urlscan.io logo urlscan.io
SecurityTrails logo

www.provident.pl Open in urlscan Pro
149.126.77.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ms0481.m.lrmailr.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09x...
Effective URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&u...
Submission: On September 16 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 9 countries across 25 domains to perform 66 HTTP transactions. The main IP is 149.126.77.234, located in Frankfurt am Main, Germany and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.provident.pl.
TLS certificate: Issued by GlobalSign Organization Validation CA... on March 12th 2018. Valid for: 2 years.
This is the only time www.provident.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.255.51.135 16276 (OVH)
1 85.194.246.170 57367 (ECO-ATMAN...)
1 1 138.201.139.208 24940 (HETZNER-AS)
1 1 52.50.109.222 16509 (AMAZON-02)
1 2 35.187.117.15 15169 (GOOGLE)
25 149.126.77.234 19551 (INCAPSULA)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 216.58.210.6 15169 (GOOGLE)
3 147.75.83.125 54825 (PACKET)
1 216.58.207.66 15169 (GOOGLE)
1 6 54.246.183.183 16509 (AMAZON-02)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
3 54.38.195.141 16276 (OVH)
1 212.77.100.251 12827 (WIRTUALNA...)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 3 37.157.4.24 198622 (ADFORM)
1 2 212.77.100.82 12827 (WIRTUALNA...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 172.217.23.130 15169 (GOOGLE)
2 2 37.252.172.250 29990 (ASN-APPNEXUS)
2 2 52.29.93.239 16509 (AMAZON-02)
1 3 2a03:2880:f12... 32934 (FACEBOOK)
1 2a03:2880:f0f... 32934 (FACEBOOK)
1 151.101.114.110 54113 (FASTLY)
3 162.247.242.21 23467 (NEWRELIC-...)
66 22
1    51.255.51.135 (France)

ASN16276 (OVH, FR)
PTR: ms0481.m.lrmailr.pl
ms0481.m.lrmailr.pl
1    85.194.246.170 (Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-10.85-194-246-160.net.eco.atman.pl
s.xya.pl
1    138.201.139.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 4-bt-spd-d.funcns.net
api.spoldzielnia.nsaudience.pl
1    52.50.109.222 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com
track.komktracker.pl
2    35.187.117.15 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 15.117.187.35.bc.googleusercontent.com
nsm.tr.netsalesmedia.pl
25    149.126.77.234 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 149.126.77.234.ip.incapdns.net
www.provident.pl
5    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    216.58.210.6 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f6.1e100.net
4289377.fls.doubleclick.net
3    147.75.83.125 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-6
static.hotjar.com
script.hotjar.com
vars.hotjar.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
www.googleadservices.com
6    54.246.183.183 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-183-183.eu-west-1.compute.amazonaws.com
prf.audiencemanager.de
www.audiencemanager.de
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)
static1.remintrex.com
3    54.38.195.141 (Poland)

ASN16276 (OVH, FR)
PTR: ns3116203.ip-54-38-195.eu
app.push-ad.com
api2.push-ad.com
1    212.77.100.251 (GdaÅ„sk, Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: px.wp.pl
px.wp.pl
4    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
3    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    212.77.100.82 (GdaÅ„sk, Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: dot.wp.pl
dot.wp.pl
1    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    172.217.23.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net
cm.g.doubleclick.net
2    37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    52.29.93.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-93-239.eu-central-1.compute.amazonaws.com
ice.360yield.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2a03:2880:f0ff:2:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
cx.atdmt.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
3    162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Domain Requested by
25 www.provident.pl www.provident.pl
5 www.google-analytics.com 1 redirects www.provident.pl
4 connect.facebook.net www.provident.pl
3 bam.nr-data.net www.provident.pl
3 www.facebook.com 1 redirects www.provident.pl
3 www.audiencemanager.de www.provident.pl
3 www.google.de www.provident.pl
3 www.google.com 2 redirects www.provident.pl
3 track.adform.net 1 redirects www.provident.pl
3 prf.audiencemanager.de 1 redirects www.provident.pl
2 api2.push-ad.com www.provident.pl
2 ice.360yield.com 2 redirects
2 ib.adnxs.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 dot.wp.pl 1 redirects www.provident.pl
2 4289377.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 nsm.tr.netsalesmedia.pl 1 redirects
1 js-agent.newrelic.com www.provident.pl
1 cx.atdmt.com www.provident.pl
1 vars.hotjar.com www.provident.pl
1 cm.g.doubleclick.net 1 redirects
1 googleads.g.doubleclick.net www.provident.pl
1 script.hotjar.com www.provident.pl
1 px.wp.pl www.provident.pl
1 app.push-ad.com www.provident.pl
1 static1.remintrex.com www.provident.pl
1 www.googleadservices.com www.provident.pl
1 static.hotjar.com www.provident.pl
1 www.googletagmanager.com www.provident.pl
1 track.komktracker.pl 1 redirects
1 api.spoldzielnia.nsaudience.pl 1 redirects
1 s.xya.pl
1 ms0481.m.lrmailr.pl 1 redirects
66 33
Subject Issuer Validity Valid
www.provident.pl
GlobalSign Organization Validation CA - SHA256 - G2		 2018-03-12 -
2020-04-30		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.audiencemanager.de
Go Daddy Secure Certificate Authority - G2		 2017-08-16 -
2019-10-10		 2 years crt.sh
static1.remintrex.com
Let's Encrypt Authority X3		 2019-08-28 -
2019-11-26		 3 months crt.sh
app.push-ad.com
Let's Encrypt Authority X3		 2019-07-22 -
2019-10-20		 3 months crt.sh
*.wp.pl
RapidSSL RSA CA 2018		 2018-12-24 -
2020-02-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2018-02-02 -
2019-10-02		 2 years crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.push-ad.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-27 -
2019-09-27		 a year crt.sh
www.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2019-07-11 -
2019-10-09		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.tr.netsalesmedia.pl
AlphaSSL CA - SHA256 - G2		 2019-02-18 -
2020-04-05		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Frame ID: BDE8A42A878311AC7407B6533ED70FD4
Requests: 62 HTTP requests in this frame

Frame: https://4289377.fls.doubleclick.net/activityi;dc_pre=CNO2g72S1OQCFRqC3god4ToCzQ;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki;u6=cube;u7=mailing;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki
Frame ID: 9AD2FC849EEB3FD8BB2961B18EC8923A
Requests: 1 HTTP requests in this frame

Frame: https://static1.remintrex.com/ceng/pub/ceng-tr.html?p=a60d2a982de90fce6c6e44f209d59d34&op=127917327351a1cbec7ef2e5c1c91305
Frame ID: 7CFBE48E6DCC556EEE6723082623664A
Requests: 1 HTTP requests in this frame

Frame: https://www.audiencemanager.de/log/profile/get-piggybacks?pid=5596911bb1a43da97f8b4567&requesterId=4003ee02b49f4b16dad29f80144c0889&cookieId=5d7edf17cb9e50241827917198338616
Frame ID: 47F1C898FBC0AFA1586A0C22AFF0AD03
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 9CA62BF7DD3A7AFF392481B1541C6DF3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ms0481.m.lrmailr.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0... HTTP 301
    http://s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0... Page URL
  2. http://api.spoldzielnia.nsaudience.pl/redirect?lid=8d1c94890db0a4227d9d9c0c0a8f62d7&target=http%3A%2F%2Ftrack.komk... HTTP 302
    http://track.komktracker.pl/aff_c?offer_id=14580&aff_id=1269&url_id=49104&aff_sub=yellowmail&aff_sub4=v1... HTTP 302
    http://nsm.tr.netsalesmedia.pl/ts/i5533769/tsc?amc=email.cubegroup.377190.390114.153300&smc1=XXXXX&tst=!!TI... HTTP 302
    https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

