urlscan.io logo urlscan.io
SecurityTrails logo

plik.bestshopping-voucher.com Open in urlscan Pro
138.201.27.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://computersexist.com/A76j.php3?dz3CkMccJq4fcw1k9cccJMcKcvRD2cSPKcbbb2L
Effective URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Submission: On April 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 6 countries across 11 domains to perform 12 HTTP transactions. The main IP is 138.201.27.20, located in Germany and belongs to HETZNER-AS, DE. The main domain is plik.bestshopping-voucher.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 22nd 2020. Valid for: 3 months.
This is the only time plik.bestshopping-voucher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.12.6.3 42632 (MNOGOBYTE...)
1 54.36.237.248 16276 (OVH)
1 1 216.189.40.128 6921 (ARACHNITEC)
1 2 154.16.205.185 20278 (NEXEON)
1 1 18.202.12.61 16509 (AMAZON-02)
1 4 138.201.27.20 24940 (HETZNER-AS)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 8
1    45.12.6.3 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: srv64.dedic.sh
computersexist.com
1    54.36.237.248 (France)

ASN16276 (OVH, FR)
PTR: 54-36-237-248.hillhost.net
zonestor.com
1    216.189.40.128 (United States)

ASN6921 (ARACHNITEC, US)
m1o6.newestlinks.company
2    154.16.205.185 (Los Angeles, United States)

ASN20278 (NEXEON, US)
efadfre.jwihbq.live
1    18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
addservicemedia.go2cloud.org
4    138.201.27.20 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s1.golead7.pl
campaign.golead7.pl
plik.bestshopping-voucher.com
2    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 plik.bestshopping-voucher.com efadfre.jwihbq.live
plik.bestshopping-voucher.com
2 fonts.gstatic.com plik.bestshopping-voucher.com
2 maxcdn.bootstrapcdn.com plik.bestshopping-voucher.com
2 efadfre.jwihbq.live 1 redirects zonestor.com
1 ajax.googleapis.com plik.bestshopping-voucher.com
1 use.fontawesome.com plik.bestshopping-voucher.com
1 fonts.googleapis.com plik.bestshopping-voucher.com
1 campaign.golead7.pl 1 redirects
1 addservicemedia.go2cloud.org 1 redirects
1 m1o6.newestlinks.company 1 redirects
1 zonestor.com
1 computersexist.com 1 redirects
12 12

This site contains links to these domains. Also see Links.

Domain
www.freepik.com
www.facebook.com
www.youronlinechoices.com
Subject Issuer Validity Valid
www.zonestor.com
Go Daddy Secure Certificate Authority - G2		 2019-07-14 -
2020-09-12		 a year crt.sh
jwihbq.live
Let's Encrypt Authority X3		 2020-03-11 -
2020-06-09		 3 months crt.sh
pl1a.bestshopping-voucher.com
Let's Encrypt Authority X3		 2020-01-22 -
2020-04-21		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Frame ID: 22ACA3CA2AC07240F5208FF3CAC6F9E7
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://computersexist.com/A76j.php3?dz3CkMccJq4fcw1k9cccJMcKcvRD2cSPKcbbb2L HTTP 302
    https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/ Page URL
  2. https://m1o6.newestlinks.company/?s1=900690515&s2=471148&kw=471148 HTTP 302
    https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsi... Page URL
  3. https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=15b92d44f5e&cntrl=00000&pid=10044&redid=75393&gs... HTTP 302
    https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=36ef033c-82a4-11ea-9787-2b98c7b93781... HTTP 302
    https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007... HTTP 302
    https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

12
Requests

100 %
HTTPS

36 %
IPv6

11
Domains

12
Subdomains

8
IPs

6
Countries

381 kB
Transfer

659 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://computersexist.com/A76j.php3?dz3CkMccJq4fcw1k9cccJMcKcvRD2cSPKcbbb2L HTTP 302
    https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/ Page URL
  2. https://m1o6.newestlinks.company/?s1=900690515&s2=471148&kw=471148 HTTP 302
    https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82a4-11ea-8741-cae258990218 Page URL
  3. https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=15b92d44f5e&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82a4-11ea-8741-cae258990218&tov=685450 HTTP 302
    https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=36ef033c-82a4-11ea-9787-2b98c7b93781&aff_sub=75393 HTTP 302
    https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007&subIdentifier=10267ee024f4151281bdd43156f9f7 HTTP 302
    https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://computersexist.com/A76j.php3?dz3CkMccJq4fcw1k9cccJMcKcvRD2cSPKcbbb2L HTTP 302
  • https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/
Request Chain 1
  • https://m1o6.newestlinks.company/?s1=900690515&s2=471148&kw=471148 HTTP 302
  • https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82a4-11ea-8741-cae258990218

