urlscan.io logo urlscan.io
SecurityTrails logo

plik.bestshopping-voucher.com Open in urlscan Pro
138.201.27.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hair.showmesmile.es/?NzQ5NDM0MzU9MTk2NzcmMjY1MjM4NT0zOTMmMzc9Y2xpY2smdTE1d2VrPTgmbGlkPTM3MTQ1
Effective URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Submission: On April 14 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 12 HTTP transactions. The main IP is 138.201.27.20, located in Germany and belongs to HETZNER-AS, DE. The main domain is plik.bestshopping-voucher.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 22nd 2020. Valid for: 3 months.
This is the only time plik.bestshopping-voucher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.61.12.76 20473 (AS-CHOOPA)
1 1 31.220.54.15 47583 (AS-HOSTINGER)
1 2 107.172.7.100 36352 (AS-COLOCR...)
1 1 216.189.40.128 6921 (ARACHNITEC)
1 2 154.16.205.185 20278 (NEXEON)
1 1 52.210.2.133 16509 (AMAZON-02)
1 4 138.201.27.20 24940 (HETZNER-AS)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 8
1    108.61.12.76 (Matawan, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 108.61.12.76.choopa.com
hair.showmesmile.es
1    31.220.54.15 (United States)

ASN47583 (AS-HOSTINGER, LT)
zharewardss.com
2    107.172.7.100 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-172-7-100-host.colocrossing.com
qalkawell.com
1    216.189.40.128 (United States)

ASN6921 (ARACHNITEC, US)
m1o6.newestlinks.company
2    154.16.205.185 (Los Angeles, United States)

ASN20278 (NEXEON, US)
efadfre.jwihbq.live
1    52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
addservicemedia.go2cloud.org
4    138.201.27.20 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s1.golead7.pl
campaign.golead7.pl
plik.bestshopping-voucher.com
2    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 plik.bestshopping-voucher.com efadfre.jwihbq.live
plik.bestshopping-voucher.com
2 fonts.gstatic.com plik.bestshopping-voucher.com
2 maxcdn.bootstrapcdn.com plik.bestshopping-voucher.com
2 efadfre.jwihbq.live 1 redirects qalkawell.com
2 qalkawell.com 1 redirects
1 ajax.googleapis.com plik.bestshopping-voucher.com
1 use.fontawesome.com plik.bestshopping-voucher.com
1 fonts.googleapis.com plik.bestshopping-voucher.com
1 campaign.golead7.pl 1 redirects
1 addservicemedia.go2cloud.org 1 redirects
1 m1o6.newestlinks.company 1 redirects
1 zharewardss.com 1 redirects
1 hair.showmesmile.es 1 redirects
12 13

This site contains links to these domains. Also see Links.

Domain
www.freepik.com
www.facebook.com
www.youronlinechoices.com
Subject Issuer Validity Valid
qalkawell.com
Let's Encrypt Authority X3		 2020-04-08 -
2020-07-07		 3 months crt.sh
jwihbq.live
Let's Encrypt Authority X3		 2020-03-11 -
2020-06-09		 3 months crt.sh
pl1a.bestshopping-voucher.com
Let's Encrypt Authority X3		 2020-01-22 -
2020-04-21		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Frame ID: B7E5C4348332DC26B806CF6503393681
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hair.showmesmile.es/?NzQ5NDM0MzU9MTk2NzcmMjY1MjM4NT0zOTMmMzc9Y2xpY2smdTE1d2VrPTgmbGlkPTM3MTQ1 HTTP 302
    http://zharewardss.com/r/2f0bec7b-45eb-4030-bfb8-0d7a64700e60//393_108.61.12.76_37_194.99.105.99/74... HTTP 302
    https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74... Page URL
  2. https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/7... HTTP 302
    https://m1o6.newestlinks.company/?s1=8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f&s2=&kw= HTTP 302
    https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=... Page URL
  3. https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&gs... HTTP 302
    https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=febc37c0-7eaa-11ea-ac66-ea0eb14bb04c... HTTP 302
    https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007... HTTP 302
    https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

