pl2b.food-voucher.com Open in urlscan Pro
138.201.27.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eviewd.com/901FA05626DDDE074FB17980F95AE5D6E88AC45C07220DFDE76FC257F3C3BA18/show.aspx#ILOZCioHw5LjsU.php4?d...
Effective URL:
https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Submission: On December 16 via manual (December 16th 2020, 4:50:45 pm UTC) from PL

Summary HTTP 25 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 25 HTTP transactions. The main IP is 138.201.27.20, located in Germany and belongs to HETZNER-AS, DE. The main domain is pl2b.food-voucher.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 30th 2020. Valid for: 3 months.

This is the only time pl2b.food-voucher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:4871	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	178.162.135.100 178.162.135.100	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	217.79.178.68 217.79.178.68	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	44.238.45.132 44.238.45.132	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.4.239 34.250.4.239	16509 (AMAZON-02) (AMAZON-02)
1 5	138.201.27.20 138.201.27.20	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
25	11

1 2606:4700:20::ac43:4871 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eviewd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.135.100 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: s4.firehosted.net

runwaywork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.178.68 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: vps1936457.dedi.server-hosting.expert

www.smoothtrk2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.45.132 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-45-132.us-west-2.compute.amazonaws.com

secure.trafficlink2000.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.4.239 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-4-239.eu-west-1.compute.amazonaws.com

tracking.trkkadsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.27.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: s1.golead7.pl

campaign.golead7.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl2b.food-voucher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	facebook.com www.facebook.com	929 B
4	facebook.net connect.facebook.net	230 KB
4	food-voucher.com pl2b.food-voucher.com	265 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	179 KB
3	runwaywork.com 2 redirects runwaywork.com	1 KB
2	google.com www.google.com	778 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	29 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
1	fontawesome.com use.fontawesome.com	13 KB
1	golead7.pl 1 redirects campaign.golead7.pl	782 B
1	trkkadsm.com 1 redirects tracking.trkkadsm.com	2 KB
1	trafficlink2000.com 1 redirects secure.trafficlink2000.com	304 B
1	smoothtrk2.com 1 redirects www.smoothtrk2.com	572 B
1	eviewd.com 1 redirects eviewd.com	635 B
25	14

	Domain	Requested by
6	www.facebook.com	pl2b.food-voucher.com
4	connect.facebook.net	pl2b.food-voucher.com connect.facebook.net
4	pl2b.food-voucher.com	runwaywork.com pl2b.food-voucher.com
3	runwaywork.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	pl2b.food-voucher.com www.gstatic.com
2	maxcdn.bootstrapcdn.com	pl2b.food-voucher.com
1	www.gstatic.com	www.google.com
1	ajax.googleapis.com	pl2b.food-voucher.com
1	use.fontawesome.com	pl2b.food-voucher.com
1	fonts.googleapis.com	pl2b.food-voucher.com
1	campaign.golead7.pl	1 redirects
1	tracking.trkkadsm.com	1 redirects
1	secure.trafficlink2000.com	1 redirects
1	www.smoothtrk2.com	1 redirects
1	eviewd.com	1 redirects
25	16

This site contains links to these domains. Also see Links.

Domain
www.4lead.pl
www.addservicemedia.de
www.outspot.pl
www.lead-creative.com
salelifter.com
www.t-a-o.pl
widigo.pl
www.zuwi.eu
www.cafcall.pl
www.wwf.pl
amnesty.org.pl
unicef.pl
www.kancelaria-sobierajska.pl
www.naster.pl
passive-instal.pl
www.neocraft.eu
www.link4.pl
sundaypolska.pl
colonnade.pl
ctdp.pl
www.nn.pl
pl.transcom.com
fyrklovern.pl
anulujkredyt.pl
www.freepik.com
www.facebook.com
www.youronlinechoices.com