66
Requests

98 %
HTTPS

34 %
IPv6

25
Domains

33
Subdomains

22
IPs

9
Countries

1310 kB
Transfer

4248 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ms0481.m.lrmailr.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87 HTTP 301
    http://s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87&ref= Page URL
  2. http://api.spoldzielnia.nsaudience.pl/redirect?lid=8d1c94890db0a4227d9d9c0c0a8f62d7&target=http%3A%2F%2Ftrack.komktracker.pl%2Faff_c%3Foffer_id%3D14580%26aff_id%3D1269%26url_id%3D49104%26aff_sub%3Dyellowmail%26aff_sub4%3Dv1%22target%3D%22_blank&pid=68479 HTTP 302
    http://track.komktracker.pl/aff_c?offer_id=14580&aff_id=1269&url_id=49104&aff_sub=yellowmail&aff_sub4=v1%22target=%22_blank HTTP 302
    http://nsm.tr.netsalesmedia.pl/ts/i5533769/tsc?amc=email.cubegroup.377190.390114.153300&smc1=XXXXX&tst=!!TIMESTAMP!!&rmd=2&trg=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki HTTP 302
    https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ms0481.m.lrmailr.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87 HTTP 301
  • http://s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87&ref=
Request Chain 22
  • https://4289377.fls.doubleclick.net/activityi;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki;u6=cube;u7=mailing;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki HTTP 302
  • https://4289377.fls.doubleclick.net/activityi;dc_pre=CNO2g72S1OQCFRqC3god4ToCzQ;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki;u6=cube;u7=mailing;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki
Request Chain 25
  • https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567 HTTP 307
  • https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567?cookieId=5d7edf17cb9e50241827917198338616
Request Chain 39
  • https://track.adform.net/Serving/TrackPoint/?pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=189257449042&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=189257449042&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190
Request Chain 40
  • https://dot.wp.pl/s5811520619/px.gif?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3Dhttp%253A%252F%252Fs.xya.pl%252Fff6a3fa0-d602-11e9-9c1b-09759c40921b%252FyJCeyIXA1CRsTCr%252F8d1c94890db0a4227d9d9c0c0a8f62d7%252Fo26yFhj09xE1YbW%252FFIN.html%253Fmid%253D27d49df6aabbc6c453e5202810216c87%2526ref%253D%26shost%3Ds.xya.pl%26ssid%3D3a4807b9a88f465273eebc342ee46ff5&pg=https%3A//www.provident.pl/pozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki HTTP 301
  • https://dot.wp.pl/r1568595736/pxn?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3Dhttp%253A%252F%252Fs.xya.pl%252Fff6a3fa0-d602-11e9-9c1b-09759c40921b%252FyJCeyIXA1CRsTCr%252F8d1c94890db0a4227d9d9c0c0a8f62d7%252Fo26yFhj09xE1YbW%252FFIN.html%253Fmid%253D27d49df6aabbc6c453e5202810216c87%2526ref%253D%26shost%3Ds.xya.pl%26ssid%3D3a4807b9a88f465273eebc342ee46ff5&pg=https%3A//www.provident.pl/pozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki
Request Chain 43
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-17427387-1&cid=1130795627.1568595736&jid=1053843498&gjid=348107251&_gid=37251774.1568595736&_u=aGDAgEADQ~&z=1193777370 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=1053843498&_v=j79&z=1193777370 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=1053843498&_v=j79&z=1193777370&slf_rd=1&random=1820262827
Request Chain 46
  • https://cm.g.doubleclick.net/pixel?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&google_nid=nano_dmp&google_cm&google_sc&cb=1568595736 HTTP 302
  • https://prf.audiencemanager.de/log/profile/map?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&cb=1568595736&google_gid=CAESEOACW5ZdJps9gPejkNtfJtM&google_cver=1
Request Chain 47
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fwww.audiencemanager.de%2Fcm%3Fprovider%3DAppNexus%26sourceId%3D55969105b1a43d9f7f8b4567%26sourceType%3Da%26adnxs_uid%3D%24UID%26cb%3D1568595736 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fwww.audiencemanager.de%252Fcm%253Fprovider%253DAppNexus%2526sourceId%253D55969105b1a43d9f7f8b4567%2526sourceType%253Da%2526adnxs_uid%253D%2524UID%2526cb%253D1568595736 HTTP 302
  • https://www.audiencemanager.de/cm?provider=AppNexus&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&adnxs_uid=2607443855408164732&cb=1568595736
Request Chain 48
  • https://ice.360yield.com/server_match?r=https%3A%2F%2Fwww.audiencemanager.de%2Fcm%3Fprovider%3DIMD%26sourceId%3D55969105b1a43d9f7f8b4567%26sourceType%3Da%26imd_uid%3D%7BPUB_USER_ID%7D%26partner_id%3D4%26cb%3D1568595736 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fwww.audiencemanager.de%2Fcm%3Fprovider%3DIMD%26sourceId%3D55969105b1a43d9f7f8b4567%26sourceType%3Da%26imd_uid%3D%7BPUB_USER_ID%7D%26partner_id%3D4%26cb%3D1568595736 HTTP 302
  • https://www.audiencemanager.de/cm?provider=IMD&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&imd_uid=307d8d57-8202-48d8-b27d-7bf4cb12f0cb&partner_id=4&cb=1568595736
Request Chain 57
  • https://www.facebook.com/tr/?id=569634303396026&ev=PageView&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&rl=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&if=false&ts=1568595736255&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568595736220.716670157&it=1568595736180&coo=false&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=9659479574676662490&f=AYyDkEgZsGk2NwjSUYZzDKMYBEXyBjWk_5vy_dco2bsSMGkGNRBsbMP9AKTsrx5jjavK4oL4P7R0NqVceb27btsc&id=569634303396026&l=3&v=0
Request Chain 61
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=987952119&t=event&_s=1&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&dr=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&ul=en-us&de=UTF-8&dt=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&ec=Wersja%20wniosku&ea=Po%C5%BCyczka%20samoobs%C5%82ugowa&el=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&_u=aGDAAEADQ~&jid=410293809&gjid=466006740&cid=1130795627.1568595736&tid=UA-17427387-1&_gid=37251774.1568595736&_r=1&gtm=2wg941T6DFR9&z=1541613001 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17427387-1&cid=1130795627.1568595736&jid=410293809&_gid=37251774.1568595736&gjid=466006740&_v=j79&z=1541613001 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=410293809&_v=j79&z=1541613001 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=410293809&_v=j79&z=1541613001&slf_rd=1&random=1231968433

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
FIN.html
s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/
Redirect Chain
  • http://ms0481.m.lrmailr.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87
  • http://s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87&ref=
434 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
http://s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87&ref=
Protocol
HTTP/1.1
Server
85.194.246.170 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-10.85-194-246-160.net.eco.atman.pl
Software
nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
d8129babd9b293633d69d028ef9097f04cca3206de80aefa269e409c16828799

Request headers

Host
s.xya.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.4.6 (Ubuntu)
Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Encoding
gzip

Redirect headers

Location
http://s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87&ref=
Content-Length
0
Date
Mon, 16 Sep 2019 01:02:14 GMT
Server
lighttpd/1.4.45
Primary Request Cookie set pozyczka-samoobslugowa3
www.provident.pl/
Redirect Chain
  • http://api.spoldzielnia.nsaudience.pl/redirect?lid=8d1c94890db0a4227d9d9c0c0a8f62d7&target=http%3A%2F%2Ftrack.komktracker.pl%2Faff_c%3Foffer_id%3D14580%26aff_id%3D1269%26url_id%3D49104%26aff_sub%3D...
  • http://track.komktracker.pl/aff_c?offer_id=14580&aff_id=1269&url_id=49104&aff_sub=yellowmail&aff_sub4=v1%22target=%22_blank
  • http://nsm.tr.netsalesmedia.pl/ts/i5533769/tsc?amc=email.cubegroup.377190.390114.153300&smc1=XXXXX&tst=!!TIMESTAMP!!&rmd=2&trg=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%...
  • https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
61 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bdbf1390d5db221d4a823bcaa857615fa0d91a0af51967af6e31f0b478e2abc5
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
www.provident.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87&ref=
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://s.xya.pl/ff6a3fa0-d602-11e9-9c1b-09759c40921b/yJCeyIXA1CRsTCr/8d1c94890db0a4227d9d9c0c0a8f62d7/o26yFhj09xE1YbW/FIN.html?mid=27d49df6aabbc6c453e5202810216c87&ref=

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
x-frame-options
DENY
Set-Cookie
ASP.NET_SessionId=c5nkkswgq4q2gm3zkepzxs5y; path=/; Secure; HttpOnly; secure; HttpOnly SC_ANALYTICS_GLOBAL_COOKIE=abd9de0c3113468b97ad973501293696; expires=Sun, 16-Sep-2029 01:02:15 GMT; path=/; Secure; HttpOnly; secure; HttpOnly SC_ANALYTICS_SESSION_COOKIE=CB02C5FE26684A52956AB0C7E0637952|1|c5nkkswgq4q2gm3zkepzxs5y; path=/; Secure; HttpOnly; secure; HttpOnly T4G-80-STICKY-COOKIE=ffffffff0925151d45525d5f4f58455e445a4a423660;expires=Mon, 16-Sep-2019 03:02:19 GMT;path=/;secure;httponly visid_incap_192409=pkK857CjSGSZu2GD288Mzhbffl0AAAAAQUIPAAAAAADij85Aua/1Ifj1KBlK55S+; expires=Mon, 14 Sep 2020 09:40:56 GMT; path=/; Domain=.provident.pl; Secure incap_ses_473_192409=or2ZMagEhHJjcuKlfnCQBhbffl0AAAAAGyb6paPryhIhO98GEp8MPQ==; path=/; Domain=.provident.pl; Secure ___utmvmtEutpkI=smWeGagLveN; path=/; Max-Age=900; Secure ___utmvatEutpkI=OAgQtMd; path=/; Max-Age=900; Secure ___utmvbtEutpkI=LZh XEMOQale: NtV; path=/; Max-Age=900; Secure
X-AspNetMvc-Version
5.1
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Mon, 16 Sep 2019 01:02:15 GMT
X-Iinfo
5-133121022-133121030 NNNN CT(17 50 0) RT(1568595734703 12) q(0 0 1 18) r(2 2) U12
X-CDN
Incapsula
Transfer-Encoding
chunked

Redirect headers

Server
nginx/1.13.9
Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
tsc=kP0!Gn6y_2wn7_4!AQ|CD6Q!A!JA!~EqE10PA*2DJ38PSHRzD4!DJ38S8TD7_4!DJ38S8TD7_4!MQO; Domain=.tr.netsalesmedia.pl; Expires=Tue, 15-Sep-2020 01:02:15 GMT; Path=/
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Pragma
no-cache
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Mon, 16 Sep 2019 01:02:15 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
X-XSS-Protection
0
Location
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
TT_Rounds-Bold-webfont.woff2
www.provident.pl/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/fonts/TT_Rounds-Bold-webfont.woff2
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
f6390ca5f8fd14c80718471a30e20d07569271320766fef35bb37bdc2b173e57

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Origin
https://www.provident.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:14 GMT
Last-Modified
Mon, 12 Sep 2016 11:18:12 GMT
X-CDN
Incapsula
Etag
"0f22859e7cd21:0"
Content-Type
application/x-font-woff2
X-Iinfo
9-109140630-0 0CNN RT(1568595734977 6) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1143222, public
Content-Length
37240
Expires
Sun, 29 Sep 2019 06:35:56 GMT
fontawesome-webfont.woff
www.provident.pl/fonts/fontAwesome/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/fonts/fontAwesome/fontawesome-webfont.woff
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Origin
https://www.provident.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:14 GMT
Last-Modified
Mon, 12 Sep 2016 11:18:14 GMT
X-CDN
Incapsula
Etag
"01f5a5ae7cd21:0"
Content-Type
application/x-font-woff
X-Iinfo
3-71771739-0 0CNN RT(1568595734977 7) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1500455, public
Content-Length
71508
Expires
Thu, 03 Oct 2019 09:49:49 GMT
TT_Rounds-Regular-webfont.woff2
www.provident.pl/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/fonts/TT_Rounds-Regular-webfont.woff2
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
3c6e639d4e6b8be24b4cd0480cedcdda45689ecf3dd11fede874250dd01545dc

