAAAAAAQUIPAAAAAADR4S6HbDMgAB9L35KipkqI; expires=Thu, 20 Jan 2022 21:59:49 GMT; HttpOnly; path=/; Domain=.provident.pl; Secure; SameSite=None incap_ses_1309_192409=BzhZenDWdFggcUUqqoAqEmxDCWAAAAAA8n/G+0Q6IINNC6hxiRy3RQ==; path=/; Domain=.provident.pl; Secure; SameSite=None ___utmvmfYButpkI=wRrHzXfLUXm; path=/; Max-Age=900; Secure; SameSite=None ___utmvafYButpkI=JxPVEZY; path=/; Max-Age=900; Secure; SameSite=None ___utmvbfYButpkI=JZV XFPOPalU: ftn; path=/; Max-Age=900; Secure; SameSite=None
Date
Thu, 21 Jan 2021 09:03:39 GMT
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
12-45926121-45926140 NNNY CT(0 0 0) RT(1611219819918 49) q(0 0 0 1) r(1 1) U12

Redirect headers

server
nginx/1.13.9
date
Thu, 21 Jan 2021 09:03:39 GMT
content-length
0
location
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
set-cookie
tsc=kBs!HSkALxdLvwA!AQ|CD6Q!A!MA!~Dv5Uv14*5MQt; Domain=.tr.netsalesmedia.pl; Expires=Fri, 21-Jan-2022 09:03:39 GMT; Path=/; Secure; SameSite=None
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 21 Jan 2021 09:03:39 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
x-xss-protection
0
TT_Rounds-Bold-webfont.woff2
www.provident.pl/fonts/
36 KB
37 KB
Font
General
Full URL
https://www.provident.pl/fonts/TT_Rounds-Bold-webfont.woff2
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
f6390ca5f8fd14c80718471a30e20d07569271320766fef35bb37bdc2b173e57

Request headers

Origin
https://www.provident.pl
Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Fri, 16 Oct 2020 10:21:48 GMT
Server
Microsoft-IIS/8.5
ETag
"0c6b327a6a3d61:0"
Content-Type
application/x-font-woff2
X-Iinfo
9-8337063-8337065 NNNY CT(0 0 0) RT(1611219819956 18) q(0 0 0 0) r(0 0) U12
Accept-Ranges
bytes
Content-Length
37240
X-CDN
Incapsula
TT_Rounds-Regular-webfont.woff2
www.provident.pl/fonts/
36 KB
37 KB
Font
General
Full URL
https://www.provident.pl/fonts/TT_Rounds-Regular-webfont.woff2
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
3c6e639d4e6b8be24b4cd0480cedcdda45689ecf3dd11fede874250dd01545dc

Request headers

Origin
https://www.provident.pl
Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Fri, 16 Oct 2020 10:21:50 GMT
Server
Microsoft-IIS/8.5
ETag
"0f3e428a6a3d61:0"
Content-Type
application/x-font-woff2
X-Iinfo
9-8337064-8337066 NNNN CT(11 11 0) RT(1611219819956 18) q(0 0 0 2) r(1 1) U12
Accept-Ranges
bytes
Content-Length
36980
X-CDN
Incapsula
core2.css
www.provident.pl/styles/
548 KB
105 KB
Stylesheet
General
Full URL
https://www.provident.pl/styles/core2.css?v=2.0.6.121f
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
4add7468b749e18063b9cd9c8afbb99a7c536bfe6d569e2a338447a2a4215589

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jan 2021 07:40:50 GMT
X-CDN
Incapsula
Etag
"02d546836eed61:0"
Content-Type
text/css
X-Iinfo
12-45926121-0 0CNN RT(1611219819918 217) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3848, public
Content-Length
106849
Expires
Thu, 21 Jan 2021 10:07:48 GMT
VisitorIdentification.js
www.provident.pl/layouts/system/
2 KB
2 KB
Script
General
Full URL
https://www.provident.pl/layouts/system/VisitorIdentification.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
09f73aba8c95fe564c3b79fe9cbdd0d60a43f39d60bca2abdb590fa60fd520ff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jun 2018 05:06:48 GMT
X-CDN
Incapsula
Etag
"0e41ad7c1fbd31:0"
Content-Type
application/javascript
X-Iinfo
14-72027525-0 0CNN RT(1611219820146 21) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=50591, public
Content-Length
643
Expires
Thu, 21 Jan 2021 23:06:51 GMT
font-awesome.css
www.provident.pl/styles/
28 KB
7 KB
Stylesheet
General
Full URL
https://www.provident.pl/styles/font-awesome.css?v=2.0.6.121f
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
c758a475a40292c7424f3efbc33331e49e82980d036bc0c14b00ae35352921ae

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 16:11:42 GMT
X-CDN
Incapsula
Etag
"033e82b33bcd61:0"
Content-Type
text/css
X-Iinfo
10-11170786-0 0CNN RT(1611219819955 18) q(0 -1 -1 0) r(0 -1)
Cache-Control
max-age=79585, public
Content-Length
6775
Expires
Fri, 22 Jan 2021 07:10:04 GMT
provident_colour_logo_rgb_resized.ashx
www.provident.pl/-/media/poland/rebranding_img/
3 KB
4 KB
Image
General
Full URL
https://www.provident.pl/-/media/poland/rebranding_img/provident_colour_logo_rgb_resized.ashx?h=61&la=pl-PL&w=107&hash=F9CE40F94521EF83D4CC5AFF4AF00681
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
4a950a0aa0de7ec446c7449ed981f9f01c478a3a2f437ab6219076ce54d45a25

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Wed, 21 Oct 2020 12:00:21 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
X-Iinfo
9-8337063-8337065 SNNy RT(1611219819956 84) q(0 0 0 -1) r(0 0) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="Provident_Colour_Logo_RGB_resized.png"
Accept-Ranges
bytes
Content-Length
2902
X-CDN
Incapsula
Expires
Thu, 28 Jan 2021 09:03:39 GMT
F61417789ED740FBB045CB1EE2FEECB6.ashx
www.provident.pl/~/media/
1 KB
2 KB
Image
General
Full URL
https://www.provident.pl/~/media/F61417789ED740FBB045CB1EE2FEECB6.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
c771b13382737d9e935a965a486574efb1d8f1ea729e7ba72c77fd9bbe563f23

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Mon, 18 Jan 2016 15:25:49 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
X-Iinfo
14-72027525-72027550 NNNY CT(0 0 0) RT(1611219820146 74) q(0 0 0 -1) r(0 0) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="headerphone.png"
Accept-Ranges
bytes
Content-Length
1299
X-CDN
Incapsula
Expires
Thu, 28 Jan 2021 09:03:39 GMT
core.js
www.provident.pl/scripts/
1 MB
311 KB
Script
General
Full URL
https://www.provident.pl/scripts/core.js?v=2.0.6.121f
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
f839206ecf428ab0a0f5c87d13744ce0acd9702e408d3b35b13ea59af6ea92b6

