r-ext.oferting.net Open in urlscan Pro
54.228.228.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.voordeelpakkers.be/c/kvx/mB-/wAXL7fuefbKwyeRBqREYza/F/V4c/F/0e98866e
Effective URL:
https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=gener...
Submission: On August 31 via api (August 31st 2022, 2:57:10 pm UTC) from BE — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 28 HTTP transactions. The main IP is 54.228.228.187, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is r-ext.oferting.net.
TLS certificate: Issued by Amazon on May 6th 2022. Valid for: a year.

This is the only time r-ext.oferting.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.199.51.78 91.199.51.78	47544 (IQPL-AS) (IQPL-AS)
1 3	34.159.45.57 34.159.45.57	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.246.129.40 54.246.129.40	16509 (AMAZON-02) (AMAZON-02)
3	54.228.228.187 54.228.228.187	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:6a00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
28	13

1 91.199.51.78 (Poland) 1 redirects

ASN47544 (IQPL-AS, PL)
PTR: 91-199-51-78.rev.iq.pl

links.voordeelpakkers.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.159.45.57 (Frankfurt am Main, Germany) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: laravel.kontikimedia.com

krs.voordeelpakkers.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

trust.whitegallops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.129.40 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-129-40.eu-west-1.compute.amazonaws.com

go.oferting.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.228.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-228-187.eu-west-1.compute.amazonaws.com

r-ext.oferting.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:6a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	40 KB
4	oferting.net 1 redirects go.oferting.net r-ext.oferting.net	59 KB
4	voordeelpakkers.be 2 redirects links.voordeelpakkers.be krs.voordeelpakkers.be	4 KB
3	whitegallops.com 2 redirects trust.whitegallops.com	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	183 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 971 trc.taboola.com — Cisco Umbrella Rank: 705	20 KB
2	liadm.com b-code.liadm.com — Cisco Umbrella Rank: 3651 rp4.liadm.com Failed	13 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 227
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 318	14 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6487	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 85	352 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 6141	352 B
28	12

	Domain	Requested by
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com r-ext.oferting.net
3	r-ext.oferting.net	r-ext.oferting.net
3	trust.whitegallops.com	2 redirects krs.voordeelpakkers.be
3	www.googletagmanager.com	krs.voordeelpakkers.be www.googletagmanager.com r-ext.oferting.net
3	krs.voordeelpakkers.be	1 redirects krs.voordeelpakkers.be
2	b-code.liadm.com	r-ext.oferting.net b-code.liadm.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	r-ext.oferting.net
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	krs.voordeelpakkers.be
1	go.oferting.net	1 redirects
1	www.google.de	krs.voordeelpakkers.be
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	links.voordeelpakkers.be	1 redirects
0	rp4.liadm.com Failed
28	16

This site contains no links.

Subject Issuer	Validity	Valid
lks.vosreducs.com R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.oferting.net Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Frame ID: 619E165B90BA473D7A661677C17FED8D
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

World -- we are redirecting you to Auto1's website

Page URL History Show full URLs

https://links.voordeelpakkers.be/c/kvx/mB-/wAXL7fuefbKwyeRBqREYza/F/V4c/F/0e98866e HTTP 302
https://krs.voordeelpakkers.be/jp?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e... HTTP 301
https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3... Page URL
https://trust.whitegallops.com/aff_c?offer_id=21977&aff_id=1938&file_id=126175 HTTP 302
https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3... Page URL
https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&redirect_pass=1&url=https%3A%2F%2Fgo.oferti... HTTP 302
https://go.oferting.net/1mzo8?vars=_vextclickid%3D_*10206e1a690c82e39448639cb22bec* HTTP 302
https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=auto... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

93 %
HTTPS

50 %
IPv6

12
Domains

16
Subdomains

13
IPs

5
Countries

333 kB
Transfer

859 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.voordeelpakkers.be/c/kvx/mB-/wAXL7fuefbKwyeRBqREYza/F/V4c/F/0e98866e HTTP 302
https://krs.voordeelpakkers.be/jp?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861 HTTP 301
https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861 Page URL
https://trust.whitegallops.com/aff_c?offer_id=21977&aff_id=1938&file_id=126175 HTTP 302
https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3Fvars%3D_vextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A&urlauth=389512855663732501734587023523 Page URL
https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&redirect_pass=1&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3Fvars%3D_vextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A&urlauth=389512855663732501734587023523 HTTP 302
https://go.oferting.net/1mzo8?vars=_vextclickid%3D_*10206e1a690c82e39448639cb22bec* HTTP 302
https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://links.voordeelpakkers.be/c/kvx/mB-/wAXL7fuefbKwyeRBqREYza/F/V4c/F/0e98866e HTTP 302
https://krs.voordeelpakkers.be/jp?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861 HTTP 301
https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861