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Origin
https://www.provident.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:14 GMT
Last-Modified
Mon, 12 Sep 2016 11:18:12 GMT
X-CDN
Incapsula
Etag
"0f22859e7cd21:0"
Content-Type
application/x-font-woff2
X-Iinfo
10-149449253-0 0CNN RT(1568595734978 7) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1143223, public
Content-Length
36980
Expires
Sun, 29 Sep 2019 06:35:57 GMT
core2.css
www.provident.pl/styles/ 		508 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/styles/core2.css?v=2.0.6.78
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
6580397b3350581306b30e28753366afd39021b0ceb4cb22b80956cabe045aa1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Aug 2019 13:27:36 GMT
X-CDN
Incapsula
Etag
"094ee86b659d51:0"
Content-Type
text/css
X-Iinfo
5-133121022-0 0CNN RT(1568595734703 271) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1771244, public
Content-Length
69139
Expires
Sun, 06 Oct 2019 13:02:58 GMT
font-awesome.css
www.provident.pl/styles/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/styles/font-awesome.css?v=2.0.6.78
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
c6ad937ca9505a32f308f04174e08b7ae18ffa2a01769586cd80ecaf4d542ed7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jun 2019 11:19:14 GMT
X-CDN
Incapsula
Etag
"065817efe24d51:0"
Content-Type
text/css
X-Iinfo
10-149449252-0 0CNN RT(1568595734976 7) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1771243, public
Content-Length
5728
Expires
Sun, 06 Oct 2019 13:02:57 GMT
VisitorIdentification.js
www.provident.pl/layouts/system/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/layouts/system/VisitorIdentification.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
2663c0838335c9c134b71b9d47810a2f3664de4da210a5a8dde896d2a7c5ea51

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 May 2014 16:41:00 GMT
X-CDN
Incapsula
Etag
"0366546179cf1:0"
Content-Type
application/x-javascript
X-Iinfo
9-109140632-0 0CNN RT(1568595734978 7) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=2462272, public
Content-Length
513
Expires
Mon, 14 Oct 2019 13:00:06 GMT
preloader2.gif
www.provident.pl/images/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/images/preloader2.gif
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
b4b91d1b8888b77fdbf5d54b3ed71f03b1473cd97bb13fadb4fe5efe0e7eaf20

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:14 GMT
Last-Modified
Mon, 17 Jun 2019 11:18:56 GMT
X-CDN
Incapsula
Etag
"0d0c673fe24d51:0"
Content-Type
image/gif
X-Iinfo
5-133121022-0 0CNN RT(1568595734703 285) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=2462144, public
Content-Length
89658
Expires
Mon, 14 Oct 2019 12:57:58 GMT
provident_colour_logo_rgb_resized.ashx
www.provident.pl/~/media/poland/rebranding_img/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/~/media/poland/rebranding_img/provident_colour_logo_rgb_resized.ashx?h=61&la=pl-PL&w=107
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f4c5ad19a5806e58d5244a8fd11fa1b56df53082c52489c8d3b5ea9067b1d245
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Last-Modified
Thu, 18 Aug 2016 14:40:48 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
image/jpeg
X-Iinfo
10-149449252-149449255 NNNN CT(0 0 0) RT(1568595734976 17) q(0 0 0 -1) r(1 1) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="Provident_Colour_Logo_RGB_resized.jpg"
Accept-Ranges
bytes
Content-Length
16589
X-CDN
Incapsula
Expires
Mon, 23 Sep 2019 01:02:15 GMT
F61417789ED740FBB045CB1EE2FEECB6.ashx
www.provident.pl/~/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/~/media/F61417789ED740FBB045CB1EE2FEECB6.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c771b13382737d9e935a965a486574efb1d8f1ea729e7ba72c77fd9bbe563f23
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:16 GMT
Last-Modified
Mon, 18 Jan 2016 15:25:49 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
image/png
X-Iinfo
3-71771739-71771749 NNNN CT(0 0 0) RT(1568595734977 43) q(0 0 0 -1) r(13 13) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="headerphone.png"
Accept-Ranges
bytes
Content-Length
1299
X-CDN
Incapsula
Expires
Mon, 23 Sep 2019 01:02:16 GMT
header_bankowo_dobre_warunkimarzec18_200px.ashx
www.provident.pl/~/media/poland/carousel/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/~/media/poland/carousel/header_bankowo_dobre_warunkimarzec18_200px.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7e7e3da2a9617ffd0b0349c5b422dc55c16942190296f9379bbb886cb8e1b17f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Last-Modified
Wed, 13 Mar 2019 13:15:38 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
image/jpeg
X-Iinfo
10-149449253-149449256 NNNN CT(0 0 0) RT(1568595734978 43) q(0 0 0 -1) r(1 1) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="header_bankowo_dobre_warunkimarzec18_200px.jpg"
Accept-Ranges
bytes
Content-Length
164405
X-CDN
Incapsula
Expires
Mon, 23 Sep 2019 01:02:15 GMT
core.js
www.provident.pl/scripts/ 		1 MB
328 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/scripts/core.js?v=2.0.6.78
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
01f9007bbf488e3461ac63a167234108f8f025fc96318e590b82b03dba39334e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Sep 2019 08:59:16 GMT
X-CDN
Incapsula
Etag
"0a5e5c9164d51:0"
Content-Type
application/x-javascript
X-Iinfo
9-109140630-0 0CNN RT(1568595734977 44) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1771242, public
Content-Length
335916
Expires
Sun, 06 Oct 2019 13:02:57 GMT
detectUserEndSession.js
www.provident.pl/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/scripts/detectUserEndSession.js?v=2.0.6.78
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
57f02d5ef19dfa2e6139af1c6536f7cbca36d29508d87b50f38c43fd10b0657d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jun 2019 11:19:14 GMT
X-CDN
Incapsula
Etag
"065817efe24d51:0"
Content-Type
application/x-javascript
X-Iinfo
5-133121022-0 0CNN RT(1568595734703 319) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1771245, public
Content-Length
1000
Expires
Sun, 06 Oct 2019 13:03:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1122
date
Mon, 16 Sep 2019 00:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Mon, 16 Sep 2019 02:43:33 GMT
gtm.js
www.googletagmanager.com/ 		287 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T6DFR9
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f0e87ed03873fddca319cf01c1be7c9cce707c71057d29ba9f19e866648bd54
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:15 GMT
content-encoding
br
last-modified
Mon, 16 Sep 2019 00:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
56078
x-xss-protection
0
expires
Mon, 16 Sep 2019 01:02:15 GMT
icnapplybig.ashx
www.provident.pl/~/media/bolt/footer/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/~/media/bolt/footer/icnapplybig.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bd95ed09942c9608255d8a2691decf065c7d6773e2bafbd4e619c7f00f9eb4d9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Last-Modified
Sun, 07 Feb 2016 17:08:36 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
image/png
X-Iinfo
5-133121022-133121030 SNNN RT(1568595734703 345) q(0 0 0 -1) r(8 8) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icnapplybig.png"
Accept-Ranges
bytes
Content-Length
2542
X-CDN
Incapsula
Expires
Mon, 23 Sep 2019 01:02:16 GMT
icnreviewbig.ashx
www.provident.pl/~/media/bolt/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/~/media/bolt/footer/icnreviewbig.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e9af387c1a0168cad8bc77aef0dc0e3ccd7cb38f453476495fc06c9f3a861857
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Last-Modified
Sun, 07 Feb 2016 17:08:41 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
image/png
X-Iinfo
9-109140632-109140634 NNNN CT(0 0 0) RT(1568595734978 71) q(0 0 0 -1) r(1 1) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icnreviewbig.png"
Accept-Ranges
bytes
Content-Length
1135
X-CDN
Incapsula
Expires
Mon, 23 Sep 2019 01:02:15 GMT
icninstantbig.ashx
www.provident.pl/~/media/bolt/footer/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/~/media/bolt/footer/icninstantbig.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
deb46083af7c03f29bd8a8cdf5e14d0cc473f4d6acf167101f2e74beefd76e05
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Last-Modified
Sun, 07 Feb 2016 17:08:38 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
image/png
X-Iinfo
9-109140630-109140636 NNNN CT(14 15 0) RT(1568595734977 116) q(0 0 1 -1) r(1 1) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icninstantbig.png"
Accept-Ranges
bytes
Content-Length
3690
X-CDN
Incapsula
Expires
Mon, 23 Sep 2019 01:02:15 GMT
icntickbig.ashx
www.provident.pl/~/media/bolt/footer/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/~/media/bolt/footer/icntickbig.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ef9d0998a8fe59519e96961d8c38e164e4d1cb62b827b558176747e5dbf98d63
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Last-Modified
Sun, 07 Feb 2016 17:08:39 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
image/png
X-Iinfo
10-149449252-149449255 SNNN RT(1568595734976 137) q(0 0 0 -1) r(0 0) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icntickbig.png"
Accept-Ranges
bytes
Content-Length
2633
X-CDN
Incapsula
Expires
Mon, 23 Sep 2019 01:02:15 GMT
pl_sprite.ashx
www.provident.pl/~/media/poland/rebranding_img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/~/media/poland/rebranding_img/pl_sprite.ashx
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
75c79f0e05093f0e04003f5387a81e7396b283c2642cfa7e899a85b74b628832
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/styles/core2.css?v=2.0.6.78
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Last-Modified
Tue, 06 Mar 2018 16:35:55 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
image/png
X-Iinfo
9-109140632-109140634 SNNN RT(1568595734978 172) q(0 0 0 -1) r(0 0) U2
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="pl_sprite.png"
Accept-Ranges
bytes
Content-Length
7162
X-CDN
Incapsula
Expires
Mon, 23 Sep 2019 01:02:15 GMT
_Incapsula_Resource
www.provident.pl/ 		112 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1433504790
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
c1c233746a897c53a6ac4ec257bad30e91916e3c3b6f57f85d169150ce88f364