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jan 2021 07:41:56 GMT
X-CDN
Incapsula
Etag
"0faaa8f36eed61:0"
Content-Type
application/javascript
X-Iinfo
12-45926121-0 0CNN RT(1611219819918 303) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3850, public
Content-Length
317392
Expires
Thu, 21 Jan 2021 10:07:50 GMT
detectUserEndSession.js
www.provident.pl/scripts/
2 KB
2 KB
Script
General
Full URL
https://www.provident.pl/scripts/detectUserEndSession.js?v=2.0.6.121f
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
57f02d5ef19dfa2e6139af1c6536f7cbca36d29508d87b50f38c43fd10b0657d

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Oct 2020 10:24:30 GMT
X-CDN
Incapsula
Etag
"034388a6a3d61:0"
Content-Type
application/javascript
X-Iinfo
10-11170786-11160345 2CNN RT(1611219819955 80) q(0 0 0 -1) r(0 0) U18
Cache-Control
max-age=79956, public
Content-Length
1000
Expires
Fri, 22 Jan 2021 07:16:16 GMT
_Incapsula_Resource
www.provident.pl/
145 KB
21 KB
Script
General
Full URL
https://www.provident.pl/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1018669320
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
8ca8143eccf52c47b1c1865930e5921d3283dd8ca0f377e4d45148c561a48130

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
20995
Content-Type
application/javascript
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6248
date
Thu, 21 Jan 2021 07:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 21 Jan 2021 09:19:32 GMT
gtm.js
www.googletagmanager.com/
378 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T6DFR9
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6607db02d62f168bb1d2b912aadd968d0395e279dbc33958ad61224e50566aa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87218
x-xss-protection
0
expires
Thu, 21 Jan 2021 09:03:40 GMT
icnapplybig.ashx
www.provident.pl/-/media/bolt/footer/
2 KB
4 KB
Image
General
Full URL
https://www.provident.pl/-/media/bolt/footer/icnapplybig.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
bd95ed09942c9608255d8a2691decf065c7d6773e2bafbd4e619c7f00f9eb4d9

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Sun, 07 Feb 2016 17:08:36 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
X-Iinfo
9-8337064-8337066 SNNN RT(1611219819956 95) q(0 0 0 -1) r(1 1) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icnapplybig.png"
Accept-Ranges
bytes
Content-Length
2542
X-CDN
Incapsula
Expires
Thu, 28 Jan 2021 09:03:39 GMT
icnreviewbig.ashx
www.provident.pl/-/media/bolt/footer/
1 KB
2 KB
Image
General
Full URL
https://www.provident.pl/-/media/bolt/footer/icnreviewbig.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
e9af387c1a0168cad8bc77aef0dc0e3ccd7cb38f453476495fc06c9f3a861857

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Sun, 07 Feb 2016 17:08:41 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
X-Iinfo
10-11170786-11170798 NNNY CT(0 0 0) RT(1611219819955 99) q(0 0 0 -1) r(1 1) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icnreviewbig.png"
Accept-Ranges
bytes
Content-Length
1135
X-CDN
Incapsula
Expires
Thu, 28 Jan 2021 09:03:39 GMT
icninstantbig.ashx
www.provident.pl/-/media/bolt/footer/
4 KB
4 KB
Image
General
Full URL
https://www.provident.pl/-/media/bolt/footer/icninstantbig.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
deb46083af7c03f29bd8a8cdf5e14d0cc473f4d6acf167101f2e74beefd76e05

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Sun, 07 Feb 2016 17:08:38 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
X-Iinfo
13-61399185-61382865 PNNy RT(1611219820146 116) q(0 0 0 -1) r(1 1) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icninstantbig.png"
Accept-Ranges
bytes
Content-Length
3690
X-CDN
Incapsula
Expires
Thu, 28 Jan 2021 09:03:39 GMT
icntickbig.ashx
www.provident.pl/-/media/bolt/footer/
3 KB
3 KB
Image
General
Full URL
https://www.provident.pl/-/media/bolt/footer/icntickbig.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
ef9d0998a8fe59519e96961d8c38e164e4d1cb62b827b558176747e5dbf98d63

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Sun, 07 Feb 2016 17:08:39 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
X-Iinfo
9-8337063-8337065 SNNy RT(1611219819956 146) q(0 0 0 -1) r(0 0) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icntickbig.png"
Accept-Ranges
bytes
Content-Length
2633
X-CDN
Incapsula
Expires
Thu, 28 Jan 2021 09:03:39 GMT
pl_sprite.ashx
www.provident.pl/~/media/poland/rebranding_img/
7 KB
8 KB
Image
General
Full URL
https://www.provident.pl/~/media/poland/rebranding_img/pl_sprite.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/styles/core2.css?v=2.0.6.121f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
75c79f0e05093f0e04003f5387a81e7396b283c2642cfa7e899a85b74b628832