100 %
HTTPS

33 %
IPv6

12
Domains

13
Subdomains

8
IPs

4
Countries

382 kB
Transfer

659 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hair.showmesmile.es/?NzQ5NDM0MzU9MTk2NzcmMjY1MjM4NT0zOTMmMzc9Y2xpY2smdTE1d2VrPTgmbGlkPTM3MTQ1 HTTP 302
    http://zharewardss.com/r/2f0bec7b-45eb-4030-bfb8-0d7a64700e60//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145/ HTTP 302
    https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576 Page URL
  2. https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145/8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f/?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576&fctr=1 HTTP 302
    https://m1o6.newestlinks.company/?s1=8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f&s2=&kw= HTTP 302
    https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488&impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387 Page URL
  3. https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488&impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387&tov=685450 HTTP 302
    https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=febc37c0-7eaa-11ea-ac66-ea0eb14bb04c&aff_sub=75393 HTTP 302
    https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007&subIdentifier=102c6344d78935f08916253a981565 HTTP 302
    https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://hair.showmesmile.es/?NzQ5NDM0MzU9MTk2NzcmMjY1MjM4NT0zOTMmMzc9Y2xpY2smdTE1d2VrPTgmbGlkPTM3MTQ1 HTTP 302
  • http://zharewardss.com/r/2f0bec7b-45eb-4030-bfb8-0d7a64700e60//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145/ HTTP 302
  • https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576
Request Chain 1
  • https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145/8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f/?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576&fctr=1 HTTP 302
  • https://m1o6.newestlinks.company/?s1=8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f&s2=&kw= HTTP 302
  • https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488&impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//
Redirect Chain
  • http://hair.showmesmile.es/?NzQ5NDM0MzU9MTk2NzcmMjY1MjM4NT0zOTMmMzc9Y2xpY2smdTE1d2VrPTgmbGlkPTM3MTQ1
  • http://zharewardss.com/r/2f0bec7b-45eb-4030-bfb8-0d7a64700e60//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145/
  • https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576
783 B
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
107.172.7.100 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-172-7-100-host.colocrossing.com
Software
nginx /
Resource Hash
61b79d42feb6e7719138e6952a5632dc329f479dc4c99b9ef7be027f80ef833e

Request headers

Host
qalkawell.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 14 Apr 2020 23:52:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
8e4d8882-511a-4735-b38f-b657767e925e=8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=qalkawell.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f; Version=1; Expires=Wed, 15-Apr-2020 00:02:15 GMT; Max-Age=600; Domain=qalkawell.com; Path=/
Cache-Control
no-cache
Expires
Tue, 14 Apr 2020 23:52:15 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 14 Apr 2020 23:52:14 GMT
Content-Length
192
Connection
keep-alive
Location
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576
Cache-Control
no-cache
Expires
Tue, 14 Apr 2020 23:52:14 GMT
Cookie set /
efadfre.jwihbq.live/
Redirect Chain
  • https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145/8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f/?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e...
  • https://m1o6.newestlinks.company/?s1=8c3384a3-b76c-4d7b-9eb7-bfc0bbfe3b5f&s2=&kw=
  • https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3...
2 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488&impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387
Requested by
Host: qalkawell.com
URL: https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.16.205.185 Los Angeles, United States, ASN20278 (NEXEON, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
efadfre.jwihbq.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.76_37_194.99.105.99/74943435_2652385_37145//?fctr=1&ptid=fc93ede5-1806-4fe1-84a0-c2e2e4c48576