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache
Content-Length
16398
Content-Type
application/javascript
js
www.google-analytics.com/gtm/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-N65WF56&t=gtm1&cid=1130795627.1568595736
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21dbb847643ac9150c908b606904163bff92fda4fa235d3eb3d89c314fc4006d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:15 GMT
content-encoding
br
last-modified
Mon, 16 Sep 2019 00:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
21877
x-xss-protection
0
expires
Mon, 16 Sep 2019 01:02:15 GMT
activityi;dc_pre=CNO2g72S1OQCFRqC3god4ToCzQ;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3...
4289377.fls.doubleclick.net/ Frame 9AD2
Redirect Chain
  • https://4289377.fls.doubleclick.net/activityi;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3...
  • https://4289377.fls.doubleclick.net/activityi;dc_pre=CNO2g72S1OQCFRqC3god4ToCzQ;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.prov...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4289377.fls.doubleclick.net/activityi;dc_pre=CNO2g72S1OQCFRqC3god4ToCzQ;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki;u6=cube;u7=mailing;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DFR9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4289377.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNO2g72S1OQCFRqC3god4ToCzQ;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki;u6=cube;u7=mailing;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 16 Sep 2019 01:02:15 GMT
expires
Mon, 16 Sep 2019 01:02:15 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
458
x-xss-protection
0
set-cookie
IDE=AHWqTUlEapsyxQZH6uTJFYQlOGPHGr0JScHYA1RkInlA060nUbEtC8r3Z4Zex8LZ; expires=Sat, 10-Oct-2020 01:02:15 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 16 Sep 2019 01:02:15 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4289377.fls.doubleclick.net/activityi;dc_pre=CNO2g72S1OQCFRqC3god4ToCzQ;src=4289377;type=remar0;cat=remar0;ord=1483165450990;gtm=2wg941;auiddc=206208835.1568595736;u5=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki;u6=cube;u7=mailing;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 16-Sep-2019 01:17:15 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
hotjar-759836.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-759836.js?sv=5
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.125 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-6
Software
openresty /
Resource Hash
63a7945765ba3665b74ebb1468ca590cae72e3a7be2c363e6656c34ae139c35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
101
status
200
section-io-cache
Hit
vary
Accept-Encoding
content-length
1772
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/713c215445625db207375c7a29fc6f14
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.069
section-io-id
44a2a2d8c4aa48969f61a5144b712f98
accept-ranges
bytes
content-type
application/javascript
conversion.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
03643b3505869b7309fb72664b8b44c4f6ce5069f1df39d7eddafebb7435a6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
9352
x-xss-protection
0
server
cafe
etag
15645370846369864278
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 Sep 2019 01:02:15 GMT
5596911bb1a43da97f8b4567
prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/
Redirect Chain
  • https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567
  • https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567?cookieId=5d7edf17cb9e5024182791...
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prf.audiencemanager.de/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567?cookieId=5d7edf17cb9e50241827917198338616
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.183.183 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-183-183.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 / PHP/7.2.9
Resource Hash
71e281b67af7b5f3e7f944161f52807f836ffd446eb5aadd61a34b6c45bbb783

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:16 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
4003ee02b49f4b16dad29f80144c0889
status
200, 200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-48#slave12
responsetime
10
content-type
js
content-length
1699

Redirect headers

date
Mon, 16 Sep 2019 01:02:15 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9
status
307, 307 Temporary Redirect
x-powered-by
PHP/7.2.9
location
/log/profile/user-match/type/js/sec/e9e86f570f591bbfedb76b9ed6a67968/advertiserId/55969105b1a43d9f7f8b4567/pid/5596911bb1a43da97f8b4567?cookieId=5d7edf17cb9e50241827917198338616
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-length
0
ceng-tr.html
static1.remintrex.com/ceng/pub/ Frame 7CFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static1.remintrex.com/ceng/pub/ceng-tr.html?p=a60d2a982de90fce6c6e44f209d59d34&op=127917327351a1cbec7ef2e5c1c91305
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash

Request headers

:method
GET
:authority
static1.remintrex.com
:scheme
https
:path
/ceng/pub/ceng-tr.html?p=a60d2a982de90fce6c6e44f209d59d34&op=127917327351a1cbec7ef2e5c1c91305
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki

Response headers

status
200
server
keycdn-engine
date
Mon, 16 Sep 2019 01:01:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 31 May 2016 12:28:00 GMT
etag
W/"574d8350-3fce"
cache-control
max-age=604800
expires
Mon, 23 Sep 2019 01:01:49 GMT
x-edge-location
defr
access-control-allow-origin
*
content-encoding
gzip
/
app.push-ad.com/ 		75 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.push-ad.com/?run=api/integration/304d404683c47c93b33cda450e0cfe4f3ee733ce82d9ae05f48fbcb5e3f5bdc4.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
54.38.195.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3116203.ip-54-38-195.eu
Software
nginx /
Resource Hash
5ea2540540036563c59bcb225ae1753b66d41467ff30046ba79b72c9fdef68df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
/
px.wp.pl//exdotdynamic/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.wp.pl//exdotdynamic/?gwpAction=viewProduct&gwpReferer=https%253A//www.provident.pl/pozyczka-samoobslugowa3%253Futm_source%253Dcube%2526utm_medium%253Dmailing%2526utm_term%253D377190%2526utm_content%253D48_mcy5%2526utm_campaign%253Dbankowodobrewarunki&tt=5230222236&gwpClientId=provident
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
212.77.100.251 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
px.wp.pl
Software
nginx /
Resource Hash
3acc040da884eeedde803875413be38bddcada8dc8ca86980e4fecd90f3fffad

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Language
en-US
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=ISO-8859-1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
SMkHZJjLbeIE1EF6QnFTCOzU5JUa8MS4DmhISsW/KwV522NSxCAmoHtwtKiufYxo2meOoJBLUJcCIkl+WdO6Ig==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Mon, 16 Sep 2019 01:02:15 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
track.adform.net/serving/scripts/trackpoint/async/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:15 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Mon, 23 Sep 2019 01:02:15 GMT
ExecuteAction.ashx
www.provident.pl/Custom/handlers/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/Custom/handlers/ExecuteAction.ashx?action=GetMessages&section=application-page-1&nocache=1568595735806
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7f12996c5dfb07b9dc6a51cf82912eaa55806f7f1b61f6315a3064a54f9dfb64
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
UA8DVFZSGwoFXVdbAgE=
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Encoding
deflate
X-NewRelic-App-Data
PxQDWFJWCAITXVRbAQgCVkYdFGQHBDcQUQxLA1tMXV1dSngyYU52GgFVQhUDIltHWQsPQBsBGVZIARgDVl9UUgRWFE8JFBYKcSAIUAZRclBcdwIjVCEAERwCAA5EVGo=
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
X-Iinfo
10-149449252-149449255 SNNN RT(1568595734976 210) q(0 0 0 -1) r(1 1) U14
Cache-Control
private
Content-Length
2835
X-CDN
Incapsula
ExecuteAction.ashx
www.provident.pl/Custom/handlers/ 		86 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/Custom/handlers/ExecuteAction.ashx?action=GetProductData&nocache=1568595735888
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
82680ee989efaa0b2f3d8adc5f2d193f2841b867f7b56beea6fb83e69f98eaba
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
UA8DVFZSGwoFXVdbAgE=
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Encoding
deflate
X-NewRelic-App-Data
PxQDWFJWCAITXVRbAQgCVkYdFGQHBDcQUQxLA1tMXV1dSngyYU52GgFVQhUDIltHWQsPQBsBGVZIARgDVVVTVABXFE8JFBZ0BSd9J3AgByNQBnMiUFoKERwCAA5EVGo=
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
X-Iinfo
10-149449252-149449255 SNNN RT(1568595734976 289) q(0 0 0 -1) r(1 1) U14
Cache-Control
private
Content-Length
18360
X-CDN
Incapsula
ExecuteAction.ashx
www.provident.pl/Custom/handlers/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.provident.pl/Custom/handlers/ExecuteAction.ashx?action=GetDigitalCalcStatus&nocache=1568595735991
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cd9a3456bff66704c1f008502af3a3c1b86e3caf5ebf1cf0d7d33e9c591d6726
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
UA8DVFZSGwoFXVdbAgE=
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Encoding
deflate
X-NewRelic-App-Data
PxQDWFJWCAITXVRbAQgCVkYdFGQHBDcQUQxLA1tMXV1dSngyYU52GgFVQhUDIltHWQsPQBsBGVZIARgDVlZVVghOFVMUGgVxBCN4IgJSAlBRBHZXV1MaH1YFDRFSbA==
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
X-Iinfo
10-149449252-149449255 SNNN RT(1568595734976 394) q(0 0 0 -1) r(1 1) U14
Cache-Control
private
Content-Length
426
X-CDN
Incapsula
tansparent-handle.png
www.provident.pl/images/ 		116 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/images/tansparent-handle.png
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/scripts/core.js?v=2.0.6.78
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
8368af1fd962c757baa898335a7fc959902692e3a47e788825599e9299c1e854