Request headers

Referer
https://www.provident.pl/styles/core2.css?v=2.0.6.121f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Last-Modified
Tue, 06 Mar 2018 16:35:55 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
X-Iinfo
9-8337064-8337066 SNNN RT(1611219819956 164) q(0 0 0 -1) r(0 0) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="pl_sprite.png"
Accept-Ranges
bytes
Content-Length
7162
X-CDN
Incapsula
Expires
Thu, 28 Jan 2021 09:03:39 GMT
_Incapsula_Resource
www.provident.pl/
1 B
123 B
Image
General
Full URL
https://www.provident.pl/_Incapsula_Resource?SWKMTFSR=1&e=0.7115853472326157
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
js
www.googletagmanager.com/gtag/
136 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X7N6234SNG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DFR9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c50287f060ebb72a8ba13a2648316043c8b644199453e4488ee999d52c22f7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53304
x-xss-protection
0
expires
Thu, 21 Jan 2021 09:03:40 GMT
js
www.google-analytics.com/gtm/
84 KB
33 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-N65WF56&t=gtm2&cid=492681915.1611219821
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2bed58fe9d3ce0f93ceb8ddc89edd0f136861fec832246354def636d9a3435e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33856
x-xss-protection
0
expires
Thu, 21 Jan 2021 09:03:40 GMT
activityi;dc_pre=CPfr1cjVrO4CFQNDGAodEIcMqw;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3F...
4289377.fls.doubleclick.net/ Frame 3602
Redirect Chain
  • https://4289377.fls.doubleclick.net/activityi;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%...
  • https://4289377.fls.doubleclick.net/activityi;dc_pre=CPfr1cjVrO4CFQNDGAodEIcMqw;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provi...
0
0
Document
General
Full URL
https://4289377.fls.doubleclick.net/activityi;dc_pre=CPfr1cjVrO4CFQNDGAodEIcMqw;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt;u6=netsales_bolt;u7=afiliacja;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DFR9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4289377.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPfr1cjVrO4CFQNDGAodEIcMqw;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt;u6=netsales_bolt;u7=afiliacja;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jan 2021 09:03:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
514
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Jan-2021 09:18:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jan 2021 09:03:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4289377.fls.doubleclick.net/activityi;dc_pre=CPfr1cjVrO4CFQNDGAodEIcMqw;src=4289377;type=remar0;cat=remar0;ord=4977392268893;gtm=2wg1d0;auiddc=85933416.1611219821;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt;u6=netsales_bolt;u7=afiliacja;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hotjar-759836.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-759836.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DFR9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
67774a340ba486748ac65d18d8c9a3a3f9f696130be17fe92346ccb69473366e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
41
etag
W/d45fac2b7d742d5115257fb772016286
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
AMS1-C1
content-length
1615
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-amz-cf-id
jFj7D0DVe7Dtao4P_pVjMc1SRxP4jrAPqUUg71V1Y6RxujpuE00CqA==
conversion.js
www.googleadservices.com/pagead/
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DFR9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
01b075c82f193259c4371aaf4127317a876f2e482347933f2877368d4f00a3de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11854
x-xss-protection
0
server
cafe
etag
9261774897580852838
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 21 Jan 2021 09:03:40 GMT
5596911bb1a43da97f8b4567
prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/
Redirect Chain
  • https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567
  • https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567?cookieId=5019a2c066add159e3bcd9...
2 KB
2 KB
Script
General
Full URL
https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567?cookieId=5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.136.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-136-51.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
259d2765258e4d88ed7c51550a16b497722922b99d8e901d58ce202b967db288

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:40 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
8427f76009436ceab8a075537247588327966
status
200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-188
responsetime
9
content-type
js
content-length
1742

Redirect headers

date
Thu, 21 Jan 2021 09:03:40 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
status
307 Temporary Redirect
x-powered-by
PHP/7.2.9
location
/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567?cookieId=5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-length
0
/
app.push-ad.com/
89 KB
19 KB
Script
General
Full URL
https://app.push-ad.com/?run=api/integration/304d404683c47c93b33cda450e0cfe4f3ee733ce82d9ae05f48fbcb5e3f5bdc4.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DFR9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
145.239.22.125 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip125.ip-145-239-22.eu
Software
nginx /
Resource Hash
3fd2ecda01437514d12365347700e05532c8dbf75b4a86e7658f17d59a17069c

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
/
px.wp.pl//exdotdynamic/
6 KB
2 KB
Script
General
Full URL
https://px.wp.pl//exdotdynamic/?gwpAction=viewProduct&gwpReferer=https%253A//www.provident.pl/pozyczka-samoobslugowa2%253Futm_source%253Dnetsales_bolt%2526utm_term%253D444615%2526utm_medium%253Dafiliacja%2526utm_content%253Dwynajmowana_bolt%2526utm_campaign%253Dbolt&tt=1880852993&gwpClientId=provident
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
212.77.100.251 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
px.wp.pl
Software
nginx /
Resource Hash
40c910d8fa7cced2e9d78747bd2dc5370165d233705c29ee688daa65055d25dd

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Language
en-US
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=ISO-8859-1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
gZWFCtmsqvWxUxf+gZ6oN90/IVCqEdBchRlcbt7uhTwQ3Y3A/lu+UaaFl+ml8E8lyO86MiDkq65b4Jc5SovVmA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 21 Jan 2021 09:03:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
79 KB
28 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jan 2021 11:55:29 GMT
server
nginx
etag
W/"60057731-13dce"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Thu, 21 Jan 2021 09:03:40 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
ExecuteAction.ashx
www.provident.pl/Custom/handlers/
87 KB
17 KB
XHR
General
Full URL
https://www.provident.pl/Custom/handlers/ExecuteAction.ashx?action=GetProductData&nocache=1611219820688
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/scripts/core.js?v=2.0.6.121f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
3b826e578ecffe74b6b959bd3865156689c12657b02e00409e728386fa6fd8e5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:39 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
X-Iinfo
12-45926121-45926140 SNYy RT(1611219819918 706) q(0 0 0 -1) r(0 0) U2
Cache-Control
private
X-CDN
Incapsula
ExecuteAction.ashx
www.provident.pl/Custom/handlers/
1 KB
910 B
XHR
General
Full URL
https://www.provident.pl/Custom/handlers/ExecuteAction.ashx?action=GetDigitalCalcStatus&nocache=1611219820810
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/scripts/core.js?v=2.0.6.121f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
242d507bbea8b1bfead6984970913e1e262e52f4e97b342d085f500b4b9edbca

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
X-Iinfo
12-45926121-45926140 SNYy RT(1611219819918 828) q(0 0 0 -1) r(0 0) U2
Cache-Control
private
X-CDN
Incapsula
tansparent-handle.png
www.provident.pl/images/
116 B
459 B
Image
General
Full URL
https://www.provident.pl/images/tansparent-handle.png
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/styles/core2.css?v=2.0.6.121f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
8368af1fd962c757baa898335a7fc959902692e3a47e788825599e9299c1e854

Request headers

Referer
https://www.provident.pl/styles/core2.css?v=2.0.6.121f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Last-Modified
Fri, 16 Oct 2020 10:21:52 GMT
X-CDN
Incapsula
Etag
"020162aa6a3d61:0"
Content-Type
image/png
X-Iinfo
12-45926121-0 0CNN RT(1611219819918 894) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=46119, public
Content-Length
116
Expires
Thu, 21 Jan 2021 21:52:19 GMT
pozyczka-samoobslugowa2
www.provident.pl/
49 KB
49 KB
Image
General
Full URL
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jan 2021 09:03:40 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
X-Iinfo
9-8337064-8337066 SNNN RT(1611219819956 685) q(0 0 0 -1) r(1 1) U12
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
X-CDN
Incapsula
Expires
-1
preloader2.gif
www.provident.pl/images/
88 KB
88 KB
Image
General
Full URL
https://www.provident.pl/images/preloader2.gif
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
b4b91d1b8888b77fdbf5d54b3ed71f03b1473cd97bb13fadb4fe5efe0e7eaf20

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Last-Modified
Fri, 16 Oct 2020 10:21:52 GMT
X-CDN
Incapsula
Etag
"020162aa6a3d61:0"
Content-Type
image/gif
X-Iinfo
9-8337063-0 0CNN RT(1611219819956 690) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=18323, public
Content-Length
89658
Expires
Thu, 21 Jan 2021 14:09:03 GMT
header_1920x200-1_blue.ashx
www.provident.pl/-/media/poland/carousel/
48 KB
48 KB
Image
General
Full URL
https://www.provident.pl/-/media/poland/carousel/header_1920x200-1_blue.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/8.5 /
Resource Hash
acc698bf71d3ff1e5ba81fa1c7e0dba068254be210a092084ea2416ba0577e85