Request Chain 12

https://trust.whitegallops.com/aff_c?offer_id=21977&aff_id=1938&file_id=126175 HTTP 302
https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3Fvars%3D_vextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A&urlauth=389512855663732501734587023523

Request Chain 23

https://rp.liadm.com/j?dtstmp=1661957829728&aid=a-00xy&se=e30&duid=1ffc951fb2a6--01gbt6fwzd85jqmp89epbd9157&tna=v2.4.2&pu=https%3A%2F%2Fr-ext.oferting.net%2Fr%2F%3Futm_source%3Dauto1%26utm_medium%3Dsopext%26utm_campaign%3D9932040-9711725%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dactivities%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fextclickid%253D_*10206e1a690c82e39448639cb22bec*%2526emn_i%253D493%2526emn_a%253D5049%2526emn_c%253D381704%2526emn_rt%253D0%2526ol%253D%2526emn_p%253D%2526emn_cat%253D9932040-9711725%2526term%253D%2526emn_t%253D9711725%2526ref_offer%253D9932040%2526hs%253D2510973281%2526go%253Dhttps%25253A%25252F%25252Fwww.wikoau.be%25252Fwaarde%25252F10-6%25252F%25253FMID%25253DB1_EMM_10_23_84_7_283_220830_1_0_0%252526utm_source%25253DEMM%252526utm_medium%25253Demail%252526utm_campaign%25253D0%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&refr=https%3A%2F%2Ftrust.whitegallops.com%2F&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gQXV0bzEncyB3ZWJzaXRlPC90aXRsZT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1661957829728&aid=a-00xy&se=e30&duid=1ffc951fb2a6--01gbt6fwzd85jqmp89epbd9157&tna=v2.4.2&pu=https%3A%2F%2Fr-ext.oferting.net%2Fr%2F%3Futm_source%3Dauto1%26utm_medium%3Dsopext%26utm_campaign%3D9932040-9711725%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dactivities%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A%2526emn_i%253D493%2526emn_a%253D5049%2526emn_c%253D381704%2526emn_rt%253D0%2526ol%253D%2526emn_p%253D%2526emn_cat%253D9932040-9711725%2526term%253D%2526emn_t%253D9711725%2526ref_offer%253D9932040%2526hs%253D2510973281%2526go%253Dhttps%25253A%25252F%25252Fwww.wikoau.be%25252Fwaarde%25252F10-6%25252F%25253FMID%25253DB1_EMM_10_23_84_7_283_220830_1_0_0%252526utm_source%25253DEMM%252526utm_medium%25253Demail%252526utm_campaign%25253D0%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&refr=https%3A%2F%2Ftrust.whitegallops.com%2F&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gQXV0bzEncyB3ZWJzaXRlPC90aXRsZT4&i6=MmEwMzoxYjIwOjY6ZjAxMTo6MmU%3D&n3pc=true

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
krs.voordeelpakkers.be/jp/
Redirect Chain

https://links.voordeelpakkers.be/c/kvx/mB-/wAXL7fuefbKwyeRBqREYza/F/V4c/F/0e98866e
https://krs.voordeelpakkers.be/jp?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre...
https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votr...