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/styles/core2.css?v=2.0.6.78
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Last-Modified
Mon, 17 Jun 2019 11:18:56 GMT
X-CDN
Incapsula
Etag
"0d0c673fe24d51:0"
Content-Type
image/png
X-Iinfo
10-149449252-0 0CNN RT(1568595734976 490) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1500471, public
Content-Length
116
Expires
Thu, 03 Oct 2019 09:50:06 GMT
pozyczka-samoobslugowa3
www.provident.pl/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/scripts/core.js?v=2.0.6.78
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 01:02:15 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.1
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
x-frame-options
DENY
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
X-Iinfo
10-149449253-149449256 SNNN RT(1568595734978 489) q(0 0 0 -1) r(2 2) U12
Cache-Control
private
Transfer-Encoding
chunked
X-CDN
Incapsula
_Incapsula_Resource
www.provident.pl/ 		1 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provident.pl/_Incapsula_Resource?SWKMTFSR=1&e=0.4838911826320311
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.234 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.234.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Length
1
Content-Type
text/plain
2061796600732238
connect.facebook.net/signals/config/ 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2061796600732238?v=2.9.4&r=stable
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
af2d2afdf997a13a4fe6d60e86124ca72b63d2be0f0d0794b78cc33e49637317
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
18579
x-xss-protection
0
pragma
public
x-fb-debug
qMuN0EXim/eBzHmpWM2lO/ETCNwl+Op5kLZzlst01zfw25wfs3EU7WimJ0ceTG4VjUmep1SvRNViRh6K8iz0sw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Mon, 16 Sep 2019 01:02:16 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.29a329b2f7876a65f063.js
script.hotjar.com/ 		427 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.29a329b2f7876a65f063.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.125 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-6
Software
/
Resource Hash
cf35f386309b6d7909d1e0f6d9f386620352110e961204286a35183c89e71d6f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:16 GMT
content-encoding
br
last-modified
Tue, 10 Sep 2019 16:42:07 GMT
status
200
etag
"a61484c0e907e615bb6412a5955255a4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
section-io-origin-status
200
accept-ranges
bytes
section-io-id
d411ebafa471dd9e672b83c1200d603a
content-length
73030
/
track.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=189257449042&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-097...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=189257449042&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1...
103 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=189257449042&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d1c6d97c9f720e9016fdb062d833914872c1a25ae3d089cd8b982ed56f4154ef

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
179
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
server
nginx
status
302
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1237227&ADFPageName=ALL&ADFdivider=%7C&ord=189257449042&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&ADFtpmode=2&loc=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
pxn
dot.wp.pl/r1568595736/
Redirect Chain
  • https://dot.wp.pl/s5811520619/px.gif?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3Dhttp%253A%252F%252Fs.xya.pl%252Fff6a3fa0-d602-11e9-9c1b-09759c40921b%252...
  • https://dot.wp.pl/r1568595736/pxn?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3Dhttp%253A%252F%252Fs.xya.pl%252Fff6a3fa0-d602-11e9-9c1b-09759c40921b%252FyJ...
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dot.wp.pl/r1568595736/pxn?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3Dhttp%253A%252F%252Fs.xya.pl%252Fff6a3fa0-d602-11e9-9c1b-09759c40921b%252FyJCeyIXA1CRsTCr%252F8d1c94890db0a4227d9d9c0c0a8f62d7%252Fo26yFhj09xE1YbW%252FFIN.html%253Fmid%253D27d49df6aabbc6c453e5202810216c87%2526ref%253D%26shost%3Ds.xya.pl%26ssid%3D3a4807b9a88f465273eebc342ee46ff5&pg=https%3A//www.provident.pl/pozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.100.82 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
dot.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
accept-ch
Device-Memory, DPR, Width, Viewport-Width, RTT, Downlink, ECT
x-server-details
BuVJRW1iRW1JBWVJBFfJBFfER92sDF6EBF6aBT66oEVsBFV6O1nTn9KvjWr1du6aBEZJRF6cDHJ707YCp912d7Imp9UlZs1sdgDspkUlZzpidgKr
status
204
access-control-allow-methods
GET
p3p
CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ch-lifetime
604800
server
nginx
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 16 Sep 2019 01:02:16 GMT
access-control-allow-origin
x-server-details
BuVJRW1iRW1JBWVJBFfJBFfiBk2aDuOaBTNJDE66oEVsBFV6O1nTn9KvjWr1du0cBFNsRTZiBHJ707YCp91Ed7Imp9UlZs1sdgDspkUlZzpidgKr
p3p
CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
status
301
content-length
607
pragma
no-cache
server
nginx
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
location
/r1568595736/pxn?srv=provident_conv&action=conversion&par=transId%3D1%26gwpAction%3DviewProduct%26surl%3Dhttp%253A%252F%252Fs.xya.pl%252Fff6a3fa0-d602-11e9-9c1b-09759c40921b%252FyJCeyIXA1CRsTCr%252F8d1c94890db0a4227d9d9c0c0a8f62d7%252Fo26yFhj09xE1YbW%252FFIN.html%253Fmid%253D27d49df6aabbc6c453e5202810216c87%2526ref%253D%26shost%3Ds.xya.pl%26ssid%3D3a4807b9a88f465273eebc342ee46ff5&pg=https%3A//www.provident.pl/pozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
Device-Memory, DPR, Width, Viewport-Width, RTT, Downlink, ECT
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1056593329/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1056593329/?random=1568595736195&cv=9&fst=1568595736195&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&ref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&tiba=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&rfmt=3&fmt=4
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
313457c3245ec11a41ae60220634c99334cd0beb36063d6bc79ea2f01a457f14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
1166
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=987952119&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&dr=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&ul=en-us&de=UTF-8&dt=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=aGDAgEADQ~&jid=1053843498&gjid=348107251&cid=1130795627.1568595736&tid=UA-17427387-1&_gid=37251774.1568595736&gtm=2wg941T6DFR9&z=1075022457
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 17:34:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2100452
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-17427387-1&cid=1130795627.1568595736&jid=1053843498&gjid=348107251&_gid=37251774.1568595736&_u=aGDAgEADQ~&z=1193777370
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=1053843498&_v=j79&z=1193777370
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=1053843498&_v=j79&z=1193777370&slf_rd=1&random=1820262827
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=1053843498&_v=j79&z=1193777370&slf_rd=1&random=1820262827
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=1053843498&_v=j79&z=1193777370&slf_rd=1&random=1820262827
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=987952119&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&dr=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&ul=en-us&de=UTF-8&dt=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=aGDAAEADQ~&jid=1802046577&gjid=658961942&cid=1130795627.1568595736&tid=UA-41461947-1&_gid=37251774.1568595736&_r=1&gtm=2wg941T6DFR9&cd1=Poland&z=2140519448
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
get-piggybacks
www.audiencemanager.de/log/profile/ Frame 47F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.audiencemanager.de/log/profile/get-piggybacks?pid=5596911bb1a43da97f8b4567&requesterId=4003ee02b49f4b16dad29f80144c0889&cookieId=5d7edf17cb9e50241827917198338616
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.183.183 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-183-183.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 / PHP/7.2.9
Resource Hash

Request headers

:method
GET
:authority
www.audiencemanager.de
:scheme
https
:path
/log/profile/get-piggybacks?pid=5596911bb1a43da97f8b4567&requesterId=4003ee02b49f4b16dad29f80144c0889&cookieId=5d7edf17cb9e50241827917198338616
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
accept-encoding
gzip, deflate, br
cookie
Nano=5d7edf17cb9e50241827917198338616; NmpDBM=DBM; NmpAppNexus=AppNexus; NmpIMD=IMD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki

Response headers

status
200 200 OK
date
Mon, 16 Sep 2019 01:02:16 GMT
content-type
text/html;charset=UTF-8
content-length
824
server
Apache/2.4.34 (Unix) PHP/7.2.9
x-powered-by
PHP/7.2.9
requestid
cf39153f13b49cd6b4d63778e7d77e9c
hostname
10-0-13-186#slave13
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
responsetime
6
vary
Accept-Encoding
content-encoding
gzip
map
prf.audiencemanager.de/log/profile/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&google_nid=nano_dmp&google_cm&google_sc&cb=1568595736
  • https://prf.audiencemanager.de/log/profile/map?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&cb=1568595736&google_gid=CAESEOACW5ZdJps9gPejkNtfJtM&google_cver=1
43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prf.audiencemanager.de/log/profile/map?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&cb=1568595736&google_gid=CAESEOACW5ZdJps9gPejkNtfJtM&google_cver=1
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.183.183 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-183-183.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:16 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
08a80f73cdf772ad11418f50a6aeb98e
status
200, 200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-14-26#slave20
responsetime
5
content-type
image/gif
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://prf.audiencemanager.de/log/profile/map?sourceId=55969105b1a43d9f7f8b4567&sourceType=a&cb=1568595736&google_gid=CAESEOACW5ZdJps9gPejkNtfJtM&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
373
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
www.audiencemanager.de/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fwww.audiencemanager.de%2Fcm%3Fprovider%3DAppNexus%26sourceId%3D55969105b1a43d9f7f8b4567%26sourceType%3Da%26adnxs_uid%3D%24UID%26cb%3D1568595736
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fwww.audiencemanager.de%252Fcm%253Fprovider%253DAppNexus%2526sourceId%253D55969105b1a43d9f7f8b4567%2526sourceType%253Da%2526adnxs_uid%253D...
  • https://www.audiencemanager.de/cm?provider=AppNexus&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&adnxs_uid=2607443855408164732&cb=1568595736
43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.audiencemanager.de/cm?provider=AppNexus&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&adnxs_uid=2607443855408164732&cb=1568595736
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.183.183 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-183-183.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:16 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
9b36be593762ee341429ee74afda84f8
status
200, 200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-14-203#slave21
responsetime
5
content-type
image/gif
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 16 Sep 2019 01:02:18 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.239:80
AN-X-Request-Uuid
c57bc87c-6db9-4b8b-abe0-25803c772a20
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://www.audiencemanager.de/cm?provider=AppNexus&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&adnxs_uid=2607443855408164732&cb=1568595736
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
www.audiencemanager.de/
Redirect Chain
  • https://ice.360yield.com/server_match?r=https%3A%2F%2Fwww.audiencemanager.de%2Fcm%3Fprovider%3DIMD%26sourceId%3D55969105b1a43d9f7f8b4567%26sourceType%3Da%26imd_uid%3D%7BPUB_USER_ID%7D%26partner_id%...
  • https://ice.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fwww.audiencemanager.de%2Fcm%3Fprovider%3DIMD%26sourceId%3D55969105b1a43d9f7f8b4567%26sourceType%3Da%26imd_uid%3D%7BPUB_USER_ID%7D%26partn...
  • https://www.audiencemanager.de/cm?provider=IMD&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&imd_uid=307d8d57-8202-48d8-b27d-7bf4cb12f0cb&partner_id=4&cb=1568595736
43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.audiencemanager.de/cm?provider=IMD&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&imd_uid=307d8d57-8202-48d8-b27d-7bf4cb12f0cb&partner_id=4&cb=1568595736
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.183.183 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-183-183.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:16 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
7b89558b75f81a0c7525d6ead50d43c4
status
200, 200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-15-147#slave4
responsetime
7
content-type
image/gif
content-length
43