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/
Redirect Chain
  • http://computersexist.com/A76j.php3?dz3CkMccJq4fcw1k9cccJMcKcvRD2cSPKcbbb2L
  • https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/
129 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.36.237.248 , France, ASN16276 (OVH, FR),
Reverse DNS
54-36-237-248.hillhost.net
Software
Apache /
Resource Hash
41993ee0e3ede46fbaf6861045272ac9fc48ff09674bc71cdac90c4a13ee56ed

Request headers

Host
zonestor.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 01:13:47 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
129
Server
Apache
Set-Cookie
uid3546=900690515-20200419201347-3b7028bef3f2a5134f69b26bee81c382-; domain=; path=/; SameSite=None; Secure

Redirect headers

Date
Mon, 20 Apr 2020 01:13:46 GMT
Server
Apache
Location
https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Cookie set /
efadfre.jwihbq.live/
Redirect Chain
  • https://m1o6.newestlinks.company/?s1=900690515&s2=471148&kw=471148
  • https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82...
1 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82a4-11ea-8741-cae258990218
Requested by
Host: zonestor.com
URL: https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.16.205.185 Los Angeles, United States, ASN20278 (NEXEON, US),
Reverse DNS
Software
/
Resource Hash
0e76c2afd6bb66b389a903a70ffe15abd6ec414ef6f261b1aac381dc8e64b278

Request headers

Host
efadfre.jwihbq.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://zonestor.com/ff68f02a0bb1664000/1_123902_2450218/1964_5236247_2370443_38/529897876/