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:40 GMT
Last-Modified
Mon, 04 Jan 2021 13:07:09 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
X-Iinfo
13-61399185-61382865 SNNy RT(1611219820146 687) q(0 0 0 -1) r(1 1) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="Header_1920x200-1_blue.png"
Accept-Ranges
bytes
Content-Length
48740
X-CDN
Incapsula
Expires
Thu, 28 Jan 2021 09:03:40 GMT
modules.8f0a83f5adcff99b4358.js
script.hotjar.com/
222 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.8f0a83f5adcff99b4358.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-759836.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6cc3dc60de82bd1ea8c81905d4a638b491b132505a10415a6ed2a393b058fcbf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 17:22:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
56464
x-cache
Hit from cloudfront
content-length
59719
access-control-allow-origin
*
last-modified
Wed, 20 Jan 2021 17:19:35 GMT
etag
"41f49d450562430d384912b348882cef"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
6OZbUo8vnRc1hf3ZfsDOR1kHu99rVBU6pxttMy-3HGFeEdasuIS--g==
pxn
dot.wp.pl/r1611219821/
Redirect Chain
  • https://dot.wp.pl/s2917384196/px.gif?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3D%26shost%3Dundefined%26ssid%3D3fc2d1a72f364dd568335f13b764c0b0&pg=https%...
  • https://dot.wp.pl/r1611219821/pxn?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3D%26shost%3Dundefined%26ssid%3D3fc2d1a72f364dd568335f13b764c0b0&pg=https%3A/...
0
112 B
Image
General
Full URL
https://dot.wp.pl/r1611219821/pxn?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3D%26shost%3Dundefined%26ssid%3D3fc2d1a72f364dd568335f13b764c0b0&pg=https%3A//www.provident.pl/pozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.100.82 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
dot.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
server
nginx
x-server-details
BuVsBW1iBW1sBWViBufiDTfER92sBFl2RTBJBsV3BFhiB9KFInO6GT13Dk2zBENzRFXiBuS8SgemGgOvBThCS4Y1d7IudTNC0zead7IupzVC04i=
access-control-allow-methods
GET
p3p
CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
Device-Memory, DPR, Width, Viewport-Width, RTT, Downlink, ECT
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
accept-ch
Device-Memory, DPR, Width, Viewport-Width, RTT, Downlink, ECT
access-control-allow-origin
x-server-details
BuVsBW1iBW1sBWViBufsRFfcDs2URTX2BEh2Du06oEVJBFV6O1nXN41YoE6CBE6cDF01BTZsA4SsGaU1dTNcd7Imp9UlZs1sdgDspkUlZzpidgKr
access-control-allow-methods
GET
p3p
CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
location
/r1611219821/pxn?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3D%26shost%3Dundefined%26ssid%3D3fc2d1a72f364dd568335f13b764c0b0&pg=https%3A//www.provident.pl/pozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ch-lifetime
604800
content-type
text/html; charset=utf-8
content-length
397
server
nginx
expires
Thu, 01 Jan 1970 00:00:00 GMT
2061796600732238
connect.facebook.net/signals/config/
27 KB
8 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2061796600732238?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4409476bed4c1c0c979fd002531e99aca7db1dca4b9a3a654dccfa5fb6ebbc30
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
7772
x-fb-rlafr
0
pragma
public
x-fb-debug
C3Xb2IMJD1qTY45u3xXM6tHnSWXgFmWeHwUUUfoaYaUasBBukcCmnJHi2rnMTQEdS8p2FTIlQnNzCyRwsOBZ1g==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 21 Jan 2021 09:03:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1430331379
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/
0
118 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X7N6234SNG&gtm=2oe1d0&_p=1977752566&sr=1600x1200&ul=en-us&cid=492681915.1611219821&_s=1&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&dr=&dt=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&sid=1611219820&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X7N6234SNG&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.provident.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
447 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-17427387-1&cid=492681915.1611219821&jid=566668398&gjid=254323294&_gid=322935975.1611219821&_u=aGDAgEADQAAAAE~&z=510358881
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 21 Jan 2021 09:03:41 GMT
content-type
text/plain
access-control-allow-origin
https://www.provident.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
26 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1977752566&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&ul=en-us&de=UTF-8&dt=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAG~&jid=1571290877&gjid=99959499&cid=492681915.1611219821&tid=UA-41461947-1&_gid=322935975.1611219821&_r=1&gtm=2wg1d0T6DFR9&cd1=Poland&z=1610093582
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.provident.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
166 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1977752566&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&ul=en-us&de=UTF-8&dt=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=566668398&gjid=254323294&cid=492681915.1611219821&tid=UA-17427387-1&_gid=322935975.1611219821&gtm=2wg1d0T6DFR9&cd4=GA1.1.492681915.1611219821&z=1709227837
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 21:46:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40626
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
play.adtonos.com/atr/wPtD8Y5eqS8pHGRyW/
42 B
827 B
Image
General
Full URL
https://play.adtonos.com/atr/wPtD8Y5eqS8pHGRyW/px.gif?extid=492681915.1611219821|/pozyczka-samoobslugowa2
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.89.155.117 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3157979.ip-51-89-155.eu
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:41 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
X-Powered-By
Express
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
42
X-XSS-Protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1056593329/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1056593329/?random=1611219821000&cv=9&fst=1611219821000&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&tiba=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3036652aa19e411f89969db7fb78921f137514d84d8590a11fa2d2dc7f6068f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1093
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
569634303396026
connect.facebook.net/signals/config/
240 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/569634303396026?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf22f003e0b12202626bb653d15b11907b67011d218b7e3d097b6399ab206de3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70524
x-fb-rlafr
0
pragma
public
x-fb-debug
v4u/oTCqqRbo4Bj7Ds/kUmzG9gUKgnVEhmEIC0pNv07FOwiqbnKMmO7LF6rlCcf6Npc8Tp09Sk1CqDWru6WqOw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 21 Jan 2021 09:03:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1082278486
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
410 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2061796600732238&ev=PageView&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&rl=&if=false&ts=1611219821017&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=28&fbp=fb.1.1611219821015.1530360728&it=1611219820965&coo=false&rqm=GET
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 21 Jan 2021 09:03:41 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame DE70
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-759836.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt

Response headers

content-type
text/html
content-length
851
date
Fri, 08 Jan 2021 17:55:07 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Fri, 08 Jan 2021 15:18:59 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
dtNZRL8c80ZUy-c0s28oNJTl8FMpKGGaAEePNwzq9IAZcPh5mclR6w==
age
1091314
get-piggybacks
www.audiencemanager.de/log/profile/ Frame F5D5
0
0
Document
General
Full URL
https://www.audiencemanager.de/log/profile/get-piggybacks?pid=5596911bb1a43da97f8b4567&requesterId=8427f76009436ceab8a075537247588327966&cookieId=5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1
Requested by
Host: prf.audiencemanager.de
URL: https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.136.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-136-51.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash

Request headers

:method
GET
:authority
www.audiencemanager.de
:scheme
https
:path
/log/profile/get-piggybacks?pid=5596911bb1a43da97f8b4567&requesterId=8427f76009436ceab8a075537247588327966&cookieId=5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
Nano=5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1; NmpDBM=DBM; NmpAppNexus=AppNexus; NmpEMX=EMX
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt

Response headers

date
Thu, 21 Jan 2021 09:03:41 GMT
content-type
text/html;charset=UTF-8
content-length
824
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by
PHP/7.2.9
status
200 OK
requestid
cd36e46009436d0f55b7222569186860805068
hostname
10-0-13-98
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
responsetime
12
vary
Accept-Encoding
content-encoding
gzip
map
prf.audiencemanager.de/log/profile/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&google_nid=nano_dmp&google_cm&google_sc&cb=1611219820
  • https://cm.g.doubleclick.net/pixel?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&google_nid=nano_dmp&google_cm=&google_sc=&cb=1611219820&google_tc=
  • https://prf.audiencemanager.de/log/profile/map?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&cb=1611219820&google_gid=CAESEKEI4fAxdLhbWpXq5JFeIaM&google_cver=1
43 B
294 B
Image
General
Full URL
https://prf.audiencemanager.de/log/profile/map?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&cb=1611219820&google_gid=CAESEKEI4fAxdLhbWpXq5JFeIaM&google_cver=1
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.136.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-136-51.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:41 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
cd36e46009436d2cbd69214239031364415379
status
200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-98
responsetime
7
content-type
image/gif
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://prf.audiencemanager.de/log/profile/map?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&cb=1611219820&google_gid=CAESEKEI4fAxdLhbWpXq5JFeIaM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
373
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
www.audiencemanager.de/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fwww.audiencemanager.de%2Fcm%3Fprovider%3DAppNexus%26sourceId%3D55969105b1a43d9f7f8b4567%26sourceType%3Da%26adnxs_uid%3D%24UID%26cb%3D1611219820
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fwww.audiencemanager.de%252Fcm%253Fprovider%253DAppNexus%2526sourceId%253D55969105b1a43d9f7f8b4567%2526sourceType%253Da%2526adnxs_uid%253D...
  • https://www.audiencemanager.de/cm?provider=AppNexus&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&adnxs_uid=4070948427816039450&cb=1611219820
43 B
294 B
Image
General
Full URL
https://www.audiencemanager.de/cm?provider=AppNexus&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&adnxs_uid=4070948427816039450&cb=1611219820
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.136.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-136-51.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:41 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
bec3c46009436d2e8ee9380816410613814969
status
200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-66
responsetime
7
content-type
image/gif
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jan 2021 09:03:41 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid
6c664e08-0d18-4f94-81b2-9753dbd76341
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://www.audiencemanager.de/cm?provider=AppNexus&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&adnxs_uid=4070948427816039450&cb=1611219820
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
put
e1.emxdgt.com/
43 B
124 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d43&uid=5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1&cb=1611219820
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:41 GMT
content-length
43
x-nosync
emp
content-type
image/gif
/
api2.push-ad.com/
13 KB
13 KB
Stylesheet
General
Full URL
https://api2.push-ad.com/?run=api/css/1/main.css&3=1&id=809
Requested by
Host: app.push-ad.com
URL: https://app.push-ad.com/?run=api/integration/304d404683c47c93b33cda450e0cfe4f3ee733ce82d9ae05f48fbcb5e3f5bdc4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
145.239.22.125 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip125.ip-145-239-22.eu
Software
nginx /
Resource Hash
76da9d20b7e6e9e7d0b2a2e65c99eadb371584a4a1045c953035d1937be00b39

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Thu, 21 Jan 2021 09:03:41 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/css; charset: UTF-8;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 22 Jan 2021 09:03:41 GMT
info.php
api2.push-ad.com/server/
822 B
793 B
XHR
General
Full URL
https://api2.push-ad.com/server/info.php
Requested by
Host: app.push-ad.com
URL: https://app.push-ad.com/?run=api/integration/304d404683c47c93b33cda450e0cfe4f3ee733ce82d9ae05f48fbcb5e3f5bdc4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
145.239.22.125 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip125.ip-145-239-22.eu
Software
nginx /
Resource Hash
2e42f23c7aecdda9d1f1c567b3b0d83e4d45efd7df9214ea8226a67c08c71ae1

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
cache
Date
Thu, 21 Jan 2021 09:03:41 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 21 Jan 2021 10:03:41 GMT
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=569634303396026&ev=PageView&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26u...
  • https://cx.atdmt.com/?c=10803326975167969267&f=AYzoy1H_PUrwpzlOXmbHvN4IPo5E3nkyQnRklcVY3ddO35BOV1wh_NF2bxDEVXYEbZuROAucBN705tA9_PBKDezV&id=569634303396026&l=3&v=0
43 B
647 B
Image
General
Full URL
https://cx.atdmt.com/?c=10803326975167969267&f=AYzoy1H_PUrwpzlOXmbHvN4IPo5E3nkyQnRklcVY3ddO35BOV1wh_NF2bxDEVXYEbZuROAucBN705tA9_PBKDezV&id=569634303396026&l=3&v=0
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
x-fb-debug
CHV2agYnhyQwU2iChsPq14bTRq//tD1BfdGE7EsWXquF1rPVlwXAei47vOQPSIeTXFGA+rM9/SaorN33Wn0Qeg==
content-encoding
br
x-content-type-options
nosniff
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 21 Jan 2021 01:03:41 PST
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-fb-rlafr
0
expires
Thu, 21 Jan 2021 01:03:41 PST