Redirect headers

status
302
date
Mon, 16 Sep 2019 01:02:16 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
location
https://www.audiencemanager.de/cm?provider=IMD&sourceId=55969105b1a43d9f7f8b4567&sourceType=a&imd_uid=307d8d57-8202-48d8-b27d-7bf4cb12f0cb&partner_id=4&cb=1568595736
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
api2.push-ad.com/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api2.push-ad.com/?run=api/css/1/main.css&3=1&id=809
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
54.38.195.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3116203.ip-54-38-195.eu
Software
nginx /
Resource Hash
6f0133d52c0cdf3b45860a646751b3b17035a92f1d8940aebe054fed95f19a8f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Mon, 16 Sep 2019 01:02:16 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/css; charset: UTF-8;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 17 Sep 2019 01:02:16 GMT
info.php
api2.push-ad.com/server/ 		751 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.push-ad.com/server/info.php
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
54.38.195.141 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3116203.ip-54-38-195.eu
Software
nginx /
Resource Hash
324ad70a810b5f39893d4656ac2ca78cedda96fabfed0dad9f6a4476788ba2dc

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
cache
Date
Mon, 16 Sep 2019 01:02:16 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 16 Sep 2019 02:02:16 GMT
569634303396026
connect.facebook.net/signals/config/ 		307 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/569634303396026?v=2.9.4&r=stable
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
bea5841f359f9b22cef238b4650caebf9baf4d21438ba39222e7eb94691dd324
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79754
x-xss-protection
0
pragma
public
x-fb-debug
juanSBRezC2MeE6ogjPk9RwexTQ6t307vL/tdtgGidgl0xZZTtGNKN96LNk+DpedOKX0SDH5mSpS8sw+ifP8rw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Mon, 16 Sep 2019 01:02:16 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2061796600732238&ev=PageView&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&rl=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&if=false&ts=1568595736221&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=28&fbp=fb.1.1568595736220.716670157&it=1568595736180&coo=false&rqm=GET
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 16 Sep 2019 01:02:16 GMT
/
www.google.com/pagead/1p-user-list/1056593329/ 		42 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1056593329/?random=1568595736195&cv=9&fst=1568595600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&ref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&tiba=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&fmt=3&is_vtc=1&random=1098003235&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1056593329/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1056593329/?random=1568595736195&cv=9&fst=1568595600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&ref=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&tiba=Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska&fmt=3&is_vtc=1&random=1098003235&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 9CA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.125 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-6
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki

Response headers

status
200
date
Mon, 16 Sep 2019 01:02:16 GMT
content-type
text/html
content-length
787
cache-control
max-age=31536000
content-encoding
br
last-modified
Mon, 12 Aug 2019 15:26:38 GMT
etag
"5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status
200
section-io-origin-time-seconds
0.041
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
d86096e7fb0f0154a68dcffa2e460a9d
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
j7QA7RQaEHTbXaE96kb8cBTADTBWrUE0ZvIioLLHMdNfAPc8C9McCMFEMzVIuD4iCIctNTnNVk48uLjlnoToNw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Mon, 16 Sep 2019 01:02:16 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=569634303396026&ev=PageView&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%...
  • https://cx.atdmt.com/?c=9659479574676662490&f=AYyDkEgZsGk2NwjSUYZzDKMYBEXyBjWk_5vy_dco2bsSMGkGNRBsbMP9AKTsrx5jjavK4oL4P7R0NqVceb27btsc&id=569634303396026&l=3&v=0
42 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=9659479574676662490&f=AYyDkEgZsGk2NwjSUYZzDKMYBEXyBjWk_5vy_dco2bsSMGkGNRBsbMP9AKTsrx5jjavK4oL4P7R0NqVceb27btsc&id=569634303396026&l=3&v=0
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0ff:2:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 16 Sep 2019 01:02:16 GMT
content-type
image/gif
content-length
42
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:16 GMT
server
proxygen-bolt
status
302
content-type
text/plain
location
https://cx.atdmt.com/?c=9659479574676662490&f=AYyDkEgZsGk2NwjSUYZzDKMYBEXyBjWk_5vy_dco2bsSMGkGNRBsbMP9AKTsrx5jjavK4oL4P7R0NqVceb27btsc&id=569634303396026&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
www.facebook.com/tr/ 		44 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=569634303396026&ev=Microdata&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki&rl=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&if=false&ts=1568595736758&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Po%C5%BCyczka%20Samoobs%C5%82ugowa%20Provident%20Polska%22%2C%22meta%3Adescription%22%3A%22We%C5%BA%20Po%C5%BCyczk%C4%99%20Samoobs%C5%82ugow%C4%85%20online%20w%20Provident%20Polska.%20Nawet%20do%2020%20000%20z%C5%82.%20RRSO%20160%2C54%25.%20Z%C5%82%C3%B3%C5%BC%20wniosek%20teraz!%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Asite_name%22%3A%22%22%2C%22og%3Atype%22%3A%22%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1568595736220.716670157&it=1568595736180&coo=false&es=automatic&rqm=GET
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 16 Sep 2019 01:02:16 GMT
nr-spa-1130.min.js
js-agent.newrelic.com/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1130.min.js
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce53889b85805db1d3a424a2252749ed3a377b400f4a03a709a6304c84116d03

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 01:02:16 GMT
content-encoding
gzip
x-amz-request-id
B0780A9F2A203A70
x-cache
HIT
status
200
content-length
13148
x-amz-id-2
Nr5A4+sRvUGdPMqJLWdpk9Qt7NDZKIreMhjKkzVD8SaYCMAgCot3wpVaUPJ4u+BK0q2GXjM42AE=
x-served-by
cache-hhn4059-HHN
last-modified
Tue, 09 Jul 2019 23:52:08 GMT
server
AmazonS3
x-timer
S1568595737.964881,VS0,VE0
etag
"312761e7cd4a61f0ea2e2e6265f5f365"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
801
tsc
nsm.tr.netsalesmedia.pl/ts/i5533769/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsm.tr.netsalesmedia.pl/ts/i5533769/tsc?sid=https%253A%252F%252Fwww.provident.pl%252Fpozyczka-samoobslugowa3%253Futm_source%253Dcube%2526utm_medium%253Dmailing%2526utm_term%253D377190%2526utm_content%253D48_mcy5%2526utm_campaign%253Dbankowodobrewarunki&rrf=http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D&rmd=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.187.117.15 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
15.117.187.35.bc.googleusercontent.com
Software
nginx/1.13.9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:17 GMT
last-modified
Mon, 16 Sep 2019 01:02:17 GMT
server
nginx/1.13.9
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
status
200
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=987952119&t=event&_s=1&dl=https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D37...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17427387-1&cid=1130795627.1568595736&jid=410293809&_gid=37251774.1568595736&gjid=466006740&_v=j79&z=1541613001
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=410293809&_v=j79&z=1541613001
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=410293809&_v=j79&z=1541613001&slf_rd=1&random=1231968433
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=410293809&_v=j79&z=1541613001&slf_rd=1&random=1231968433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Sep 2019 01:02:17 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17427387-1&cid=1130795627.1568595736&jid=410293809&_v=j79&z=1541613001&slf_rd=1&random=1231968433
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ae8d4fd7aa
bam.nr-data.net/1/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/ae8d4fd7aa?a=9596950&v=1130.54e767a&to=YlYHYkpWXRYDARZQDVscMERRGGg1DQ4DVwZoHBVZQk5QHwkDQkoDWFwKVEtbRgINFQMK&rst=1931&ref=https://www.provident.pl/pozyczka-samoobslugowa3&ap=126&be=501&fe=1862&dc=597&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1568595735098,%22n%22:0,%22f%22:175,%22dn%22:176,%22dne%22:224,%22c%22:224,%22s%22:229,%22ce%22:240,%22rq%22:240,%22rp%22:481,%22rpe%22:500,%22dl%22:492,%22di%22:597,%22ds%22:597,%22de%22:597,%22dc%22:1861,%22l%22:1861,%22le%22:1912%7D,%22navigation%22:%7B%7D%7D&fp=624&fcp=624&jsonp=NREUM.setToken
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
ae8d4fd7aa
bam.nr-data.net/resources/1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/ae8d4fd7aa?a=9596950&v=1130.54e767a&to=YlYHYkpWXRYDARZQDVscMERRGGg1DQ4DVwZoHBVZQk5QHwkDQkoDWFwKVEtbRgINFQMK&rst=2384&ref=https://www.provident.pl/pozyczka-samoobslugowa3&st=1568595735098
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.provident.pl
Access-Control-Allow-Credentials
true
Content-Length
0
Content-Type
text/plain
ae8d4fd7aa
bam.nr-data.net/events/1/ 		24 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/ae8d4fd7aa?a=9596950&v=1130.54e767a&to=YlYHYkpWXRYDARZQDVscMERRGGg1DQ4DVwZoHBVZQk5QHwkDQkoDWFwKVEtbRgINFQMK&rst=2390&ref=https://www.provident.pl/pozyczka-samoobslugowa3
Requested by
Host: www.provident.pl
URL: https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.provident.pl/pozyczka-samoobslugowa3?utm_source=cube&utm_medium=mailing&utm_term=377190&utm_content=48_mcy5&utm_campaign=bankowodobrewarunki
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.provident.pl
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