Response headers

Date
Mon, 20 Apr 2020 01:13:59 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=Nw8bPcTCbgLAF3HILSnmy8YvociHG2wTH%2FTn3VSjqsCbSbyqnu1NAMp%2FxEEG5Krp2wW5etTlGLD9mE2N3ctzfdvR69ASeelfimEdZ3q%2FAciceQXMXQTGQz%2F0yTL2dcc9mPKrt7TMW7mUX4hV%2Fvunz0%2Bf0ZXBw7nB4LZFmNjcVAt9D%2FnRI7P8XxD9y3ChhPiaLvOa1jBImTpxiARaG%2BZqQQjN4NfP4g6iLiaS63bG4BBgZoQMk6fozW5KMEohwk6wYyB0bb4UnCDeWx0BYtOtWviX5kr8WTMdCtH6FIaXUVarUw31mLK3nBqbHxft3FHTVknmKSYpyr5ovw6NTxP9dJjdY4rNnOrSTMpEPi7Nt29V33ozb1ASFrNv1LX6tawW1YC8usVdETD8GxT7ErJAubtY9qqcSxow%2Fdn5syKmuGi%2FjMrOCd8U62%2B3xUraQr%2Bg6ri4gPQ6k%2Fnr%2BPhuxvuAOQ%3D%3D; expires=Tue, 21-Apr-2020 01:13:59 GMT; Max-Age=86400; path=/; domain=.efadfre.jwihbq.live click_id_34191b3e-82a4-11ea-8741-cae258990218=36ef033c-82a4-11ea-9787-2b98c7b93781 id=XNSX.900690515%3A%3A471148-r75393-t488; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live SITE_ID=15b92d44f5e; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live sov=15b92d44f5e; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live mov=noprelanders.mini; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live redid=75393; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live campaign_id=1228; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live gsid=488; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live pid=10044; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live impid=34191b3e-82a4-11ea-8741-cae258990218; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live URI=sov%3D15b92d44f5e%26hid%3Deiugiqgeiegiigoq%26%26cntrl%3D00000%26pid%3D10044%26redid%3D75393%26gsid%3D488%26campaign_id%3D1228%26p_id%3D10044%26id%3DXNSX.900690515%253A%253A471148-r75393-t488%26impid%3D34191b3e-82a4-11ea-8741-cae258990218; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live templateid=4289; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live path=redirect; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live version=685450; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][expand_enable]=-1; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][alert_enable]=0; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][audio_enable]=0; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][pop_enable]=0; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][expand_enable]=-1; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][alert_enable]=0; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][audio_enable]=0; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[685450][pop_enable]=0; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live content=685450; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live token=e40308864faa5902be95f68757bdca90; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live rpm=14; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live log_15b92d44f5e=1; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live token=e40308864faa5902be95f68757bdca90; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live rpm=14; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live payload=1e24e6619a7beeb0a6e1e893652f5f548acb72ff09f392d454b94d882cd3f2020f92b84c879771f05e9ecbbba4417776d58a7343c2c63f62fb1a4f4b2b98a8ca0009021a0bb64ee68bbd0296ad2b2bc6d600bbf62008cb154c64c09731288525453bdf63bf27ca8d2e9a3e3351d1c0b23b089c260c2c4989a3a3c54635292bbcc9a6808609a03e9dbf38e81d4aca5560570e65fb0e66392d252f6c7bdb4eb91a546195f3ee9a25e3f30b63012398737e8b94391345733764db118348cb08fdb18fcfa00202eb4e8df5646d7da52a248bc460ea1f80d50ab02dbc22ccb7d50250a63358b68429e77bcdbec7137712e1c542f483acff09e7d55bbc8651eff2aec526c72506dd881337907549d9461f6958ffed83ba37572d491a864a320d4fca1a9da7ea9548309bbb5731735f7fa3a529c1fdefc6821c8480e425688fd1b29b7fb18d66731d8c5b19d070ae9116985b7b6fde51b328582d699b9f3947076497da32ecfa1f2294436c8ee0c35a83c3ce04a42e56e7c2884a46c13036cfff5447f35400bd7be14e9e55c12121794a1669acc7330590e04893621b22d9ed7c9a134a8658cd819928d0d8fe4dc23dc977b0ea554f2b37ee55929984e6af9cb26894f8191077c5e2d738d8f04402fc6927be2b6661551b7faea08f55c5cbd285218022e51b57bbbcd3dbab9e769c150e820954346f60f9b8901c6369e60c0b1361ccfabb4df37aced4de1b03cdf6d7d899bceb3cae91e2f5e4db7601252b6167f4d193abd9df6f63f0dfbd5ea1e790f5e3a71d6b8c35ea39f791f78c2beca7063cc09ae4c02fe65f67a14700c91a2793528228f5cd2c63faa6e9a1848d21f0fac3a976879b4ae2a8e23c79893784e529417159ee5d9358182471362b59b1932e73615feecf9fb007b4a37b13f4534195299e92c06961bbb63bcac8837f10c5329372be6b40703035837614ac5869951d98e3cc811983f829d6fec6c2f88cea68578758d347daddcd5590c1c97964f75e3d1cd611660c3ef165bd7801ec514b467e86757f59a944caa6226c9ebe6e7113fc111566914214e4989d67abb3c50b740458fa3789a2efcff6e667ff623ede4e85058ce720e63b5fcf542afc7a3a1153b66bdfc720a103e8dee0feb213c6d2dc3c6da6279088c70cdfa1250e2b4fd821427c2b46f157493d48b867270fca56fe8fb6da845fcb450f2b225f90e20f96f7d750511292a3bd8bdb2a2af17a57ba08ea82c042a6a4e1b728f546b0427f64dd8208359c5cd88a04351beb8ba8174d837f19a2923dbed1f94393835d739294976b51a446c02715e6aaf5f8df662d75818a5b5a62552de0b7e36683034e40562620f3a755cfb3c6f7e8bb6da863a561a54bc21892b225d1bab91358949876274ef669233af7c39edbadb361a129525e4db5a47fd34cde831b2d8665ce46a0d8d463d90da3ec5175bd7fe5ffa412901a9ea89cbbbfcdf9774e5f420e32804feacc86b67a87240469aadc5cf94e7967fc6a971f2122e07bd8f1795eb5e07c41a8039ae680caae945ffbeebbddc6150e23dcade56eb4ead41967ef411ed9ced699cdf071a0084b376efe53ad51843a660bee6a8a8680cfea0035691a8af4fa24643d667f2a79a70fccd74941628746fd9aa357c52eb2fcd97403e1af9bde81057216ed96549a3e03c753d98108; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live payloadIV=fc1cc144bb4caa6a4928f5dcf5ebeabc; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live init_ev=0; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live id=XNSX.900690515%3A%3A471148-r75393-t488; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live SITE_ID=15b92d44f5e; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live sov=15b92d44f5e; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tov=685450; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live mov=noprelanders.mini; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live redid=75393; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live campaign_id=1228; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live gsid=488; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live pid=10044; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.efadfre.jwihbq.live impid=34191b3e-82a4-11ea-8741-cae258990218; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live tags[4289][iframe_enable]=0; expires=Tue, 21-Apr-2020 01:15:39 GMT; Max-Age=86500; path=/; domain=.efadfre.jwihbq.live mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Source
Mini
X-Rot
685450
X-Sov
15b92d44f5e
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Mon, 20 Apr 2020 01:13:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
34191b3e-82a4-11ea-8741-cae258990218
Location
https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82a4-11ea-8741-cae258990218
Set-Cookie
redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Primary Request Cookie set campaign_67.html
plik.bestshopping-voucher.com/
Redirect Chain
  • https://efadfre.jwihbq.live/ADD1242biedronkaPL.html?sov=15b92d44f5e&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-8...
  • https://addservicemedia.go2cloud.org/aff_c?offer_id=118&aff_id=1007&aff_sub2=36ef033c-82a4-11ea-9787-2b98c7b93781&aff_sub=75393
  • https://campaign.golead7.pl/plik,bestshopping,voucher,com,_19.html?idPartner=8&idCampaignAd=0&subId=1007&subIdentifier=10267ee024f4151281bdd43156f9f7
  • https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
88 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Requested by
Host: efadfre.jwihbq.live
URL: https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82a4-11ea-8741-cae258990218
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e0a01d2ba0b12d18564f3bad3864271c310e234d23f962da170ab61db955d877