Subject Issuer	Validity	Valid
pl1a.food-voucher.com Let's Encrypt Authority X3	`2020-10-30` - `2021-01-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Frame ID: FC2A58308156566A0284D1D74423775D
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpBLIZAAAAAFKoBPgDtiin0A0XYsJ3jd-DR0vg&co=aHR0cHM6Ly9wbDJiLmZvb2Qtdm91Y2hlci5jb206NDQz&hl=en&v=NTa-8tBgsAw62CYTJPliVdrV&size=invisible&cb=pt4x9vsu4r04
Frame ID: 48941A103BE5637C9E91F2A04D84A51F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://eviewd.com/901FA05626DDDE074FB17980F95AE5D6E88AC45C07220DFDE76FC257F3C3BA18/show.aspx HTTP 302
http://runwaywork.com/anchor HTTP 301
http://runwaywork.com/anchor/ Page URL
http://runwaywork.com/ILOZCioHw5LjsU.php4?d5kcRzcctX37cwCWxcGcP2ctcw4F7d0s0cbbb30 HTTP 302
https://www.smoothtrk2.com/4ZWGKB6/H8125TG/?sub1=35_198141_2479378&sub2=2207_2242892_2459732_15&sub3=57... HTTP 302
https://secure.trafficlink2000.com/?c=16288&s1=2465&s2=ab5ea54c61b54999b0d6844beb734a45 HTTP 302
https://tracking.trkkadsm.com/aff_c?offer_id=88&aff_id=1054&aff_sub2=5fda3ad20fe91&aff_sub=201 HTTP 302
https://campaign.golead7.pl/pl2b,food,voucher,com_12.html?idPartner=8&idCampaignAd=0&subId=1054-201&subI... HTTP 302
https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309& Page URL

Page Statistics

25
Requests

96 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

11
IPs

4
Countries

749 kB
Transfer

1842 kB
Size

3
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: http://www.4lead.pl/onas.html
Title: http://www.4lead.pl/onas.html

Search URL Search Domain Scan URL

URL: http://www.addservicemedia.de/
Title: www.addservicemedia.de

Search URL Search Domain Scan URL

URL: https://www.outspot.pl/pl/polityka-prywatno%C5%9Bci
Title: https://www.outspot.pl/pl/polityka-prywatno%C5%9Bci

Search URL Search Domain Scan URL

URL: https://www.lead-creative.com/mentions-legales/
Title: https://www.lead-creative.com/mentions-legales/

Search URL Search Domain Scan URL

URL: https://salelifter.com/pl/polityka-prywatnosci
Title: https://salelifter.com/pl/polityka-prywatnosci

Search URL Search Domain Scan URL

URL: https://www.t-a-o.pl/mentions-legales
Title: https://www.t-a-o.pl/mentions-legales

Search URL Search Domain Scan URL

URL: http://widigo.pl/dataProtection
Title: http://widigo.pl/dataProtection

Search URL Search Domain Scan URL

URL: http://www.zuwi.eu/
Title: http://www.zuwi.eu/

Search URL Search Domain Scan URL

URL: https://www.cafcall.pl/
Title: https://www.cafcall.pl/

Search URL Search Domain Scan URL

URL: https://www.wwf.pl/
Title: https://www.wwf.pl/

Search URL Search Domain Scan URL

URL: https://amnesty.org.pl/
Title: https://amnesty.org.pl/

Search URL Search Domain Scan URL

URL: https://unicef.pl/kontakt
Title: https://unicef.pl/kontakt

Search URL Search Domain Scan URL

URL: https://www.kancelaria-sobierajska.pl/
Title: https://www.kancelaria-sobierajska.pl/

Search URL Search Domain Scan URL

URL: https://www.naster.pl/index.php/polityka-cookies-rodo
Title: https://www.naster.pl/index.php/polityka-cookies-rodo

Search URL Search Domain Scan URL

URL: https://passive-instal.pl/rodo/
Title: https://passive-instal.pl/rodo/

Search URL Search Domain Scan URL

URL: https://www.neocraft.eu/polityka-prywatnosci
Title: https://www.neocraft.eu/polityka-prywatnosci

Search URL Search Domain Scan URL

URL: https://www.link4.pl/dane-osobowe
Title: https://www.link4.pl/dane-osobowe

Search URL Search Domain Scan URL

URL: https://sundaypolska.pl/polityka-prywatnosci/
Title: https://sundaypolska.pl/polityka-prywatnosci/

Search URL Search Domain Scan URL

URL: https://colonnade.pl/polityka-prywatnosci
Title: https://colonnade.pl/polityka-prywatnosci

Search URL Search Domain Scan URL

URL: http://ctdp.pl/download/polityka_prywatnosci.pdf
Title: http://ctdp.pl/download/polityka_prywatnosci.pdf

Search URL Search Domain Scan URL

URL: https://www.nn.pl/dla-ciebie/regulamin.html
Title: https://www.nn.pl/dla-ciebie/regulamin.html

