urlscan.io logo urlscan.io
SecurityTrails logo

plik.bestshopping-voucher.com Open in urlscan Pro
138.201.27.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://showmesmile.es/?MTQzNzM4NjI5PTE5Njc3JjI2NTIzODU9MzkzJjM3PWNsaWNrJnUxNXdlaT04JmxpZD0zNzEyMw==
Effective URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Submission: On April 15 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 12 HTTP transactions. The main IP is 138.201.27.20, located in Germany and belongs to HETZNER-AS, DE. The main domain is plik.bestshopping-voucher.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 22nd 2020. Valid for: 3 months.
This is the only time plik.bestshopping-voucher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.61.12.74 20473 (AS-CHOOPA)
1 1 31.220.54.15 47583 (AS-HOSTINGER)
1 2 107.172.7.100 36352 (AS-COLOCR...)
1 1 134.73.232.253 46573 (LAYER-HOST)
1 2 154.16.205.185 20278 (NEXEON)
1 1 52.210.2.133 16509 (AMAZON-02)
1 4 138.201.27.20 24940 (HETZNER-AS)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 8
1    108.61.12.74 (Matawan, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 108.61.12.74.choopa.com
showmesmile.es
1    31.220.54.15 (United States)

ASN47583 (AS-HOSTINGER, LT)
zharewardss.com
2    107.172.7.100 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-172-7-100-host.colocrossing.com
qalkawell.com
1    134.73.232.253 (United States)

ASN46573 (LAYER-HOST, US)
PTR: exioner.com
m1o6.newestlinks.company
2    154.16.205.185 (Los Angeles, United States)

ASN20278 (NEXEON, US)
efadfre.jwihbq.live
1    52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
addservicemedia.go2cloud.org
4    138.201.27.20 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s1.golead7.pl
campaign.golead7.pl
plik.bestshopping-voucher.com
2    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 plik.bestshopping-voucher.com efadfre.jwihbq.live
plik.bestshopping-voucher.com
2 fonts.gstatic.com plik.bestshopping-voucher.com
2 maxcdn.bootstrapcdn.com plik.bestshopping-voucher.com
2 efadfre.jwihbq.live 1 redirects qalkawell.com
2 qalkawell.com 1 redirects
1 ajax.googleapis.com plik.bestshopping-voucher.com
1 use.fontawesome.com plik.bestshopping-voucher.com
1 fonts.googleapis.com plik.bestshopping-voucher.com
1 campaign.golead7.pl 1 redirects
1 addservicemedia.go2cloud.org 1 redirects
1 m1o6.newestlinks.company 1 redirects
1 zharewardss.com 1 redirects
1 showmesmile.es 1 redirects
12 13

This site contains links to these domains. Also see Links.

Domain
www.freepik.com
www.facebook.com
www.youronlinechoices.com
Subject Issuer Validity Valid
qalkawell.com
Let's Encrypt Authority X3		 2020-04-08 -
2020-07-07		 3 months crt.sh
jwihbq.live
Let's Encrypt Authority X3		 2020-03-11 -
2020-06-09		 3 months crt.sh
pl1a.bestshopping-voucher.com
Let's Encrypt Authority X3		 2020-01-22 -
2020-04-21		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Frame ID: 7E8B1970C3B65920A49D5682A72FEA9F
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://showmesmile.es/?MTQzNzM4NjI5PTE5Njc3JjI2NTIzODU9MzkzJjM3PWNsaWNrJnUxNXdlaT04JmxpZD0zNzEyMw== HTTP 302
    http://zharewardss.com/r/2f0bec7b-45eb-4030-bfb8-0d7a64700e60//393_108.61.12.74_37_194.99.105.99/14... HTTP 302
    https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/14... Page URL
  2. https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/1... HTTP 302
    https://m1o6.newestlinks.company/?s1=2d907aea-66d9-4259-b078-fb7ac856d055&s2=&kw= HTTP 302
    https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=... Page URL
  3. https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&gs... HTTP 302
    https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=18bb40f2-7eac-11ea-9dec-a5431838ed83... HTTP 302
    https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007... HTTP 302
    https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