3 KB
1 KB

37ms
37ms

Document
text/html

34.159.45.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.159.45.57 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: laravel.kontikimedia.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f57e25ff29ecdf626674be50ef9a4f3cd8988a3add4507da6292cd47cba7991d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-1
Date: Wed, 31 Aug 2022 14:57:06 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Wed, 31 Aug 2022 14:57:06 GMT
Location: https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK redirect1.gif
krs.voordeelpakkers.be/images/ 1 KB
2 KB 32ms
32ms Image
image/gif 34.159.45.57
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krs.voordeelpakkers.be/images/redirect1.gif
Requested by: Host: krs.voordeelpakkers.be
URL: https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.159.45.57 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: laravel.kontikimedia.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: da1e92fc3fb9a19f018b1d0f6bf371f2a7499b72476879ac01ca86264d6a2ed8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 14:57:06 GMT
Last-Modified: Mon, 16 May 2022 14:56:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62826602-5ac"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1452

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
47 KB 135ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L

Requested by

Host: krs.voordeelpakkers.be
URL: https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be5a39daf5046036f1e3a0d9197936da6709ca99d0061a51f57c1b8b23ad202d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:57:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48137
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 14:57:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e9bb32d2e42d8114ce7c951e78ece3b2483cebc845dd12827c7982d7c573f56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:57:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73572
x-xss-protection: 0
expires: Wed, 31 Aug 2022 14:57:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6906
date: Wed, 31 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 31 Aug 2022 15:02:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
352 B 113ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5VKFC3JRFW&gtm=2oe8t0&_p=1425148845&_gaz=1&cid=1222990793.1661957827&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661957826&sct=1&seg=0&dl=https%3A%2F%2Fkrs.voordeelpakkers.be%2Fjp%2F%3Fh%3D1df65b431057d532b13ef072b14b9878%26emailmd5%3D51e17b68ea73c560ef1ba8d6cbb3e2e3%26utm_source%3DVOORBE%26utm_medium%3Dcpm%26utm_term%3DCars%26countkey%3DBE%26dbid%3D50716%26adv%3DVendez_votre_voiture%26brd%3DVerkoop_uw_auto%26clt%3DRoi%26Co%26trm%3DAlex%26creaid%3D42861&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&ep.UserId=51e17b68ea73c560ef1ba8d6cbb3e2e3&up.adv=Vendez_votre_voiture&up.brd=Verkoop_uw_auto&up.clt=Roi&up.countkey=BE&up.dbid=50716&up.trm=Alex&up.UserId=51e17b68ea73c560ef1ba8d6cbb3e2e3&up.call=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 14:57:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krs.voordeelpakkers.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
352 B 57ms
18ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5VKFC3JRFW&cid=1222990793.1661957827&gtm=2oe8t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 14:57:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krs.voordeelpakkers.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 161ms
76ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5VKFC3JRFW&cid=1222990793.1661957827&gtm=2oe8t0&aip=1&z=303611932

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 14:57:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 126ms
48ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1425148845&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.voordeelpakkers.be%2Fjp%2F%3Fh%3D1df65b431057d532b13ef072b14b9878%26emailmd5%3D51e17b68ea73c560ef1ba8d6cbb3e2e3%26utm_source%3DVOORBE%26utm_medium%3Dcpm%26utm_term%3DCars%26countkey%3DBE%26dbid%3D50716%26adv%3DVendez_votre_voiture%26brd%3DVerkoop_uw_auto%26clt%3DRoi%26Co%26trm%3DAlex%26creaid%3D42861&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1543779921&gjid=879319325&cid=1222990793.1661957827&uid=51e17b68ea73c560ef1ba8d6cbb3e2e3&tid=UA-117927431-4&_gid=1715395764.1661957827&_r=1&gtm=2wg8t0T2D9W3L&cd1=50716&cd2=Vendez_votre_voiture&cd3=Verkoop_uw_auto&cd4=Roi&cd5=Alex&cd6=BE&cd7=51e17b68ea73c560ef1ba8d6cbb3e2e3&cd8=undefined&z=1729631309

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://krs.voordeelpakkers.be/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 14:57:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krs.voordeelpakkers.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1425148845&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.voordeelpakkers.be%2Fjp%2F%3Fh%3D1df65b431057d532b13ef072b14b9878%26emailmd5%3D51e17b68ea73c560ef1ba8d6cbb3e2e3%26utm_source%3DVOORBE%26utm_medium%3Dcpm%26utm_term%3DCars%26countkey%3DBE%26dbid%3D50716%26adv%3DVendez_votre_voiture%26brd%3DVerkoop_uw_auto%26clt%3DRoi%26Co%26trm%3DAlex%26creaid%3D42861&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1222990793.1661957827&uid=51e17b68ea73c560ef1ba8d6cbb3e2e3&tid=UA-117927431-4&_gid=1715395764.1661957827&gtm=2wg8t0T2D9W3L&cd1=50716&cd2=Vendez_votre_voiture&cd3=Verkoop_uw_auto&cd4=Roi&cd5=Alex&cd6=BE&cd7=51e17b68ea73c560ef1ba8d6cbb3e2e3&cd8=undefined&z=1554895279

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78750
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78750
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krs.voordeelpakkers.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78751
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

aff_r Show response
trust.whitegallops.com/
Redirect Chain

https://trust.whitegallops.com/aff_c?offer_id=21977&aff_id=1938&file_id=126175
https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3Fvars%3D_vextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A&urlauth=3895128556637325017...