Request headers

Host
plik.bestshopping-voucher.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82a4-11ea-8741-cae258990218
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://efadfre.jwihbq.live/?sov=15b92d44f5e&hid=eiugiqgeiegiigoq&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.900690515%3A%3A471148-r75393-t488&impid=34191b3e-82a4-11ea-8741-cae258990218

Response headers

Date
Mon, 20 Apr 2020 01:14:00 GMT
Server
Apache/2.4.29 (Ubuntu)
Set-Cookie
PHPSESSID=0n57hqioohuea8pjoum8bkaqn5; path=/; secure; HttpOnly coyoteAffiliTokenId67=1544273; expires=Mon, 20-Apr-2020 05:14:00 GMT; Max-Age=14400; path=/; secure
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
22346
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 20 Apr 2020 01:14:00 GMT
Server
Apache/2.4.29 (Ubuntu)
Set-Cookie
PHPSESSID=lapdu2d4742iqes90i3ekjkkp7; path=/; secure; HttpOnly coyoteTrackingCookie_19=1544273; expires=Wed, 20-May-2020 01:14:00 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golaed.se coyoteSimpleTrackingCookie=1544273; expires=Wed, 20-May-2020 01:14:00 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golaed.se
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Content-Length
5
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 01:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
css
fonts.googleapis.com/ 		4 KB
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac82e3a08fc84aada4c11b43c1ab033f21761c29f02481ea5d958f8d98a437e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Apr 2020 01:14:00 GMT
server
ESF
date
Mon, 20 Apr 2020 01:14:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Apr 2020 01:14:00 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Mon, 20 Apr 2020 01:14:00 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 07:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1358738
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 07:48:22 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 01:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
campaign_67.html
plik.bestshopping-voucher.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 01:14:01 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
22346
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header,ikea,pl.jpg
plik.bestshopping-voucher.com/media/adresseManager/microSiteImg/67/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plik.bestshopping-voucher.com/media/adresseManager/microSiteImg/67/header,ikea,pl.jpg
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.27.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.pl
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
12b1c1de4182f7f1073f6cbd62debba1bb8e7d3f7d3d76466926efcc5a8debb9

Request headers

Referer
https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 01:14:01 GMT
Last-Modified
Tue, 28 Jan 2020 12:57:22 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2fdb9-59d32c3d1518a"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
196025
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v20/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v20/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Sat, 28 Mar 2020 01:42:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:46:37 GMT
server
sffe
age
1985508
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
26160
x-xss-protection
0
expires
Sun, 28 Mar 2021 01:42:13 GMT
6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
fonts.gstatic.com/s/quicksand/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v20/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
Requested by
Host: plik.bestshopping-voucher.com
URL: https://plik.bestshopping-voucher.com/campaign_67.html?coyoteAffiliTokenId=1544273&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
463481f89055f6e1601dd7b220a6a67d9af3fb6300372bef408431f7a6070948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Origin
https://plik.bestshopping-voucher.com

Response headers

date
Tue, 14 Apr 2020 22:23:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:23:19 GMT
server
sffe
age
442251
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
22364
x-xss-protection
0
expires
Wed, 14 Apr 2021 22:23:10 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| arrayQuestions number| counterQuestions number| counterCurrentQuestion function| addQuestion function| nextQuestion

2 Cookies

Domain/Path Name / Value
plik.bestshopping-voucher.com/ Name: coyoteAffiliTokenId67
Value: 1544273
plik.bestshopping-voucher.com/ Name: PHPSESSID
Value: 0n57hqioohuea8pjoum8bkaqn5