Search URL Search Domain Scan URL

URL: https://pl.transcom.com/pl/data-protection-notice-cookie-policy
Title: https://pl.transcom.com/pl/data-protection-notice-cookie-policy

Search URL Search Domain Scan URL

URL: https://fyrklovern.pl/wp-content/uploads/2018/05/Polityka-prywatnosci-Fyrklovern.pdf
Title: https://fyrklovern.pl/wp-content/uploads/2018/05/Polityka-prywatnosci-Fyrklovern.pdf

Search URL Search Domain Scan URL

URL: https://anulujkredyt.pl/klauzula-informacyjna-rodo/
Title: https://anulujkredyt.pl/klauzula-informacyjna-rodo/

Search URL Search Domain Scan URL

URL: https://www.freepik.com/free-photos-vectors/winter
Title: Winter photo created by prostooleh - www.freepik.com

Search URL Search Domain Scan URL

URL: https://www.freepik.com/free-photos-vectors/travel
Title: Travel photo created by wavebreakmedia_micro - www.freepik.com

Search URL Search Domain Scan URL

URL: https://www.freepik.com/free-photos-vectors/background
Title: Background photo created by v.ivash - www.freepik.com

Search URL Search Domain Scan URL

URL: https://www.freepik.com/free-photos-vectors/birthday
Title: Birthday photo created by rawpixel.com - www.freepik.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/about/privacy/
Title: wytycznymi dotyczącymi wykorzystania danych na Facebooku

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Title: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com/de/praferenzmanagement/
Title: http://www.youronlinechoices.com/de/praferenzmanagement/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eviewd.com/901FA05626DDDE074FB17980F95AE5D6E88AC45C07220DFDE76FC257F3C3BA18/show.aspx HTTP 302
http://runwaywork.com/anchor HTTP 301
http://runwaywork.com/anchor/ Page URL
http://runwaywork.com/ILOZCioHw5LjsU.php4?d5kcRzcctX37cwCWxcGcP2ctcw4F7d0s0cbbb30 HTTP 302
https://www.smoothtrk2.com/4ZWGKB6/H8125TG/?sub1=35_198141_2479378&sub2=2207_2242892_2459732_15&sub3=571295316 HTTP 302
https://secure.trafficlink2000.com/?c=16288&s1=2465&s2=ab5ea54c61b54999b0d6844beb734a45 HTTP 302
https://tracking.trkkadsm.com/aff_c?offer_id=88&aff_id=1054&aff_sub2=5fda3ad20fe91&aff_sub=201 HTTP 302
https://campaign.golead7.pl/pl2b,food,voucher,com_12.html?idPartner=8&idCampaignAd=0&subId=1054-201&subIdentifier=102dbcd5dfd54705ea853a20dc2ee4 HTTP 302
https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://eviewd.com/901FA05626DDDE074FB17980F95AE5D6E88AC45C07220DFDE76FC257F3C3BA18/show.aspx HTTP 302
http://runwaywork.com/anchor HTTP 301
http://runwaywork.com/anchor/

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
runwaywork.com/anchor/
Redirect Chain

https://eviewd.com/901FA05626DDDE074FB17980F95AE5D6E88AC45C07220DFDE76FC257F3C3BA18/show.aspx
http://runwaywork.com/anchor
http://runwaywork.com/anchor/

614 B
861 B

109ms
72ms

Document
text/html

178.162.135.100
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://runwaywork.com/anchor/
Protocol: HTTP/1.1
Server: 178.162.135.100 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: s4.firehosted.net
Software: Apache /
Resource Hash

Request headers

Host: runwaywork.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 16:50:24 GMT
Server: Apache
Last-Modified: Thu, 02 Jul 2020 17:25:27 GMT
ETag: "266-5a978b1cd7266"
Accept-Ranges: bytes
Content-Length: 614
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 16 Dec 2020 16:50:24 GMT
Server: Apache
Location: http://runwaywork.com/anchor/
Content-Length: 237
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