264 B
791 B

131ms
117ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3Fvars%3D_vextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A&urlauth=389512855663732501734587023523
Requested by: Host: krs.voordeelpakkers.be
URL: https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2b4cf73fa5e53a45b9aafe2a63156d939a505952db36ac4ca1efab3dcb4a13

Request headers

Referer: https://krs.voordeelpakkers.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Tune-SDK-Version
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74369def09f49259-FRA
content-encoding: br
content-type: text/html
date: Wed, 31 Aug 2022 14:57:09 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKHHpJsZBIgWIhRb0Npe6g6JmYznWa%2BX2oiSZQo%2Bvociqndao3PwVtsoMIDz%2Bs%2BU4C5kejiac6H2n1sPwwVpi8azAY8wwwnXSfsFi2Yd37bNiD9%2FscxBwgP40VBEC0mMz01TBG5mpo6bmLCxT83ZTuj4Sa1v"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-request-id: e65e19142aa8b5ca752bc2b3fe744017

Redirect headers

access-control-allow-headers: Tune-SDK-Version
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74369dee1b3c90ee-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 31 Aug 2022 14:57:08 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: /aff_r?offer_id=21977&aff_id=1938&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3Fvars%3D_vextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A&urlauth=389512855663732501734587023523
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI CUR OUR NOR INT"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67cD0mdKhupXoXtRefOSp9kXF79RBgiy%2BLMzTNi%2FbeU5mjalRJ1%2FYg2MpwiKsbgni0frnB9ZktUXj3KGFTezruet5%2FnedH%2BWPlhsAZSwOhedqhFgo1RBo4CkxCqhda%2B6LqGesTG%2BQJ%2FEFulciqOs0G4r%2F6w0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 10206e1a690c82e39448639cb22bec
x-request-id: ab74d58f7af0c6441bd58bd915df80cf
x-robots-tag: noindex, nofollow

POST collect
region1.analytics.google.com/g/ 0
0

GET
H2

200

Primary Request / Show response
r-ext.oferting.net/r/
Redirect Chain

https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&redirect_pass=1&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3Fvars%3D_vextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A&urlauth=389...
https://go.oferting.net/1mzo8?vars=_vextclickid%3D_*10206e1a690c82e39448639cb22bec*
https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac....

15 KB
6 KB

164ms
42ms

Document
text/html

54.228.228.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.228.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-228-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0db5a0b759362410a4c4f54880eef14fec27b368d89ec6c28918e40f08e63278

Request headers

Referer: https://trust.whitegallops.com/aff_r?offer_id=21977&aff_id=1938&url=https%3A%2F%2Fgo.oferting.net%2F1mzo8%3Fvars%3D_vextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A&urlauth=389512855663732501734587023523
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 14:57:09 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html
Date: Wed, 31 Aug 2022 14:57:07 GMT
Keep-Alive: timeout=2, max=200
Location: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10-1ubuntu3.26

GET
H2 200 a-00xy.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 40ms
7ms Script
application/javascript 2600:9000:225e:6a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00xy.min.js
Requested by: Host: r-ext.oferting.net
URL: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c3eda916f499a15865357768f310ae9c1df523a44134d48747146bf8e695c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:52:41 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
age: 11068
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P4
content-encoding: gzip
x-amz-cf-id: EdX-nVNnyi3BuNO6z0nm2VCwU89PnheduHib5bi4XE-QrsTOX1n0Ag==

GET
H2 200 preload.gif
r-ext.oferting.net/images/ 18 KB
18 KB 30ms
29ms Image
image/gif 54.228.228.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-ext.oferting.net/images/preload.gif
Requested by: Host: r-ext.oferting.net
URL: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.228.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-228-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:57:09 GMT
last-modified: Sat, 23 Jul 2022 07:58:20 GMT
server: nginx
accept-ranges: bytes
etag: "62dbaa1c-47ed"
content-length: 18413
content-type: image/gif