Redirect headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
server
proxygen-bolt
content-type
text/plain
location
https://cx.atdmt.com/?c=10803326975167969267&f=AYzoy1H_PUrwpzlOXmbHvN4IPo5E3nkyQnRklcVY3ddO35BOV1wh_NF2bxDEVXYEbZuROAucBN705tA9_PBKDezV&id=569634303396026&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
expires
0
/
www.google.com/pagead/1p-user-list/1056593329/
42 B
552 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1056593329/?random=1611219821000&cv=9&fst=1611219600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&tiba=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&fmt=3&is_vtc=1&random=1849027741&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1056593329/
42 B
552 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1056593329/?random=1611219821000&cv=9&fst=1611219600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&tiba=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&fmt=3&is_vtc=1&random=1849027741&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=213795961877&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=213795961877&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpoz...
103 B
585 B
Script
General
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=213795961877&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d1c6d97c9f720e9016fdb062d833914872c1a25ae3d089cd8b982ed56f4154ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
179
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=213795961877&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-17427387-1&cid=492681915.1611219821&jid=566668398&_u=aGDAgEADQAAAAE~&z=1026122584
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-17427387-1&cid=492681915.1611219821&jid=566668398&_u=aGDAgEADQAAAAE~&z=1026122584
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=569634303396026&ev=Microdata&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&rl=&if=false&ts=1611219821580&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska%22%2C%22meta%3Adescription%22%3A%22Szybka%20po%C5%BCyczka%20online%20od%20300%20do%2015%20000%20z%C5%82.%20RRSO%2019%2C68%25.%20Z%C5%82%C3%B3%C5%BC%20wniosek%20teraz!%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Asite_name%22%3A%22%22%2C%22og%3Atype%22%3A%22%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1611219821015.1530360728&it=1611219820965&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 21 Jan 2021 09:03:41 GMT
nr-1194.min.js
js-agent.newrelic.com/
27 KB
11 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1194.min.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 09:03:42 GMT
content-encoding
gzip
x-amz-request-id
68D2702B1B1EE73B
x-cache
HIT
content-length
10625
x-amz-id-2
9oyQbEkprcwib4d82Y4NKXXqMpIfI9WwmhGg4zKHf7A66Ie1EiBa+52W3blMTdZkaSL1gYyz7m4=
x-served-by
cache-hhn4046-HHN
last-modified
Wed, 06 Jan 2021 22:25:50 GMT
server
AmazonS3
x-timer
S1611219822.146283,VS0,VE0
etag
"4f5c23cba20072ede6a543efb2f986c3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
7407
collect
www.google-analytics.com/j/
2 B
50 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1977752566&t=event&_s=1&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&ul=en-us&de=UTF-8&dt=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Wersja%20wniosku&ea=Po%C5%BCyczka%20samoobs%C5%82ugowa&el=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa2%3Futm_source%3Dnetsales_bolt%26utm_term%3D444615%26utm_medium%3Dafiliacja%26utm_content%3Dwynajmowana_bolt%26utm_campaign%3Dbolt&_u=aGDAAEADQAAAAG~&jid=1007707586&gjid=1886098963&cid=492681915.1611219821&tid=UA-17427387-1&_gid=322935975.1611219821&_r=1&gtm=2wg1d0T6DFR9&cd4=GA1.2.492681915.1611219821&z=2103386327
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.provident.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
tsc
nsm.tr.netsalesmedia.pl/ts/i5533769/
43 B
466 B
Image
General
Full URL
https://nsm.tr.netsalesmedia.pl/ts/i5533769/tsc?sid=https%253A%252F%252Fwww.provident.pl%252Fpozyczka-samoobslugowa2%253Futm_source%253Dnetsales_bolt%2526utm_term%253D444615%2526utm_medium%253Dafiliacja%2526utm_content%253Dwynajmowana_bolt%2526utm_campaign%253Dbolt&rrf=&rmd=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.187.117.15 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.117.187.35.bc.googleusercontent.com
Software
nginx/1.13.9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:42 GMT
last-modified
Thu, 21 Jan 2021 09:03:42 GMT
server
nginx/1.13.9
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
425 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-17427387-1&cid=492681915.1611219821&jid=1007707586&gjid=1886098963&_gid=322935975.1611219821&_u=aGDAAEADQAAAAG~&z=827774458
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 21 Jan 2021 09:03:42 GMT
content-type
text/plain
access-control-allow-origin
https://www.provident.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ae8d4fd7aa
bam-cell.nr-data.net/1/
57 B
646 B
Script
General
Full URL
https://bam-cell.nr-data.net/1/ae8d4fd7aa?a=682767777&v=1194.94d5a62&to=YlYHYkpWXRYDARZQDVscKGB7GGAMFgcBVhBQcApYTEVcCQ4HEBYrW1cATg%3D%3D&rst=3233&ck=1&ref=https://www.provident.pl/pozyczka-samoobslugowa2&ap=102&be=1261&fe=3157&dc=1500&perf=%7B%22timing%22:%7B%22of%22:1611219818935,%22n%22:0,%22f%22:1015,%22dn%22:1016,%22dne%22:1033,%22c%22:1033,%22s%22:1045,%22ce%22:1100,%22rq%22:1100,%22rp%22:1251,%22rpe%22:1269,%22dl%22:1255,%22di%22:1500,%22ds%22:1500,%22de%22:1500,%22dc%22:3156,%22l%22:3156,%22le%22:3160%7D,%22navigation%22:%7B%7D%7D&fp=1497&fcp=1497&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1194.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 09:03:42 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
614fdd10dcf30c8d-AMS
cf-request-id
07c5c87e8400000c8df009b000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
88 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-17427387-1&cid=492681915.1611219821&jid=1007707586&_u=aGDAAEADQAAAAG~&z=1853709662
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
88 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-17427387-1&cid=492681915.1611219821&jid=1007707586&_u=aGDAAEADQAAAAG~&z=1853709662
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 09:03:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ae8d4fd7aa
bam-cell.nr-data.net/events/1/
24 B
492 B
XHR
General
Full URL
https://bam-cell.nr-data.net/events/1/ae8d4fd7aa?a=682767777&v=1194.94d5a62&to=YlYHYkpWXRYDARZQDVscKGB7GGAMFgcBVhBQcApYTEVcCQ4HEBYrW1cATg%3D%3D&rst=13233&ck=1&ref=https://www.provident.pl/pozyczka-samoobslugowa2
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1194.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa2?utm_source=netsales_bolt&utm_term=444615&utm_medium=afiliacja&utm_content=wynajmowana_bolt&utm_campaign=bolt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 21 Jan 2021 09:03:52 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.provident.pl
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
614fdd4f192c0c8d-AMS
Content-Length
24
cf-request-id
07c5c8a56d00000c8de93b0000000001