Primary Request

Cookie set campaign_42.html Show response
pl2b.food-voucher.com/
Redirect Chain

http://runwaywork.com/ILOZCioHw5LjsU.php4?d5kcRzcctX37cwCWxcGcP2ctcw4F7d0s0cbbb30
https://www.smoothtrk2.com/4ZWGKB6/H8125TG/?sub1=35_198141_2479378&sub2=2207_2242892_2459732_15&sub3=571295316
https://secure.trafficlink2000.com/?c=16288&s1=2465&s2=ab5ea54c61b54999b0d6844beb734a45
https://tracking.trkkadsm.com/aff_c?offer_id=88&aff_id=1054&aff_sub2=5fda3ad20fe91&aff_sub=201
https://campaign.golead7.pl/pl2b,food,voucher,com_12.html?idPartner=8&idCampaignAd=0&subId=1054-201&subIdentifier=102dbcd5dfd54705ea853a20dc2ee4
https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

123 KB
28 KB

346ms
231ms

Document
text/html

138.201.27.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Requested by: Host: runwaywork.com
URL: http://runwaywork.com/anchor/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead7.pl
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5f47a196ca91a1505d958dfe1becbd7ff0913b7c02eb7407d946228f489d5d38

Request headers

Host: pl2b.food-voucher.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://runwaywork.com/anchor/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://runwaywork.com/anchor/#ILOZCioHw5LjsU.php4?d5kcRzcctX37cwCWxcGcP2ctcw4F7d0s0cbbb30

Response headers

Date: Wed, 16 Dec 2020 16:50:26 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: PHPSESSID=qqhm6qif3cd43oaj0at38ra6us; path=/; secure; HttpOnly coyoteAffiliTokenId42=4477309; expires=Wed, 16-Dec-2020 20:50:27 GMT; Max-Age=14400; path=/; secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 28219
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 16 Dec 2020 16:50:26 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: PHPSESSID=tdcdd34rmrpiobnq33dgbja7js; path=/; secure; HttpOnly coyoteTrackingCookie_12=4477309; expires=Fri, 15-Jan-2021 16:50:26 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golead7.pl coyoteSimpleTrackingCookie=4477309; expires=Fri, 15-Jan-2021 16:50:26 GMT; Max-Age=2592000; path=/;SameSite=None; Secure; domain=golead7.pl
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Content-Length: 1
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 4 KB
581 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5696c2ee5204b5ae286a2d57638b338e80f1147a1dc63b0860994f55f4031138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 16:50:27 GMT
server: ESF
date: Wed, 16 Dec 2020 16:50:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Dec 2020 16:50:27 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
19 KB 10ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
13 KB 156ms
48ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Origin: https://pl2b.food-voucher.com
Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:27 GMT
content-encoding: gzip
last-modified: Fri, 02 Nov 2018 15:16:46 GMT
server: NetDNA-cache/2.2
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Dec 2021 16:43:25 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 10ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
778 B 76ms
76ms Script
text/javascript 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdpBLIZAAAAAFKoBPgDtiin0A0XYsJ3jd-DR0vg

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

105f194f1276e61e49444c908d1aab2a587c6453e91584dd42bfa77838446a9e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Wed, 16 Dec 2020 16:50:27 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/NTa-8tBgsAw62CYTJPliVdrV/ 335 KB
131 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NTa-8tBgsAw62CYTJPliVdrV/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdpBLIZAAAAAFKoBPgDtiin0A0XYsJ3jd-DR0vg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f792fc4642c5120f96b4f11b6899eb9e8c6b286e5f6dc8be0015ff7b46223bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pl2b.food-voucher.com
Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133685
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 03:08:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 16:45:06 GMT

GET
H/1.1 200
OK campaign_42.html
pl2b.food-voucher.com/ 37 KB
37 KB 191ms
191ms Image
text/html 138.201.27.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Requested by: Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead7.pl
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Dec 2020 16:50:27 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 28218
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK supermarket.jpg
pl2b.food-voucher.com/media/adresseManager/microSiteImg/42/ 199 KB
199 KB 335ms
52ms Image
image/jpeg 138.201.27.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pl2b.food-voucher.com/media/adresseManager/microSiteImg/42/supermarket.jpg
Requested by: Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead7.pl
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 7964c13d1c7314d89e3d253f366b43ed69e1658e9b17e0543f5dad5348e83a81

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 16:50:27 GMT
Last-Modified: Tue, 29 Sep 2020 09:09:41 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "31b12-5b07024ad6f2d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 203538

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v21/ 26 KB
26 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pl2b.food-voucher.com
Referer: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 02:50:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:43:58 GMT
server: sffe
age: 396023
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26160
x-xss-protection: 0
expires: Sun, 12 Dec 2021 02:50:04 GMT