Response headers

Date
Tue, 14 Apr 2020 23:52:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=JCVPp0S4CrXYwn7m12DTQET%2BjGJBPB2RBSVNt9z78FBFYaj6c6WJWxeeIVowNnEsWOmfXzXJTGwD85EtdUfUDkYvMJuMDTiyAjFe38SIZ3%2Bb%2BJvD1roTFkJ7puPWjBnZPTD%2BdHl%2FDvX5EnbwSgswYn%2B3495OFcjsCK9iVjeuNKpt7E%2Fd4RDWjiRftN3bKsF7hlCUYBSMLUKRj5tJzcNeUx6ZPLSJUhLqjTzr119p3sKHvCfvPXyz7XADyPD%2FJeeaVneNmm5gvrDA41Cj9mT7qz4pkkKryxJHb%2BS%2BuVXcI9q%2Fzh3BafH2cnHhuQai3D7d%2FWFI6ESyDDYY%2BG3N845yRPB395QDntFeUyGSHujghUs5LP6VZdGwMkkvARTHwTCy8cu2wVHKoy%2BW84RYI2p10HFbUoiFigi%2BeD5DWjO9oIR8bSf26JdNQZ4J%2FHfxjjTd2p9j9a2G1tBoZgJOeRBMdQ%3D%3D; expires=Wed, 15-Apr-2020 23:52:27 GMT; Max-Age=86400; path=/; domain=.efadfre.jwihbq.live click_id_fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387=febc37c0-7eaa-11ea-ac66-ea0eb14bb04c id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live SITE_ID=450c6aee63d; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live sov=450c6aee63d; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live mov=noprelanders.mini; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live redid=75393; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live campaign_id=1228; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live gsid=488; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live pid=10044; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live URI=sov%3D450c6aee63d%26hid%3Dguuoikkogyqoow%26%26cntrl%3D00000%26pid%3D10044%26redid%3D75393%26gsid%3D488%26campaign_id%3D1228%26p_id%3D10044%26id%3DXNSX.8c3384a3%257C%257Cb76c%257C%257C4d7b%257C%257C9eb7%257C%257Cbfc0bbfe3b5f-r75393-t488%26impid%3Dfb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live templateid=4289; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live path=redirect; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live version=685450; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][expand_enable]=-1; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][alert_enable]=0; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][audio_enable]=0; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][pop_enable]=0; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][expand_enable]=-1; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][alert_enable]=0; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][audio_enable]=0; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][pop_enable]=0; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live content=685450; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live token=e60de1766db6487ae46fbbee238c6cc4; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live rpm=1; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live log_450c6aee63d=1; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live token=e60de1766db6487ae46fbbee238c6cc4; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live rpm=1; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live payload=1d45f7ca2a4f2247b19f359544188ddf6656b14e7262b5a11b5057a995b1c0c502855abf4a8608c4dacc17d51b3be0736ce8e0e089efcb131edc552bdc2cad37674c44fc52479aed56f6d77ec05552078baefb9d84cc6e65062006bf33fe85bdcfef38425d8e2293580f6048eae1822c69ecccfe0b44247e9c2e6ab6f266838bf272999244981fe719b4e6c4fcacc623f26462ce2c6ada53183fbd20e786909d844021118132a5d73fb67aa00a0237b4f5ac2f0d8563fa7fe03679c3d4b411df17a9e07260dc3ba14a82f96d91d05677f5564dc2a9c82796df877eb23c99cde1de81fd754dff545e8672c30f625bab30a81e52d41c8262a4ccde48ea8c07ba258619fd7f1d4b642cd4e81365ef726ac6325c51ef63bc829f1964cffe8cbd38d0bca7ebdddfff81c3ef8eafdde4b582dd65bc84588bdf3d8186801f111b14b69b7e52e0213e0c9379135479d7977b378acc2b82306b0f321a6ce9f73014f8680b4550f649eebda8342fd58ea229af7fb0c4173b0c5f6552bfc335e9c96c5b163ad1a9993fe14521a3ca9ac6e635f033e981ef7dd9cb111b9ab99b5cc4d5aca7e5e0e6e4eda5bb16522ad56cf28daa44794f5864b8fc2ea37139818bf85d34fac306f24d3d418a40b046eacf3eaf721d4b5049c642aba36dd4b4318e33ca855d0058570a17b8664f83f5019e78ff7707270289d5586c55a6be55c72334a22c3f4bf51b591d77845fa6972c435770d4a4257a766d50a896b9e925e7d541f9e3d8447eb3028941d2d185fd2de359bf225b7e7a066bba74bb82915c8502a536a624ce3ffb44f2190aff7f21bee5c025d92de1082b6c4c76ed445c2151a489ef1284bae6b83f40a1cf2f33d3b9fa8572456a30b48c1de3da49cdc2dbd21251c37d6b93cda67134346c5fb61c0de5db484fbc2f50159d39cc5c585b1b732f4875e7154753fed1d988e87153e02d1433bb1e6fe61715bc90359756b244fef1a15f6ee746a87619d37d3d1d2b81b73a569313e59432457ce825411423892489e8c5c9a3b5eeac3a74b91cc6468b6a89ba5bbeec846753736e23eb7a2a7329ca84239135ca20d7a410dc9711ba61a73ee37576b8ed4d1a75171d5162d2299992c7593e616f7802fe752592f3a5be96986ef24ab2f2a3cfe88c179dcdd4f56741dc0c4f8689a2ab5048f273788702587aca5afd13fa687f720bbc5ad595cc2c6ef268960f74a22a9e526fda295708955f67490ecce85faf7dee3fad7806402f9464cb41b418ea8b79d70abbf434f75234fd370d60ccb5301c872be045e1b740e4e36221c73f0c175ae32fe55efcbf80a83dd96f3dfb26ababb1dcaaffaf5d3bf5ac95c37f7251eeb89a7ae0e506acd3f7453da244299bc29c81f2b375fa79444db38c506255571f469e88be388f91959bd281247ce362e7c33517cfa6beb01f8f4c57978a6b8927c4162c91679e5d61d52a1c18f128a974c774ecc637456a858078c35d98dff6dbda579bf388daeb6a7eaaf5807f08373d530a91a5bbcacb93657f10e805c78ef655f7d94708c3af9337f039892df3a18fdb4dc31ecd17090978e83f183ec0345d8de2a502eb06b65626738f92aed39e82e33d4fa1fc12fd00d51c27892da7360875e6513830431214487ebcd26018f36959095feb83441255e3caf4ced8ab6bd75edd305211e7058ef9707428615da55a3f46acb11bb791711d4add1168fd435c84a46bdeec55510b6b402e01ec6583e9b6b375433fcde9836a997df1cb; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live payloadIV=afa877893500caa6643c25608abc013a; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live init_ev=0; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live SITE_ID=450c6aee63d; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live sov=450c6aee63d; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tov=685450; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live mov=noprelanders.mini; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live redid=75393; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live campaign_id=1228; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live gsid=488; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live pid=10044; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][iframe_enable]=0; expires=Wed, 15-Apr-2020 23:54:07 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Source
Mini
X-Rot
685450
X-Sov
450c6aee63d
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Tue, 14 Apr 2020 23:52:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387
Location
https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488&impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387
Set-Cookie
redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Primary Request Cookie set campaign_67.html
plik.bestshopping-voucher.com/
Redirect Chain
  • https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bb...
  • https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=febc37c0-7eaa-11ea-ac66-ea0eb14bb04c&aff_sub=75393
  • https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007&subIdentifier=102c6344d78935f08916253a981565
  • https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
88 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Requested by
Host: efadfre.jwihbq.live
URL: https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488&impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e0a01d2ba0b12d18564f3bad3864271c310e234d23f962da170ab61db955d877