GET
H2 200 jquery-3.3.1.min.js Show response
r-ext.oferting.net/js/ 85 KB
34 KB 47ms
46ms Script
application/javascript 54.228.228.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r-ext.oferting.net/js/jquery-3.3.1.min.js
Requested by: Host: r-ext.oferting.net
URL: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.228.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-228-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:57:09 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2022 07:58:20 GMT
server: nginx
etag: W/"62dbaa1c-1538f"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r-ext.oferting.net
URL: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6909
date: Wed, 31 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 31 Aug 2022 15:02:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
64 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ML8Z3ZJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

752ed6c4e3c41be3dc78df18d4b654094b0eb7a51aa55b737c6a5ae926cee337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:57:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64985
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 14:57:09 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:225e:6a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00xy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Aug 2022 11:50:39 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
age: 1134390
etag: W/"ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P4
content-type: application/javascript
x-amz-cf-id: THRj_aEKE9WjiMXYv_cno2M_q1PGJpYQJydVBDbzsSsaijL_fttTcA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1861165617&t=pageview&_s=1&dl=https%3A%2F%2Fr-ext.oferting.net%2Fr%2F%3Futm_source%3Dauto1%26utm_medium%3Dsopext%26utm_campaign%3D9932040-9711725%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dactivities%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fextclickid%253D_*10206e1a690c82e39448639cb22bec*%2526emn_i%253D493%2526emn_a%253D5049%2526emn_c%253D381704%2526emn_rt%253D0%2526ol%253D%2526emn_p%253D%2526emn_cat%253D9932040-9711725%2526term%253D%2526emn_t%253D9711725%2526ref_offer%253D9932040%2526hs%253D2510973281%2526go%253Dhttps%25253A%25252F%25252Fwww.wikoau.be%25252Fwaarde%25252F10-6%25252F%25253FMID%25253DB1_EMM_10_23_84_7_283_220830_1_0_0%252526utm_source%25253DEMM%252526utm_medium%25253Demail%252526utm_campaign%25253D0%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&dr=https%3A%2F%2Ftrust.whitegallops.com%2F&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Auto1%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GgACAABB~&cid=1300785211.1661957830&tid=UA-46029424-1&_gid=1003559451.1661957830&z=359830692

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78752
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78752
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1192092/ 57 KB
18 KB 43ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Requested by: Host: krs.voordeelpakkers.be
URL: https://krs.voordeelpakkers.be/jp/?h=1df65b431057d532b13ef072b14b9878&emailmd5=51e17b68ea73c560ef1ba8d6cbb3e2e3&utm_source=VOORBE&utm_medium=cpm&utm_term=Cars&countkey=BE&dbid=50716&adv=Vendez_votre_voiture&brd=Verkoop_uw_auto&clt=Roi&Co&trm=Alex&creaid=42861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d846d4550417cb8e0936c4925ca058f87fe56a4bb07d4b37db19c5da0c505314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: rcA7_P.fsIGUOFRLvJOZ0JSFz17utoiC
content-encoding: gzip
etag: "465514ef0303391c94c88716db28e0b6"
age: 28
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 17942
x-amz-id-2: HP7JFRQfjcQbEw4WZj60jNTw1yJaoeoVzj5Ile9gPgFdBI79Aeoia27fagSpO0LuaZgwAssNc3o=
x-served-by: cache-hhn4044-HHN
last-modified: Sun, 28 Aug 2022 11:17:53 GMT
server: AmazonS3
x-timer: S1661957830.723405,VS0,VE1
date: Wed, 31 Aug 2022 14:57:09 GMT
vary: Accept-Encoding
x-amz-request-id: 60ETD70CH58HJNZ8
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 1

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1661957829728&aid=a-00xy&se=e30&duid=1ffc951fb2a6--01gbt6fwzd85jqmp89epbd9157&tna=v2.4.2&pu=https%3A%2F%2Fr-ext.oferting.net%2Fr%2F%3Futm_source%3Dauto1%26utm_medium%3...
https://rp4.liadm.com/j?dtstmp=1661957829728&aid=a-00xy&se=e30&duid=1ffc951fb2a6--01gbt6fwzd85jqmp89epbd9157&tna=v2.4.2&pu=https%3A%2F%2Fr-ext.oferting.net%2Fr%2F%3Futm_source%3Dauto1%26utm_medium%...