Verdicts & Comments Add Verdict or Comment

305 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require function| subscribeEvent function| unsubscribeEvent function| startActivityHandler function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent string| dispStatus string| oldDispStatus boolean| bmProcessing string| GoogleAnalyticsObject function| ga object| dataLayer object| google_tag_data object| gaplugins object| google_tag_manager function| postscribe function| setCookie object| gaGlobal object| gaData function| hj object| _hjSettings object| google_conversion_id object| google_custom_params object| google_remarketing_only string| v function| createCookie string| t string| gwpAction string| gwpReferer number| tt object| requestParams string| gwpClientId object| gwpPxInfo function| fbq function| _fbq object| _adftrack undefined| uap string| utm_term object| global string| loginUrl string| g_msgs string| localLang undefined| _informationForm undefined| _powerOfAttorney undefined| _loanAgreement undefined| _loanOfferType undefined| _loanContract undefined| _currentSchedule undefined| _repaymentSchedule undefined| _summaryOfLoanTerms undefined| _repaymentHistory undefined| _termsNConditions function| agreeCheckAllInWrapper function| toggleChkBox function| addDataError function| addDataErrorForCallback function| removeDataError function| getMessages function| isIE function| getLang function| deviceType function| GetCalcStatus function| GetDigitalCalcStatus function| SetDigitalCalcData function| GetCitiesByStateId function| GetAutoCompleteData function| GetBrokerAutoCompleteData function| GetBrokerIsValidId function| GetStageOneDetails function| CheckAddressData function| CheckUser function| CheckCustomerUniqueEmail function| CheckPesl function| CheckIdCard function| CheckBankAccountNumber function| substringMatcher undefined| pdfHost function| GetFOrmData function| validateID function| checkName function| checkFirstName function| CheckROPINNumber function| GetMessageText function| CheckVatId function| CheckPhoneNumber function| CheckMobileNumber function| CheckPreferedDate function| DackClick function| CheckIDNumberValidation function| redirectToLogin function| getLoggedInUser function| isLoggedIn function| redirectIfNotSignedIn function| getIndividualDetails function| getBoltStageOneDetails function| getBoltStageTwoDetails function| getBoltAbandonedStageDetails function| getAddressDetails function| getTaxIdPL function| getFinancialDetails function| GetPersonalDetailsForNextLoan function| GetParallelLoanDetail function| GetRefinanceLoanDetail function| SetUserEndSession function| PostSendUserDipReferralSummary function| getHandlerUrl function| getAjaxData function| isValidated function| enableField function| resetField function| resetForm function| revalidateField function| revalidateFieldWithFrm function| enabRevalFieldValidator function| enableFieldValidator function| disableFieldValidator function| togglefv function| changeattr function| getname function| getId function| removename function| addname function| copytext function| elemExists function| disabl function| setInpVal function| rdonly function| editable function| setInputVal function| addClass function| setRbVal function| setRbTableVal function| setDrpVal function| pad function| addProcIcon function| getUrlParameter function| formatNumber function| getCalculatorDataWebservice function| translate function| getDocumentsBYAgreementID function| initDocs function| modalHeight function| printTermsandConditionForm function| printInformationForm function| CzOfferPdfDownload function| CSCCzOfferPdfDownload function| ipfgetvalue function| ipfgetplaceholder function| ipfgetvalueonly function| formCancel function| doModal function| doAlert function| ipfBoltPageFormReset function| ipfCheckIEVersion function| showHideAccordionFn function| isLocalStorageNameSupported function| cLog function| RsaEncrypt function| getBMParameterValues function| GetTenantData function| GetAutoCompleteRuianData function| GetAutoCompleteGoogleData function| GetAutoCompleteCribisData function| GetLoanApplicationsData function| CheckAutoCompleteValid function| SaveInfoFormConsent function| SaveScreenScrappingConsent string| ipfSettingsCalcPackage boolean| isOperaBrowser object| currentRequest undefined| refreshIntervalId undefined| popupDelayId boolean| popupOnStage4 number| dispTimeoutIntervalId boolean| bankverificationWindowClosed function| resizeJobs function| toggleBrokerFields function| brokerSearchClicked function| equalHeight function| readCookie function| eraseCookie function| formatHiddentVars number| remainingAttempts number| tokenExpiryInterval number| pageLength function| VerifyCustomer function| getParameterByName function| VerifyOTP function| ForgottenPasswordVerify function| VerifyCustomerWithMobileNumber function| VerifyCustomerWithAgreementNumber function| VerifyCustomerWithPwd function| OnErrorAction function| RenewToken function| ValidateCaptcha function| ShowLoginSuccess function| ShowLoginError function| NonInterimgenerateOTP function| Logout function| ClearLoginSession function| CheckTokenExpiry function| CheckLoginSession function| CreateCredentials function| ShowCreateCrendentialsSuccess function| ShowCreateCrendentialsError function| ChangePassWord function| ValidateToken function| putForgetPassword function| $ function| jQuery object| jQuery112406695516174202956 object| store function| SearchIndex function| Bloodhound object| Placeholders function| eve function| Raphael function| module object| Charts object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| gwp_isInt function| gwp_getTransId function| gwp_getExtParams function| gwp_getProducts function| gwp_getPrice function| gwp_getQuantity function| getFromCookie function| setToCookie function| getSetSSID function| gwp_documentReferrer string| gwpSn string| gwpDotAction string| gwpPar object| gwpDot function| S4 function| onYouTubeIframeAPIReady object| google_optimize function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| ifr object| img boolean| PushAdReady boolean| push_window_focus object| pushAdHelper object| Adform object| KJUR object| adf

30 Cookies

Domain/Path Name / Value
.audiencemanager.de/ Name: NmpEMX
Value: EMX
.audiencemanager.de/ Name: Nano
Value: 5019a2c066add159e3bcd91f9bcd5c17600c6890aea59f70175eeb50407ca4d1
.audiencemanager.de/ Name: NmpAppNexus
Value: AppNexus
.doubleclick.net/ Name: IDE
Value: AHWqTUmx45Ei-3bJvw_MMXoZoOL-icEByZYUDWWrM_tN3gUDyAIeCfvDFr1EBgMD
.provident.pl/ Name: _gid
Value: GA1.2.322935975.1611219821
www.provident.pl/ Name: _hjIncludedInSessionSample
Value: 1
.provident.pl/ Name: _hjTLDTest
Value: 1
.provident.pl/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.provident.pl/ Name: base_referer
Value:
.provident.pl/ Name: _dc_gtm_UA-17427387-1
Value: 1
.provident.pl/ Name: _gat_UA-41461947-1
Value: 1
www.provident.pl/ Name: ssid
Value: 3fc2d1a72f364dd568335f13b764c0b0
.provident.pl/ Name: _ga_X7N6234SNG
Value: GS1.1.1611219820.1.0.1611219820.0
.provident.pl/ Name: _fbp
Value: fb.1.1611219821015.1530360728
.provident.pl/ Name: smwebid
Value: undefined
.provident.pl/ Name: _hjFirstSeen
Value: 1
.provident.pl/ Name: visid_incap_192409
Value: H2IGfIw8RDyQTO5TOJ9snGtDCWAAAAAAQUIPAAAAAADR4S6HbDMgAB9L35KipkqI
www.provident.pl/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: 2a426e9eaca44e3788426a132b2c373b|False
.audiencemanager.de/ Name: NmpDBM
Value: DBM
.provident.pl/ Name: dctraffic
Value: netsales_bolt / afiliacja
.provident.pl/ Name: dcmedium
Value: afiliacja
.provident.pl/ Name: _pushAdSoftId
Value: feedd310-2637-3d2c-f308-ca652d3a1444
.provident.pl/ Name: incap_ses_450_192409
Value: h+dXN44iaHV0QTAn6Lg+BmxDCWAAAAAAafvtv+ItgFlDq3ElS7580g==
.provident.pl/ Name: dcsource
Value: netsales_bolt
.provident.pl/ Name: _hjid
Value: 60bcbe0a-d73e-4e12-ae4a-320347a2a2f0
.provident.pl/ Name: _ga
Value: GA1.2.492681915.1611219821
.provident.pl/ Name: incap_ses_1309_192409
Value: BzhZenDWdFggcUUqqoAqEmxDCWAAAAAA8n/G+0Q6IINNC6hxiRy3RQ==
www.provident.pl/ Name: ASP.NET_SessionId
Value: hp5ofxuwzg0pbibjwdenge4z
.provident.pl/ Name: _gcl_au
Value: 1.1.85933416.1611219821
www.provident.pl/ Name: T4G-80-STICKY-COOKIE
Value: ffffffff0925151d45525d5f4f58455e445a4a423660