Request headers

Host
plik.bestshopping-voucher.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488&impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=guuoikkogyqoow&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.8c3384a3%7C%7Cb76c%7C%7C4d7b%7C%7C9eb7%7C%7Cbfc0bbfe3b5f-r75393-t488&impid=fb88eca6-7eaa-11ea-8cf0-4e4e3e1c4387

Response headers

Date
Tue, 14 Apr 2020 23:52:28 GMT
Server
Apache/2.4.29 (Ubuntu)
Set-Cookie
PHPSESSID=7mqf6h57bitqqeujvq329e8lf7; path=/; secure; HttpOnly coyoteAffiliTokenId67=1448865; expires=Wed, 15-Apr-2020 03:52:28 GMT; Max-Age=14400; path=/; secure
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
22346
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 14 Apr 2020 23:52:28 GMT
Server
Apache/2.4.29 (Ubuntu)
Set-Cookie
PHPSESSID=friktv6e3suf6ok4chni872js7; path=/; secure; HttpOnly coyoteTrackingCookie_19=1448865; expires=Thu, 14-May-2020 23:52:28 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golaed.se coyoteSimpleTrackingCookie=1448865; expires=Thu, 14-May-2020 23:52:28 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golaed.se
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Content-Length
5
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 23:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
css
fonts.googleapis.com/ 		4 KB
595 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac82e3a08fc84aada4c11b43c1ab033f21761c29f02481ea5d958f8d98a437e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Apr 2020 23:52:28 GMT
server
ESF
date
Tue, 14 Apr 2020 23:52:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Apr 2020 23:52:28 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Tue, 14 Apr 2020 23:52:28 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 07:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
921846
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 07:48:22 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 23:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
campaign_67.html
plik.bestshopping-voucher.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Apr 2020 23:52:28 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
22346
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header,ikea,pl.jpg
plik.bestshopping-voucher.com/media/adresseManager/microSiteImg/67/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plik.bestshopping-voucher.com/media/adresseManager/microSiteImg/67/header,ikea,pl.jpg
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
12b1c1de4182f7f1073f6cbd62debba1bb8e7d3f7d3d76466926efcc5a8debb9

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 14 Apr 2020 23:52:29 GMT
Last-Modified
Tue, 28 Jan 2020 12:57:22 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2fdb9-59d32c3d1518a"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
196025
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v20/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v20/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Tue, 07 Apr 2020 11:46:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:46:37 GMT
server
sffe
age
648388
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
26160
x-xss-protection
0
expires
Wed, 07 Apr 2021 11:46:00 GMT
6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
fonts.gstatic.com/s/quicksand/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v20/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448865&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
463481f89055f6e1601dd7b220a6a67d9af3fb6300372bef408431f7a6070948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Sat, 28 Mar 2020 01:48:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:23:19 GMT
server
sffe
age
1548236
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
22364
x-xss-protection
0
expires
Sun, 28 Mar 2021 01:48:32 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| arrayQuestions number| counterQuestions number| counterCurrentQuestion function| addQuestion function| nextQuestion

2 Cookies

Domain/Path Name / Value
plik.bestshopping-voucher.com/ Name: coyoteAffiliTokenId67
Value: 1448865
plik.bestshopping-voucher.com/ Name: PHPSESSID
Value: 7mqf6h57bitqqeujvq329e8lf7