GET
H3-Q050 200 6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
fonts.gstatic.com/s/quicksand/v21/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463481f89055f6e1601dd7b220a6a67d9af3fb6300372bef408431f7a6070948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pl2b.food-voucher.com
Referer: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 04:13:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:45:57 GMT
server: sffe
age: 477422
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22364
x-xss-protection: 0
expires: Sat, 11 Dec 2021 04:13:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-xss-protection: 0
pragma: public
x-fb-debug: XzQLbasmFP4ctCQcUSjHdT+rIlFmq+Gh/vg3yMkzlbgRko/J4JZLiwo/EESF3w74xhCoPjAQvOEphrTXvy/rAA==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Dec 2020 16:50:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK select,arrow.png
pl2b.food-voucher.com/media/adresseManager/microSiteImg/42/ 1 KB
1 KB 468ms
51ms Image
image/png 138.201.27.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pl2b.food-voucher.com/media/adresseManager/microSiteImg/42/select,arrow.png
Requested by: Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead7.pl
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 16:50:27 GMT
Last-Modified: Mon, 04 Nov 2019 15:01:05 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "44e-5968695c271be"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1102

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 4894 0
0 25ms
25ms Document
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpBLIZAAAAAFKoBPgDtiin0A0XYsJ3jd-DR0vg&co=aHR0cHM6Ly9wbDJiLmZvb2Qtdm91Y2hlci5jb206NDQz&hl=en&v=NTa-8tBgsAw62CYTJPliVdrV&size=invisible&cb=pt4x9vsu4r04

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NTa-8tBgsAw62CYTJPliVdrV/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MrdvVy+oqNvOgxIJAdIJlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdpBLIZAAAAAFKoBPgDtiin0A0XYsJ3jd-DR0vg&co=aHR0cHM6Ly9wbDJiLmZvb2Qtdm91Y2hlci5jb206NDQz&hl=en&v=NTa-8tBgsAw62CYTJPliVdrV&size=invisible&cb=pt4x9vsu4r04
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 16 Dec 2020 16:50:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-MrdvVy+oqNvOgxIJAdIJlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9993
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2454546961448813 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 62ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2454546961448813?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d3b392f3448e83a9a48eb2a58c1bd308278efa43b0b63d5175c3fb362d1552e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tVYdrNhmP8eOkPsThfGd1cQj8Io0UqPKtdB1eFXA5kwLceCe9NZKjrMtJ+xzgNdlhurA/ppG7cGgmeU7n91/9Q==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Dec 2020 16:50:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 646236875
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2380438702273770 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 100ms
99ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2380438702273770?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4452b889166350941cfeabfc5f22a3d4474a5fc50c8c378f5963f9b63ca3dbb1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: f1b4q3XbPCG8F4r3VezP82ONTHA6R7pv6DJqvMp+ejlucm2Qs/++JEBWNusfySUZFw3svHVzZrNt3aFi0ERXPg==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Dec 2020 16:50:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1841761756
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
332 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2454546961448813&ev=PageView&dl=https%3A%2F%2Fpl2b.food-voucher.com%2Fcampaign_42.html%3FcoyoteAffiliTokenId%3D4477309%26&rl=http%3A%2F%2Frunwaywork.com%2Fanchor%2F&if=false&ts=1608137427846&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1608137427844.1863113707&it=1608137427597&coo=false&tm=1&rqm=GET

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Dec 2020 16:50:27 GMT

GET
H2 200 2637422266304610 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2637422266304610?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd0d4480ea0f5bc2ebe812aba6266a6ff6ac4e37a65cd3c6a1512d7ab7f0fa9e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: fGIaOrzl9PMnCIOQwhzl3KOQ2lTg59nVgTcr/SFOEyqtAu+gJjVjBSJ4YketpjKFLbEesserDqVr6ABs398gPw==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Dec 2020 16:50:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 765263993
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2380438702273770&ev=PageView&dl=https%3A%2F%2Fpl2b.food-voucher.com%2Fcampaign_42.html%3FcoyoteAffiliTokenId%3D4477309%26&rl=http%3A%2F%2Frunwaywork.com%2Fanchor%2F&if=false&ts=1608137428170&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1608137427844.1863113707&it=1608137427597&coo=false&tm=1&rqm=GET