0
0

GET
H2 200 json Show response
trc.taboola.com/1192092/trc/3/ 2 KB
2 KB 39ms
32ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1192092/trc/3/json?tim=1661957829737&data=%7B%22id%22%3A756%2C%22ii%22%3A%22%2Fr%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1661957829732%2C%22cv%22%3A%2220220828-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fr-ext.oferting.net%2Fr%2F%3Futm_source%3Dauto1%26utm_medium%3Dsopext%26utm_campaign%3D9932040-9711725%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dactivities%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fextclickid%253D_*10206e1a690c82e39448639cb22bec*%2526emn_i%253D493%2526emn_a%253D5049%2526emn_c%253D381704%2526emn_rt%253D0%2526ol%253D%2526emn_p%253D%2526emn_cat%253D9932040-9711725%2526term%253D%2526emn_t%253D9711725%2526ref_offer%253D9932040%2526hs%253D2510973281%2526go%253Dhttps%25253A%25252F%25252Fwww.wikoau.be%25252Fwaarde%25252F10-6%25252F%25253FMID%25253DB1_EMM_10_23_84_7_283_220830_1_0_0%252526utm_source%25253DEMM%252526utm_medium%25253Demail%252526utm_campaign%25253D0%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%22%2C%22e%22%3A%22https%3A%2F%2Ftrust.whitegallops.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dauto1%26utm_medium%3Dsopext%26utm_campaign%3D9932040-9711725%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dactivities%26g%3D%26partner%3Dworld%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-asuvoravaemailingnetworkcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1661957829736%2C%22ref%22%3A%22https%3A%2F%2Ftrust.whitegallops.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fr-ext.oferting.net%2Fr%2F%3Futm_source%3Dauto1%26utm_medium%3Dsopext%26utm_campaign%3D9932040-9711725%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dactivities%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fextclickid%253D_*10206e1a690c82e39448639cb22bec*%2526emn_i%253D493%2526emn_a%253D5049%2526emn_c%253D381704%2526emn_rt%253D0%2526ol%253D%2526emn_p%253D%2526emn_cat%253D9932040-9711725%2526term%253D%2526emn_t%253D9711725%2526ref_offer%253D9932040%2526hs%253D2510973281%2526go%253Dhttps%25253A%25252F%25252Fwww.wikoau.be%25252Fwaarde%25252F10-6%25252F%25253FMID%25253DB1_EMM_10_23_84_7_283_220830_1_0_0%252526utm_source%25253DEMM%252526utm_medium%25253Demail%252526utm_campaign%25253D0%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 39d941ef879909e6a968c9977ce049cf4283466bde51786e9606a539b75906f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms: 26
date: Wed, 31 Aug 2022 14:57:09 GMT
content-encoding: gzip
server: nginx
x-timer: S1661957830.748892,VS0,VE26
x-served-by: cache-hhn4044-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 38ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: r-ext.oferting.net
URL: https://r-ext.oferting.net/r/?utm_source=auto1&utm_medium=sopext&utm_campaign=9932040-9711725&orig=automatic&utm_term=generica&rtt=&f=0&c=activities&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fextclickid%3D_*10206e1a690c82e39448639cb22bec*%26emn_i%3D493%26emn_a%3D5049%26emn_c%3D381704%26emn_rt%3D0%26ol%3D%26emn_p%3D%26emn_cat%3D9932040-9711725%26term%3D%26emn_t%3D9711725%26ref_offer%3D9932040%26hs%3D2510973281%26go%3Dhttps%253A%252F%252Fwww.wikoau.be%252Fwaarde%252F10-6%252F%253FMID%253DB1_EMM_10_23_84_7_283_220830_1_0_0%2526utm_source%253DEMM%2526utm_medium%253Demail%2526utm_campaign%253D0%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: QS55VTZ5KYBT01RF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: LqMYMQa4YU1cIYkATbA3xCSvsTD2lndpXc+K9jTcrBu4zKcsnQNt7LnOCIo6x7yoHpJFT7uuVmQ=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1661957830.815127,VS0,VE0
date: Wed, 31 Aug 2022 14:57:09 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5688