274 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent string| dispStatus string| oldDispStatus boolean| bmProcessing string| GoogleAnalyticsObject function| ga object| dataLayer object| google_tag_data object| gaplugins object| google_tag_manager function| setCookie object| gaGlobal object| gaData function| hj object| _hjSettings object| google_conversion_id object| google_custom_params object| google_remarketing_only string| gwpAction string| gwpReferer number| tt object| requestParams string| gwpClientId object| gwpPxInfo function| fbq function| _fbq object| _adftrack object| global function| addDataError function| addDataErrorForCallback function| removeDataError function| getMessages function| isIE function| getLang function| deviceType function| GetCalcStatus function| GetDigitalCalcStatus function| SetDigitalCalcData function| GetCitiesByStateId function| GetAutoCompleteData function| GetBrokerAutoCompleteData function| GetBrokerIsValidId function| GetStageOneDetails function| CheckAddressData function| CheckUser function| CheckCustomerUniqueEmail function| CheckPesl function| CheckIdCard function| CheckBankAccountNumber function| GetFOrmData function| validateID function| checkName function| checkFirstName function| CheckROPINNumber function| GetMessageText function| CheckVatId function| CheckPhoneNumber function| CheckMobileNumber function| CheckPreferedDate function| DackClick function| CheckIDNumberValidation function| redirectToLogin function| getLoggedInUser function| isLoggedIn function| redirectIfNotSignedIn function| getIndividualDetails function| getBoltStageOneDetails function| getBoltStageTwoDetails function| getBoltAbandonedStageDetails function| getAddressDetails function| getTaxIdPL function| getFinancialDetails function| GetPersonalDetailsForNextLoan function| GetParallelLoanDetail function| GetRefinanceLoanDetail function| SetUserEndSession function| PostSendUserDipReferralSummary function| getHandlerUrl function| getAjaxData function| isValidated function| enableField function| resetField function| resetForm function| revalidateField function| revalidateFieldWithFrm function| enabRevalFieldValidator function| enableFieldValidator function| disableFieldValidator function| togglefv function| changeattr function| getname function| getId function| removename function| addname function| copytext function| elemExists function| disabl function| setInpVal function| rdonly function| editable function| setInputVal function| addClass function| setRbVal function| setRbTableVal function| setDrpVal function| pad function| addProcIcon function| getUrlParameter function| formatNumber function| getCalculatorDataWebservice function| translate function| getDocumentsBYAgreementID function| initDocs function| modalHeight function| printTermsandConditionForm function| printInformationForm function| ipfgetvalue function| ipfgetplaceholder function| ipfgetvalueonly function| formCancel function| doModal function| ipfBoltPageFormReset function| ipfCheckIEVersion function| showHideAccordionFn function| isLocalStorageNameSupported function| cLog function| RsaEncrypt function| getBMParameterValues function| GetTenantData function| GetAutoCompleteRuianData function| GetAutoCompleteGoogleData function| GetAutoCompleteCribisData function| GetLoanApplicationsData function| CheckAutoCompleteValid function| SaveInfoFormConsent string| loginUrl string| g_msgs string| localLang undefined| _informationForm undefined| _powerOfAttorney undefined| _loanContract undefined| _currentSchedule undefined| _repaymentSchedule undefined| _summaryOfLoanTerms undefined| _repaymentHistory function| substringMatcher undefined| pdfHost function| resizeJobs function| toggleBrokerFields function| brokerSearchClicked function| equalHeight function| createCookie function| readCookie function| eraseCookie string| ipfSettingsCalcPackage boolean| isOperaBrowser object| currentRequest undefined| refreshIntervalId undefined| popupDelayId boolean| popupOnStage4 number| dispTimeoutIntervalId boolean| bankverificationWindowClosed function| formatHiddentVars function| VerifyCustomer function| getParameterByName function| VerifyOTP function| ForgottenPasswordVerify function| VerifyCustomerWithMobileNumber function| VerifyCustomerWithAgreementNumber function| VerifyCustomerWithPwd function| RenewToken function| ValidateCaptcha function| ShowLoginSuccess function| ShowLoginError function| NonInterimgenerateOTP function| generateOTP function| Logout number| remainingAttempts number| tokenExpiryInterval number| pageLength undefined| baseapiurl function| ClearLoginSession function| CheckTokenExpiry function| CheckLoginSession function| CreateCredentials function| ShowCreateCrendentialsSuccess function| ShowCreateCrendentialsError function| RegisterCustomer function| ShowrRegisterSuccess function| ShowRegisterError function| ChangePassWord function| putForgetPassword function| $ function| jQuery object| jQuery111205472659801144399 object| store function| SearchIndex function| Bloodhound object| Placeholders function| eve function| Raphael function| module object| Charts object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| Adform object| KJUR object| adf function| gwp_isInt function| gwp_getTransId function| gwp_getExtParams function| gwp_getProducts function| gwp_getPrice function| gwp_getQuantity function| getFromCookie function| setToCookie function| getSetSSID function| gwp_documentReferrer string| gwpSn string| gwpDotAction string| gwpPar object| gwpDot function| S4 function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_optimize object| ifr object| img boolean| PushAdReady object| pushAdHelper