100 %
HTTPS

33 %
IPv6

12
Domains

13
Subdomains

8
IPs

4
Countries

381 kB
Transfer

659 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://showmesmile.es/?MTQzNzM4NjI5PTE5Njc3JjI2NTIzODU9MzkzJjM3PWNsaWNrJnUxNXdlaT04JmxpZD0zNzEyMw== HTTP 302
    http://zharewardss.com/r/2f0bec7b-45eb-4030-bfb8-0d7a64700e60//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123/ HTTP 302
    https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554 Page URL
  2. https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123/2d907aea-66d9-4259-b078-fb7ac856d055/?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554&fctr=1 HTTP 302
    https://m1o6.newestlinks.company/?s1=2d907aea-66d9-4259-b078-fb7ac856d055&s2=&kw= HTTP 302
    https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488&impid=147f128e-7eac-11ea-bee3-12c26be3c49e Page URL
  3. https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488&impid=147f128e-7eac-11ea-bee3-12c26be3c49e&tov=685450 HTTP 302
    https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=18bb40f2-7eac-11ea-9dec-a5431838ed83&aff_sub=75393 HTTP 302
    https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007&subIdentifier=102ad85b85b824940039049576aea9 HTTP 302
    https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://showmesmile.es/?MTQzNzM4NjI5PTE5Njc3JjI2NTIzODU9MzkzJjM3PWNsaWNrJnUxNXdlaT04JmxpZD0zNzEyMw== HTTP 302
  • http://zharewardss.com/r/2f0bec7b-45eb-4030-bfb8-0d7a64700e60//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123/ HTTP 302
  • https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554
Request Chain 1
  • https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123/2d907aea-66d9-4259-b078-fb7ac856d055/?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554&fctr=1 HTTP 302
  • https://m1o6.newestlinks.company/?s1=2d907aea-66d9-4259-b078-fb7ac856d055&s2=&kw= HTTP 302
  • https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488&impid=147f128e-7eac-11ea-bee3-12c26be3c49e

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//
Redirect Chain
  • http://showmesmile.es/?MTQzNzM4NjI5PTE5Njc3JjI2NTIzODU9MzkzJjM3PWNsaWNrJnUxNXdlaT04JmxpZD0zNzEyMw==
  • http://zharewardss.com/r/2f0bec7b-45eb-4030-bfb8-0d7a64700e60//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123/
  • https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554
784 B
919 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
107.172.7.100 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-172-7-100-host.colocrossing.com
Software
nginx /
Resource Hash

Request headers

Host
qalkawell.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 15 Apr 2020 00:00:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
8e4d8882-511a-4735-b38f-b657767e925e=2d907aea-66d9-4259-b078-fb7ac856d055; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=qalkawell.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=2d907aea-66d9-4259-b078-fb7ac856d055; Version=1; Expires=Wed, 15-Apr-2020 00:10:08 GMT; Max-Age=600; Domain=qalkawell.com; Path=/
Cache-Control
no-cache
Expires
Wed, 15 Apr 2020 00:00:08 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 15 Apr 2020 00:00:07 GMT
Content-Length
193
Connection
keep-alive
Location
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554
Cache-Control
no-cache
Expires
Wed, 15 Apr 2020 00:00:07 GMT
Cookie set /
efadfre.jwihbq.live/
Redirect Chain
  • https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123/2d907aea-66d9-4259-b078-fb7ac856d055/?fctr=1&ptid=1dba8687-2666-417a-8584-7a...
  • https://m1o6.newestlinks.company/?s1=2d907aea-66d9-4259-b078-fb7ac856d055&s2=&kw=
  • https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d...
2 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488&impid=147f128e-7eac-11ea-bee3-12c26be3c49e
Requested by
Host: qalkawell.com
URL: https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.16.205.185 Los Angeles, United States, ASN20278 (NEXEON, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
efadfre.jwihbq.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//393_108.61.12.74_37_194.99.105.99/143738629_2652385_37123//?fctr=1&ptid=1dba8687-2666-417a-8584-7ad471166554