GET
H/1.1 402
Payment Required 801818eb79
bam.nr-data.net/1/ 0
0 189ms
144ms Script
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/801818eb79?a=67561576&v=1216.487a282&to=b1BbMUZZDxBTAkFYWlYabBddFwgNVgRNH0VQRQ%3D%3D&rst=728&ck=1&ref=https://r-ext.oferting.net/r/&ap=12&be=474&fe=683&dc=544&perf=%7B%22timing%22:%7B%22of%22:1661957829097,%22n%22:0,%22f%22:297,%22dn%22:297,%22dne%22:357,%22c%22:357,%22s%22:385,%22ce%22:419,%22rq%22:419,%22rp%22:461,%22rpe%22:462,%22dl%22:465,%22di%22:544,%22ds%22:544,%22de%22:544,%22dc%22:683,%22l%22:683,%22le%22:684%7D,%22navigation%22:%7B%7D%7D&fp=498&fcp=498&at=QxdYRw5DHB4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 14:57:09 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 74369df4ba0491ed-FRA
Content-Length: 2
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5VKFC3JRFW&gtm=2oe8t0&_p=1425148845&cid=1222990793.1661957827&ul=en-us&sr=1600x1200&_z=ccd.v9B&sid=1661957826&sct=1&seg=0&dl=https%3A%2F%2Fkrs.voordeelpakkers.be%2Fjp%2F%3Fh%3D1df65b431057d532b13ef072b14b9878%26emailmd5%3D51e17b68ea73c560ef1ba8d6cbb3e2e3%26utm_source%3DVOORBE%26utm_medium%3Dcpm%26utm_term%3DCars%26countkey%3DBE%26dbid%3D50716%26adv%3DVendez_votre_voiture%26brd%3DVerkoop_uw_auto%26clt%3DRoi%26Co%26trm%3DAlex%26creaid%3D42861&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&_s=2

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?dtstmp=1661957829728&aid=a-00xy&se=e30&duid=1ffc951fb2a6--01gbt6fwzd85jqmp89epbd9157&tna=v2.4.2&pu=https%3A%2F%2Fr-ext.oferting.net%2Fr%2F%3Futm_source%3Dauto1%26utm_medium%3Dsopext%26utm_campaign%3D9932040-9711725%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dactivities%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fextclickid%253D_%2A10206e1a690c82e39448639cb22bec%2A%2526emn_i%253D493%2526emn_a%253D5049%2526emn_c%253D381704%2526emn_rt%253D0%2526ol%253D%2526emn_p%253D%2526emn_cat%253D9932040-9711725%2526term%253D%2526emn_t%253D9711725%2526ref_offer%253D9932040%2526hs%253D2510973281%2526go%253Dhttps%25253A%25252F%25252Fwww.wikoau.be%25252Fwaarde%25252F10-6%25252F%25253FMID%25253DB1_EMM_10_23_84_7_283_220830_1_0_0%252526utm_source%25253DEMM%252526utm_medium%25253Demail%252526utm_campaign%25253D0%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&refr=https%3A%2F%2Ftrust.whitegallops.com%2F&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gQXV0bzEncyB3ZWJzaXRlPC90aXRsZT4&i6=MmEwMzoxYjIwOjY6ZjAxMTo6MmU%3D&n3pc=true