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Dec 2020 16:50:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2637422266304610&ev=PageView&dl=https%3A%2F%2Fpl2b.food-voucher.com%2Fcampaign_42.html%3FcoyoteAffiliTokenId%3D4477309%26&rl=http%3A%2F%2Frunwaywork.com%2Fanchor%2F&if=false&ts=1608137428269&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1608137427844.1863113707&it=1608137427597&coo=false&tm=1&rqm=GET

Requested by

Host: pl2b.food-voucher.com
URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Dec 2020 16:50:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2454546961448813&ev=Microdata&dl=https%3A%2F%2Fpl2b.food-voucher.com%2Fcampaign_42.html%3FcoyoteAffiliTokenId%3D4477309%26&rl=http%3A%2F%2Frunwaywork.com%2Fanchor%2F&if=false&ts=1608137429366&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bon%20na%20zakupy%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.30&r=stable&ec=1&o=30&fbp=fb.1.1608137427844.1863113707&it=1608137427597&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Dec 2020 16:50:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2380438702273770&ev=Microdata&dl=https%3A%2F%2Fpl2b.food-voucher.com%2Fcampaign_42.html%3FcoyoteAffiliTokenId%3D4477309%26&rl=http%3A%2F%2Frunwaywork.com%2Fanchor%2F&if=false&ts=1608137429673&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bon%20na%20zakupy%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.30&r=stable&ec=1&o=30&fbp=fb.1.1608137427844.1863113707&it=1608137427597&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Dec 2020 16:50:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2637422266304610&ev=Microdata&dl=https%3A%2F%2Fpl2b.food-voucher.com%2Fcampaign_42.html%3FcoyoteAffiliTokenId%3D4477309%26&rl=http%3A%2F%2Frunwaywork.com%2Fanchor%2F&if=false&ts=1608137429775&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bon%20na%20zakupy%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.30&r=stable&ec=1&o=30&fbp=fb.1.1608137427844.1863113707&it=1608137427597&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 16:50:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Dec 2020 16:50:29 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.food-voucher.com/	1970-01-19 16:51:53	Name: _fbp Value: fb.1.1608137427844.1863113707
pl2b.food-voucher.com/	1970-01-19 14:42:31	Name: coyoteAffiliTokenId42 Value: 4477309
pl2b.food-voucher.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qqhm6qif3cd43oaj0at38ra6us

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://pl2b.food-voucher.com/campaign_42.html?coyoteAffiliTokenId=4477309&(Line 1701) Message: 56

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
campaign.golead7.pl
connect.facebook.net
eviewd.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
pl2b.food-voucher.com
runwaywork.com
secure.trafficlink2000.com
tracking.trkkadsm.com
use.fontawesome.com
www.facebook.com
www.google.com
www.gstatic.com
www.smoothtrk2.com
138.201.27.20
178.162.135.100
2001:4de0:ac19::1:b:2a
217.79.178.68
23.111.9.35
2606:4700:20::ac43:4871
2a00:1450:4001:800::2003
2a00:1450:4001:814::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:820::200a
2a00:1450:4001:825::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.250.4.239
44.238.45.132
105f194f1276e61e49444c908d1aab2a587c6453e91584dd42bfa77838446a9e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2d3b392f3448e83a9a48eb2a58c1bd308278efa43b0b63d5175c3fb362d1552e
4452b889166350941cfeabfc5f22a3d4474a5fc50c8c378f5963f9b63ca3dbb1
463481f89055f6e1601dd7b220a6a67d9af3fb6300372bef408431f7a6070948
49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5696c2ee5204b5ae286a2d57638b338e80f1147a1dc63b0860994f55f4031138
5f47a196ca91a1505d958dfe1becbd7ff0913b7c02eb7407d946228f489d5d38
7964c13d1c7314d89e3d253f366b43ed69e1658e9b17e0543f5dad5348e83a81
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
dd0d4480ea0f5bc2ebe812aba6266a6ff6ac4e37a65cd3c6a1512d7ab7f0fa9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f792fc4642c5120f96b4f11b6899eb9e8c6b286e5f6dc8be0015ff7b46223bca

pl2b.food-voucher.com Open in urlscan Pro 138.201.27.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

25 Requests

96 %HTTPS

60 %IPv6

14 Domains

16 Subdomains

11 IPs

4 Countries

749 kBTransfer

1842 kBSize

3 Cookies

31 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

pl2b.food-voucher.com Open in urlscan Pro
138.201.27.20 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

11
IPs

4
Countries

749 kB
Transfer

1842 kB
Size

3
Cookies

25 HTTP transactions
0 data transactions