Response headers

Date
Wed, 15 Apr 2020 00:00:20 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=t8RXI%2BOe4dyCIfgMtLTMqVefRM9bJgluyzrfrPCFYx%2Bvh0veJ%2Bo%2BIuu9U19lUyBYu1KWkX6XsmZtO11NQDmwiVuJwT%2B7S5xZx%2FFP5P%2FXak%2FEfwYddfEn5Z81edzAT6PJ42BxtSsaLNaSnvwFQfN%2FL1NPHSApu1VKnJMTdUYc5JFTPLIutlFu7UjOqVx2sDDnvV3sPqC5FmXrRteCwut9e16Gdjr%2BUgn6lvvz9AATZAagS6tMQPT0jQplR3thmRAi%2Fj3DZXAGEDlXYMC%2Fh2W6Jvcpa%2BYU3BEISpW3j32AJ0lHZAVbKg5UjYUy5%2Fhnkog2PuqXD%2BFEHBwPPCIiaXV9I8YKnLKX1DVY8U44W9pKn4Ms10%2BPwqSGt%2FFHvfAAgCO865bpnMe2AceeI9wNfaiSODl1DtyKb9TY48tyLNxDgRiBscl9bT8Ymqk5oaQUbz%2Bxg%2Ff2WSb84wCU9%2BOX12WAOA%3D%3D; expires=Thu, 16-Apr-2020 00:00:20 GMT; Max-Age=86400; path=/; domain=.efadfre.jwihbq.live click_id_147f128e-7eac-11ea-bee3-12c26be3c49e=18bb40f2-7eac-11ea-9dec-a5431838ed83 id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live SITE_ID=450c6aee63d; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live sov=450c6aee63d; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live mov=noprelanders.mini; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live redid=75393; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live campaign_id=1228; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live gsid=488; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live pid=10044; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live impid=147f128e-7eac-11ea-bee3-12c26be3c49e; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live URI=sov%3D450c6aee63d%26hid%3Dbrfjhrnjbtljjr%26%26cntrl%3D00000%26pid%3D10044%26redid%3D75393%26gsid%3D488%26campaign_id%3D1228%26p_id%3D10044%26id%3DXNSX.2d907aea%257C%257C66d9%257C%257C4259%257C%257Cb078%257C%257Cfb7ac856d055-r75393-t488%26impid%3D147f128e-7eac-11ea-bee3-12c26be3c49e; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live templateid=4289; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live path=redirect; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live version=685450; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][expand_enable]=-1; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][alert_enable]=0; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][audio_enable]=0; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][pop_enable]=0; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][expand_enable]=-1; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][alert_enable]=0; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][audio_enable]=0; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][pop_enable]=0; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live content=685450; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live token=59b9e61301ab47e59fb4dd4b617e0f1e; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live rpm=45; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live log_450c6aee63d=1; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live token=59b9e61301ab47e59fb4dd4b617e0f1e; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live rpm=45; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live payload=d4ba70b59b8cd9f5da576246b48e6eadfd3ec6c3877ebbc067c5fa5d3f17ee59144e286a7e77db392044ac35b3025806610ea126b0f232ec99de3f56cda0f682b45991c1d7021b634a92b10f57ce88c252d5894b48d17d773593c9c8cf92b827073792c002791860d158349a0fa5c4976e75c6207a69af56da6ae0661e3e03e570c724061519c1c37f102b586f9cd61b39ec2a94541c10b57c71f2c40fa1734cd192437844b54882a0736d896b5eabfe9f237e68582cacbb4fbdd53e4f31bfb5183a58b59cdb885070756bcab510c432541136ff79405394c6b5a341dbd4c493a96c3241e4620086d6b2b2dcd738d723876fc1ea88cd0323a197a16f968f2a6c6544e4b1a4dafcc7ae4a22e6f4373b9c94195a39b666bd0a0b430ea67a100066799cc0f1d4a590a5cfbd07689fff31d662280b7cdc32eb429bc2d3766016caf16a44af0cb3b891ff7bfa754501a3c31943c6f12972d303dfbe069435761fa3677856896cc7a5d571a158cfc7c41e02fbe07b6177bdd98e945388ee636775153ba053ab451f568548a15b532e