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
links.voordeelpakkers.be/	1969-12-31 23:59:59	Name: TEMP_DATA Value: caf26d36-73e6-49e4-95a3-ba2e5118b160
links.voordeelpakkers.be/	1969-12-31 23:59:59	Name: esg1 Value: kvx/mB-/wAXL7fuefbKwyeRBqREYza/F/V4c/F/82779f57
.voordeelpakkers.be/	1970-01-20 15:15:17	Name: _ga Value: GA1.2.1222990793.1661957827
.voordeelpakkers.be/	1970-01-20 05:40:44	Name: _gid Value: GA1.2.1715395764.1661957827
.voordeelpakkers.be/	1970-01-20 05:39:17	Name: _gat_UA-117927431-4 Value: 1
trust.whitegallops.com/	1970-01-20 06:23:13	Name: enc_aff_session_21977 Value: ENC03e29048def0cb93e5601fdaf4eef51181248fd035e71462be95a98b2dea42663a628a089f93d66915ed32ba00f40db0a75c9239386b073e1cf4c8bc1becd28a318bb88d1ca17b8f718c32d0f5e64e75a110474168a502433790e72ddb62b08afb8486f0c3ef30b4e569fc8b514fdfa4b4807e4498acda538c644e5a2bd3115063b568aaea3b2febb933c5dfe629820561ca4f55a9690e426843da12bf9fff58651700e9e5
trust.whitegallops.com/	1970-01-20 15:15:17	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuNTIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
.voordeelpakkers.be/	1970-01-20 15:15:17	Name: _ga_5VKFC3JRFW Value: GS1.1.1661957826.1.0.1661957829.57.0.0
.oferting.net/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .oferting.net
.oferting.net/	1970-01-20 15:15:17	Name: _lc2_fpi Value: 1ffc951fb2a6--01gbt6fwzd85jqmp89epbd9157
.liadm.com/	1970-01-20 15:15:17	Name: lidid Value: 960d8b59-ff74-42a7-98eb-29c671dedd59

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bam.nr-data.net/1/801818eb79?a=67561576&v=1216.487a282&to=b1BbMUZZDxBTAkFYWlYabBddFwgNVgRNH0VQRQ%3D%3D&rst=728&ck=1&ref=https://r-ext.oferting.net/r/&ap=12&be=474&fe=683&dc=544&perf=%7B%22timing%22:%7B%22of%22:1661957829097,%22n%22:0,%22f%22:297,%22dn%22:297,%22dne%22:357,%22c%22:357,%22s%22:385,%22ce%22:419,%22rq%22:419,%22rp%22:461,%22rpe%22:462,%22dl%22:465,%22di%22:544,%22ds%22:544,%22de%22:544,%22dc%22:683,%22l%22:683,%22le%22:684%7D,%22navigation%22:%7B%7D%7D&fp=498&fcp=498&at=QxdYRw5DHB4%3D&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 402 (Payment Required)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-code.liadm.com
bam.nr-data.net
cdn.taboola.com
go.oferting.net
js-agent.newrelic.com
krs.voordeelpakkers.be
links.voordeelpakkers.be
r-ext.oferting.net
region1.analytics.google.com
rp4.liadm.com
stats.g.doubleclick.net
trc.taboola.com
trust.whitegallops.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
region1.analytics.google.com
rp4.liadm.com
151.101.130.137
151.101.193.44
162.247.241.14
2001:4860:4802:32::36
2600:9000:225e:6a00:8:8845:1500:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9c
2a06:98c1:3120::c
34.159.45.57
54.228.228.187
54.246.129.40
91.199.51.78
0db5a0b759362410a4c4f54880eef14fec27b368d89ec6c28918e40f08e63278
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
39d941ef879909e6a968c9977ce049cf4283466bde51786e9606a539b75906f7
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5e2b4cf73fa5e53a45b9aafe2a63156d939a505952db36ac4ca1efab3dcb4a13
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
752ed6c4e3c41be3dc78df18d4b654094b0eb7a51aa55b737c6a5ae926cee337
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
7c3eda916f499a15865357768f310ae9c1df523a44134d48747146bf8e695c11
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e9bb32d2e42d8114ce7c951e78ece3b2483cebc845dd12827c7982d7c573f56
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
be5a39daf5046036f1e3a0d9197936da6709ca99d0061a51f57c1b8b23ad202d
d846d4550417cb8e0936c4925ca058f87fe56a4bb07d4b37db19c5da0c505314
da1e92fc3fb9a19f018b1d0f6bf371f2a7499b72476879ac01ca86264d6a2ed8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f57e25ff29ecdf626674be50ef9a4f3cd8988a3add4507da6292cd47cba7991d

r-ext.oferting.net Open in urlscan Pro 54.228.228.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

93 %HTTPS

50 %IPv6

12 Domains

16 Subdomains

13 IPs

5 Countries

333 kBTransfer

859 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

r-ext.oferting.net Open in urlscan Pro
54.228.228.187 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

93 %
HTTPS

50 %
IPv6

12
Domains

16
Subdomains

13
IPs

5
Countries

333 kB
Transfer

859 kB
Size

11
Cookies

28 HTTP transactions
0 data transactions