25 Cookies

Domain/Path Name / Value
.audiencemanager.de/ Name: NmpAppNexus
Value: AppNexus
.provident.pl/ Name: _fbp
Value: fb.1.1568595736220.716670157
.doubleclick.net/ Name: IDE
Value: AHWqTUlEapsyxQZH6uTJFYQlOGPHGr0JScHYA1RkInlA060nUbEtC8r3Z4Zex8LZ
.provident.pl/ Name: _dc_gtm_UA-17427387-1
Value: 1
www.provident.pl/ Name: base_referer
Value: http%3A%2F%2Fs.xya.pl%2Fff6a3fa0-d602-11e9-9c1b-09759c40921b%2FyJCeyIXA1CRsTCr%2F8d1c94890db0a4227d9d9c0c0a8f62d7%2Fo26yFhj09xE1YbW%2FFIN.html%3Fmid%3D27d49df6aabbc6c453e5202810216c87%26ref%3D
.provident.pl/ Name: _gat_UA-41461947-1
Value: 1
www.provident.pl/ Name: ___utmvc
Value: YDnkxnEA162Oy8BKBGXdrz7eE5CYMOpLvk1LQVZKLwqsOQ70uXnm3iR8xP6MTIU3cJd3LUFmD6H1NMNNHXwUOY6z7w5OBeIQFD9euKfhMXnfHlGZH3x2aY1ugwvLr0PgInUBLyZIcybOYeKSdAuunhOFAuRh2EBS9xLBbbNnol0lKnKEDTfGGcVa9hmisREHOEbT47lEuFdZfY8EhQB4ukI0QrWS+vpxZ7lSH3ZcOgRh1DEeBcc4QTlLmoYcHrFuCchku5UXtX+qPfJTWxxg2JD8+ssBPBqJkfyokoTX40QpXwYzEr7etvcY1bRKgRH3pEZWuXRRRoMnKw/x16rkLoeASsXwnYmLPAPFjLzgAy+yk6u1IoMPAkz1Ul3sl0GvQLOnT/OGODswd5HKk+pw8/DZnQ80Lt6FTE9054EPxWpKo9vwtZ2b2+YKgco85tzR+haTJMkyPgL/v5SR3/S9FWef03gRb0hXqvY0EBT4Twh3ew62lnhyFoI5hK0j2hdhb+QRejrhZxoyVaBAg8fghnIzW7m+ddPPRdqyyxTH//CfxaIZ1aNgLbwhZ3tj7eBAtMNRAHBZSzIzUu7XVxFad/noTcV1W+w9AVCmn2DxAPz7Hem+uo35qJKIKHR5M+1QFbaSD0YjsAic5Po2MbN12nPd0+u83oHazthZCykFOnlUVgkzT0z0b1j5MI94f+wcobl9ANAjI7erC9zmWSsXPREhATPNUwt7D+W8b1p7WM6TUNmKIKqmbLkAsCSCpAJRtr3Pep3/3lyVt5RzOk5UkyXAZHxuZd9uYmzK/OYXNjkDWTSvv0e7MyaztDS+7ZWP/sjZzZKRg4KW46y0l3Hq+vaFsSfSoOfT3kvz3nr3EWdj2MOvw/84RIplWLGgja2/xh/uKADikp2UgyRu0GFPl1c/mBblJxO/ZoeQObVJwv/XTPfGT7gZ28uO+3S0/CZT87pa5rEdjoAjCce/CXC7DeV48VMkRqjOOusxnts9xiHXbDyIFDHoQGNlRAnAwSN566QxmESFsWAhrzHaP9U/Otpp1NRsLYnl2I9I2/OAPLQ5UYZ7qlSnNLgLra4/uNeq3nb2erfP/NKj3uRr3WJM1nsi2siFL0XRJNiWHppDPp31xUeveZx2tu78Xpq/BX/bY+q1dCBtDGnjNasgoLTVJfx8XIakzEH3a2uHYTxyEU4bn9u+CDmjbpHhdVBsUSyEh9mknPuxXWFkZZkddNJvKkueHJb8fEn8G0pvVOPmQhkcZxXb7LZ4+gH3/3/eFnXeEUkDjKxehqtho9t40g7HaYu83e1OqdbQTT0n6g81i2s7GpCXrDUx6UQigX1sO0aKbbyjwdS0V1b3mUYnN3/8Pkkgc4sqoyNYGFfNe1NRm2O/e2O02YDfMRotXiX5mxt8uDlEsx+0htqzj5yMJhjqb+p4cxw5uXxknjjVy3A17vu+Pl9tmuyW6uZ3G6/Z/bF13eWCx+f8no4aujU6+TxzWKsIE4afcbCQOO16U8/sSVd5xNNMTd8Qb6HgkXN1xz4vS4IEyoNj4Xf2uKhXo9lqOAjJoLLyQaFp/OFlpxt4uxjL48AIVm5ghYuPsDR0iCuiMUT7fYLcSezWujD6xLAygX2gvqwnxVjR2BZyOb8sZGlnZXN0PTExNzUzOSxzPTg3OTlhNzgxODA3Yjk0ODc2Yzc4N2FhZmE4N2U4Yjc5ODI4NTdkN2E3YTg0OWNiMGFhNjlhNDg3OWQ2YTYzN2Q3YjY5N2ViMDc0YTg3NDcy
.audiencemanager.de/ Name: NmpDBM
Value: DBM
.provident.pl/ Name: _gid
Value: GA1.2.37251774.1568595736
.provident.pl/ Name: _hjid
Value: fb65f2df-a72d-40cc-94e1-bd51935d13c8
.provident.pl/ Name: _ga
Value: GA1.2.1130795627.1568595736
.audiencemanager.de/ Name: Nano
Value: 5d7edf17cb9e50241827917198338616
.remintrex.com/ Name: p-a60d2a982de90fce6c6e44f209d59d34
Value: 127917327351a1cbec7ef2e5c1c91305-1568595735817-https%3A%2F%2Fwww.provident.pl%2Fpozyczka-samoobslugowa3%3Futm_source%3Dcube%26utm_medium%3Dmailing%26utm_term%3D377190%26utm_content%3D48_mcy5%26utm_campaign%3Dbankowodobrewarunki-
www.provident.pl/ Name: ssid
Value: 3a4807b9a88f465273eebc342ee46ff5
.provident.pl/ Name: visid_incap_192409
Value: pkK857CjSGSZu2GD288Mzhbffl0AAAAAQUIPAAAAAADij85Aua/1Ifj1KBlK55S+
www.provident.pl/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: abd9de0c3113468b97ad973501293696
.provident.pl/ Name: dctraffic
Value: cube / mailing
.provident.pl/ Name: dcmedium
Value: mailing
.audiencemanager.de/ Name: NmpIMD
Value: IMD
.provident.pl/ Name: dcsource
Value: cube
www.provident.pl/ Name: ASP.NET_SessionId
Value: c5nkkswgq4q2gm3zkepzxs5y
www.provident.pl/ Name: T4G-80-STICKY-COOKIE
Value: ffffffff0925151d45525d5f4f58455e445a4a423660
.provident.pl/ Name: _gcl_au
Value: 1.1.206208835.1568595736
.provident.pl/ Name: incap_ses_473_192409
Value: or2ZMagEhHJjcuKlfnCQBhbffl0AAAAAGyb6paPryhIhO98GEp8MPQ==
www.provident.pl/ Name: SC_ANALYTICS_SESSION_COOKIE
Value: CB02C5FE26684A52956AB0C7E0637952|0|c5nkkswgq4q2gm3zkepzxs5y

4 Console Messages

Source Level URL
Text
console-api log URL: https://www.provident.pl/scripts/core.js?v=2.0.6.78(Line 8)
Message:
Fetching Ajax data from /Custom/handlers/ExecuteAction.ashx?action=GetMessages&section=application-page-1&nocache=1568595735806
console-api log URL: https://www.provident.pl/scripts/core.js?v=2.0.6.78(Line 8)
Message:
Fetching Ajax data from /Custom/handlers/ExecuteAction.ashx?action=GetProductData&nocache=1568595735888
console-api log URL: https://www.provident.pl/scripts/core.js?v=2.0.6.78(Line 8)
Message:
Fetching Ajax data from /Custom/handlers/ExecuteAction.ashx?action=GetDigitalCalcStatus&nocache=1568595735991
console-api log (Line 2)
Message:
remove

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4289377.fls.doubleclick.net
api.spoldzielnia.nsaudience.pl
api2.push-ad.com
app.push-ad.com
bam.nr-data.net
cm.g.doubleclick.net
connect.facebook.net
cx.atdmt.com
dot.wp.pl
googleads.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
js-agent.newrelic.com
ms0481.m.lrmailr.pl
nsm.tr.netsalesmedia.pl
prf.audiencemanager.de
px.wp.pl
s.xya.pl
script.hotjar.com
static.hotjar.com
static1.remintrex.com
stats.g.doubleclick.net
track.adform.net
track.komktracker.pl
vars.hotjar.com
www.audiencemanager.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.provident.pl
138.201.139.208
147.75.83.125
149.126.77.234
151.101.114.110
162.247.242.21
172.217.23.130
212.77.100.251
212.77.100.82
216.58.207.66
216.58.210.6
2a00:1450:4001:815::2002
2a00:1450:4001:819::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f0ff:2:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
35.187.117.15
37.157.4.24
37.252.172.250
51.255.51.135
52.29.93.239
52.50.109.222
54.246.183.183
54.38.195.141
85.194.246.170
01f9007bbf488e3461ac63a167234108f8f025fc96318e590b82b03dba39334e
03643b3505869b7309fb72664b8b44c4f6ce5069f1df39d7eddafebb7435a6d2
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
21dbb847643ac9150c908b606904163bff92fda4fa235d3eb3d89c314fc4006d
2663c0838335c9c134b71b9d47810a2f3664de4da210a5a8dde896d2a7c5ea51
313457c3245ec11a41ae60220634c99334cd0beb36063d6bc79ea2f01a457f14
324ad70a810b5f39893d4656ac2ca78cedda96fabfed0dad9f6a4476788ba2dc
3acc040da884eeedde803875413be38bddcada8dc8ca86980e4fecd90f3fffad
3c6e639d4e6b8be24b4cd0480cedcdda45689ecf3dd11fede874250dd01545dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
57f02d5ef19dfa2e6139af1c6536f7cbca36d29508d87b50f38c43fd10b0657d
5ea2540540036563c59bcb225ae1753b66d41467ff30046ba79b72c9fdef68df
63a7945765ba3665b74ebb1468ca590cae72e3a7be2c363e6656c34ae139c35e
6580397b3350581306b30e28753366afd39021b0ceb4cb22b80956cabe045aa1
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f0133d52c0cdf3b45860a646751b3b17035a92f1d8940aebe054fed95f19a8f
71e281b67af7b5f3e7f944161f52807f836ffd446eb5aadd61a34b6c45bbb783
75c79f0e05093f0e04003f5387a81e7396b283c2642cfa7e899a85b74b628832
7e7e3da2a9617ffd0b0349c5b422dc55c16942190296f9379bbb886cb8e1b17f
7f0e87ed03873fddca319cf01c1be7c9cce707c71057d29ba9f19e866648bd54
7f12996c5dfb07b9dc6a51cf82912eaa55806f7f1b61f6315a3064a54f9dfb64
82680ee989efaa0b2f3d8adc5f2d193f2841b867f7b56beea6fb83e69f98eaba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8368af1fd962c757baa898335a7fc959902692e3a47e788825599e9299c1e854
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
af2d2afdf997a13a4fe6d60e86124ca72b63d2be0f0d0794b78cc33e49637317
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b91d1b8888b77fdbf5d54b3ed71f03b1473cd97bb13fadb4fe5efe0e7eaf20
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
bd95ed09942c9608255d8a2691decf065c7d6773e2bafbd4e619c7f00f9eb4d9
bdbf1390d5db221d4a823bcaa857615fa0d91a0af51967af6e31f0b478e2abc5
bea5841f359f9b22cef238b4650caebf9baf4d21438ba39222e7eb94691dd324
c1c233746a897c53a6ac4ec257bad30e91916e3c3b6f57f85d169150ce88f364
c6ad937ca9505a32f308f04174e08b7ae18ffa2a01769586cd80ecaf4d542ed7
c771b13382737d9e935a965a486574efb1d8f1ea729e7ba72c77fd9bbe563f23
cd9a3456bff66704c1f008502af3a3c1b86e3caf5ebf1cf0d7d33e9c591d6726
ce53889b85805db1d3a424a2252749ed3a377b400f4a03a709a6304c84116d03
cf35f386309b6d7909d1e0f6d9f386620352110e961204286a35183c89e71d6f
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d1c6d97c9f720e9016fdb062d833914872c1a25ae3d089cd8b982ed56f4154ef
d8129babd9b293633d69d028ef9097f04cca3206de80aefa269e409c16828799
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
deb46083af7c03f29bd8a8cdf5e14d0cc473f4d6acf167101f2e74beefd76e05
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9af387c1a0168cad8bc77aef0dc0e3ccd7cb38f453476495fc06c9f3a861857
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9d0998a8fe59519e96961d8c38e164e4d1cb62b827b558176747e5dbf98d63
f4c5ad19a5806e58d5244a8fd11fa1b56df53082c52489c8d3b5ea9067b1d245
f6390ca5f8fd14c80718471a30e20d07569271320766fef35bb37bdc2b173e57