605462fbd8d085d71f60ee2d7c42a8e7b82b11dad4eb53fe4746490ca6eb9208de731fa8de349f32da018b13fc34f5e99600b513ef5c7ade0167c87e31901e5efabec7ceca60157c0a4226acd029404b0d83a19b45710675c4b65b968c0510edda5f05d32aa58537b44628aa88d55dd9746c009e86c56f6abd3e716ee8c406963670922ca005cfe1f635ad849adf8c661aa6536ac8030c5a3aff3ebf3d13c95e8c92dec11b099362e49d39f5ac27d48649485a1210963152b094e169f29d536d79a5bc77294392dfd4a278b76d3ebc9f64542a8f54620cd1e8a64f068a5c47b9ef22e6f5fb4097d3d8353252a1e7cdadc9dc830d9ff7e5c6d522d604a8e288fd2c966e825386f21a6575b2012285d6819e1751baa39de7ab1b1fda4d45d741380c45b44f4a9bcef501d5f18976866e089685a285b5eb8ce75b22486b1bb49a0e83ae70f8e859788078ac901385c2897e7968a69df3e2ecc3e2587f07d64d467d9b8638317647d98d54fce8898e1d785d8945d492467b6344a793fd4e495161ecad50fc7242d4997109c5e70abf48bf638cba41012c03e273d5bb6f6b85e2f1b4ec1ac440a3f4f0b486e93a04c933fb9248a9ec8505fb5aceedca96dbfc939a697e13f217743f077f1be13f2437dc743079696292135fdf4080c6eba04a6e04d1456ceec8eb49fc9855e644392db0452b0aac8b8e1b2d5fe63d121b405db85cbc41ddfac4c821d2c5be30f8dfbf9f4d7cc72f7e90d1d08f82ac50de6c3de277abbc6785381e36bed362db2a1a509e04354329cb33697f3763ed840434a33d7656e5e61ebb1b8001068f662d8b42a2d4b2b716175dae750b31f8de793ce62a03b33b8993b24078c41ff6f5c71036716172237066a6c4df605df0a9f454493e67e30417da54daa0587acead4dba322fbf0031a4c52a7747cd487109b6b2e6b93c1768fc9f75d9521d105b7a37131dc9e120ebc255ba9607991a283ac18940d9f3d6166fb4b1047c356f0c70da438fd43e2f01c7a8b962861db64b86e71e481fe850ffc9d42ea727e837acbdadeecfb38f6f7ddd01d973edbb0a863ed377d23a36efd21cf387f9a46df7775e31a2187e9531f978a1b495488a47ba83be8b459aa474638ffa5eb9d6234e9acaa61c023407676859330c724c27aef2355f0584fd637b9c727d3f7e6dd4b24d18bba0b894f354b14f59; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live payloadIV=f4621aee3396b3ef42fa28961683d50d; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live init_ev=0; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live SITE_ID=450c6aee63d; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live sov=450c6aee63d; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tov=685450; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live mov=noprelanders.mini; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live redid=75393; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live campaign_id=1228; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live gsid=488; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live pid=10044; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live impid=147f128e-7eac-11ea-bee3-12c26be3c49e; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][iframe_enable]=0; expires=Thu, 16-Apr-2020 00:02:00 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Source
Mini
X-Rot
685450
X-Sov
450c6aee63d
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Wed, 15 Apr 2020 00:00:13 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
147f128e-7eac-11ea-bee3-12c26be3c49e
Location
https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488&impid=147f128e-7eac-11ea-bee3-12c26be3c49e
Set-Cookie
redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Primary Request Cookie set campaign_67.html
plik.bestshopping-voucher.com/
Redirect Chain
  • https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac8...
  • https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=18bb40f2-7eac-11ea-9dec-a5431838ed83&aff_sub=75393
  • https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007&subIdentifier=102ad85b85b824940039049576aea9
  • https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
88 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Requested by
Host: efadfre.jwihbq.live
URL: https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488&impid=147f128e-7eac-11ea-bee3-12c26be3c49e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e0a01d2ba0b12d18564f3bad3864271c310e234d23f962da170ab61db955d877