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.provident.pl/scripts/core.js?v=2.0.6.121f(Line 1)
Message:
Fetching Ajax data from /Custom/handlers/ExecuteAction.ashx?action=GetProductData&nocache=1611219820688
console-api log URL: https://www.provident.pl/scripts/core.js?v=2.0.6.121f(Line 1)
Message:
Fetching Ajax data from /Custom/handlers/ExecuteAction.ashx?action=GetDigitalCalcStatus&nocache=1611219820810
console-api log (Line 2)
Message:
remove

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4289377.fls.doubleclick.net
api2.push-ad.com
app.push-ad.com
bam-cell.nr-data.net
cm.g.doubleclick.net
connect.facebook.net
cx.atdmt.com
dot.wp.pl
e1.emxdgt.com
ges.vg
go.lead-click.com
googleads.g.doubleclick.net
ib.adnxs.com
js-agent.newrelic.com
nsm.tr.netsalesmedia.pl
play.adtonos.com
prf.audiencemanager.de
px.wp.pl
s2.adform.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
track.adform.net
vars.hotjar.com
www.audiencemanager.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.provident.pl
145.239.22.125
149.126.77.234
151.101.114.110
162.247.243.147
172.217.22.2
172.217.23.102
18.195.155.181
185.33.221.15
212.77.100.251
212.77.100.82
2a00:1450:4001:802::2004
2a00:1450:4001:815::200e
2a00:1450:4001:818::2008
2a00:1450:4001:819::2002
2a00:1450:4001:821::2003
2a00:1450:400c:c08::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
35.187.117.15
37.157.2.234
37.157.2.249
45.9.148.101
51.89.155.117
52.209.135.184
54.77.136.51
65.9.73.108
65.9.73.24
65.9.73.70
01b075c82f193259c4371aaf4127317a876f2e482347933f2877368d4f00a3de
04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd
09f73aba8c95fe564c3b79fe9cbdd0d60a43f39d60bca2abdb590fa60fd520ff
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
242d507bbea8b1bfead6984970913e1e262e52f4e97b342d085f500b4b9edbca
259d2765258e4d88ed7c51550a16b497722922b99d8e901d58ce202b967db288
2bed58fe9d3ce0f93ceb8ddc89edd0f136861fec832246354def636d9a3435e6
2e42f23c7aecdda9d1f1c567b3b0d83e4d45efd7df9214ea8226a67c08c71ae1
3b826e578ecffe74b6b959bd3865156689c12657b02e00409e728386fa6fd8e5
3c6e639d4e6b8be24b4cd0480cedcdda45689ecf3dd11fede874250dd01545dc
3fd2ecda01437514d12365347700e05532c8dbf75b4a86e7658f17d59a17069c
40c910d8fa7cced2e9d78747bd2dc5370165d233705c29ee688daa65055d25dd
4409476bed4c1c0c979fd002531e99aca7db1dca4b9a3a654dccfa5fb6ebbc30
4a950a0aa0de7ec446c7449ed981f9f01c478a3a2f437ab6219076ce54d45a25
4add7468b749e18063b9cd9c8afbb99a7c536bfe6d569e2a338447a2a4215589
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57f02d5ef19dfa2e6139af1c6536f7cbca36d29508d87b50f38c43fd10b0657d
6607db02d62f168bb1d2b912aadd968d0395e279dbc33958ad61224e50566aa1
67774a340ba486748ac65d18d8c9a3a3f9f696130be17fe92346ccb69473366e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc3dc60de82bd1ea8c81905d4a638b491b132505a10415a6ed2a393b058fcbf
75c79f0e05093f0e04003f5387a81e7396b283c2642cfa7e899a85b74b628832
76da9d20b7e6e9e7d0b2a2e65c99eadb371584a4a1045c953035d1937be00b39
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8368af1fd962c757baa898335a7fc959902692e3a47e788825599e9299c1e854
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ca8143eccf52c47b1c1865930e5921d3283dd8ca0f377e4d45148c561a48130
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
acc698bf71d3ff1e5ba81fa1c7e0dba068254be210a092084ea2416ba0577e85
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3036652aa19e411f89969db7fb78921f137514d84d8590a11fa2d2dc7f6068f
b4b91d1b8888b77fdbf5d54b3ed71f03b1473cd97bb13fadb4fe5efe0e7eaf20
bd95ed09942c9608255d8a2691decf065c7d6773e2bafbd4e619c7f00f9eb4d9
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2
c50287f060ebb72a8ba13a2648316043c8b644199453e4488ee999d52c22f7fb
c758a475a40292c7424f3efbc33331e49e82980d036bc0c14b00ae35352921ae
c771b13382737d9e935a965a486574efb1d8f1ea729e7ba72c77fd9bbe563f23
cf22f003e0b12202626bb653d15b11907b67011d218b7e3d097b6399ab206de3
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d1c6d97c9f720e9016fdb062d833914872c1a25ae3d089cd8b982ed56f4154ef
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb46083af7c03f29bd8a8cdf5e14d0cc473f4d6acf167101f2e74beefd76e05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7847c5ac562933fe0b1bd85ee9a3de42898dbab94eaef00695d90629f40d6
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9af387c1a0168cad8bc77aef0dc0e3ccd7cb38f453476495fc06c9f3a861857
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9d0998a8fe59519e96961d8c38e164e4d1cb62b827b558176747e5dbf98d63
f6390ca5f8fd14c80718471a30e20d07569271320766fef35bb37bdc2b173e57
f839206ecf428ab0a0f5c87d13744ce0acd9702e408d3b35b13ea59af6ea92b6