Request headers

Host
plik.bestshopping-voucher.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488&impid=147f128e-7eac-11ea-bee3-12c26be3c49e
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://efadfre.jwihbq.live/?sov=450c6aee63d&hid=brfjhrnjbtljjr&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.2d907aea%7C%7C66d9%7C%7C4259%7C%7Cb078%7C%7Cfb7ac856d055-r75393-t488&impid=147f128e-7eac-11ea-bee3-12c26be3c49e

Response headers

Date
Wed, 15 Apr 2020 00:00:21 GMT
Server
Apache/2.4.29 (Ubuntu)
Set-Cookie
PHPSESSID=upol6dmfkvtkdenroul6qjn9v5; path=/; secure; HttpOnly coyoteAffiliTokenId67=1448880; expires=Wed, 15-Apr-2020 04:00:21 GMT; Max-Age=14400; path=/; secure
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
22346
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 15 Apr 2020 00:00:21 GMT
Server
Apache/2.4.29 (Ubuntu)
Set-Cookie
PHPSESSID=bar5fl1aepasqps6c8nob7fhn3; path=/; secure; HttpOnly coyoteTrackingCookie_19=1448880; expires=Fri, 15-May-2020 00:00:21 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golaed.se coyoteSimpleTrackingCookie=1448880; expires=Fri, 15-May-2020 00:00:21 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golaed.se
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Content-Length
5
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 00:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
css
fonts.googleapis.com/ 		4 KB
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac82e3a08fc84aada4c11b43c1ab033f21761c29f02481ea5d958f8d98a437e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Apr 2020 00:00:21 GMT
server
ESF
date
Wed, 15 Apr 2020 00:00:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Apr 2020 00:00:21 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Wed, 15 Apr 2020 00:00:21 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 03:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1542328
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 03:34:53 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 00:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
campaign_67.html
plik.bestshopping-voucher.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Apr 2020 00:00:21 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
22346
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header,ikea,pl.jpg
plik.bestshopping-voucher.com/media/adresseManager/microSiteImg/67/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plik.bestshopping-voucher.com/media/adresseManager/microSiteImg/67/header,ikea,pl.jpg
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
12b1c1de4182f7f1073f6cbd62debba1bb8e7d3f7d3d76466926efcc5a8debb9

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 00:00:22 GMT
Last-Modified
Tue, 28 Jan 2020 12:57:22 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2fdb9-59d32c3d1518a"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
196025
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v20/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v20/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Sat, 28 Mar 2020 01:42:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:46:37 GMT
server
sffe
age
1549088
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
26160
x-xss-protection
0
expires
Sun, 28 Mar 2021 01:42:13 GMT
6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
fonts.gstatic.com/s/quicksand/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v20/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1448880&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
463481f89055f6e1601dd7b220a6a67d9af3fb6300372bef408431f7a6070948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Tue, 14 Apr 2020 22:23:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:23:19 GMT
server
sffe
age
5831
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
22364
x-xss-protection
0
expires
Wed, 14 Apr 2021 22:23:10 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| arrayQuestions number| counterQuestions number| counterCurrentQuestion function| addQuestion function| nextQuestion

2 Cookies

Domain/Path Name / Value
plik.bestshopping-voucher.com/ Name: coyoteAffiliTokenId67
Value: 1448880
plik.bestshopping-voucher.com/ Name: PHPSESSID
Value: upol6dmfkvtkdenroul6qjn9v5