urlscan.io logo urlscan.io
SecurityTrails logo

r.oferting.fr Open in urlscan Pro
52.213.184.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://w.oferting.fr/x/c/?hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzfDakLqzTPUoqaoa7KNTrA...
Effective URL: https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&ut...
Submission: On December 18 via api from ES — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 21 domains to perform 23 HTTP transactions. The main IP is 52.213.184.39, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is r.oferting.fr.
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.
This is the only time r.oferting.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 91.197.72.25 20559 (FUNDAMENT...)
3 52.213.184.39 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 44.198.227.25 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 151.101.130.137 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
2 3 34.199.75.211 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 64.202.112.127 22075 (AS-OUTBRAIN)
1 2 107.23.224.201 14618 (AMAZON-AES)
2 2 18.66.248.56 16509 (AMAZON-02)
1 1 193.0.160.130 54312 (ROCKETFUEL)
2 3 35.244.174.68 15169 (GOOGLE)
2 2 142.250.185.162 15169 (GOOGLE)
1 35.71.131.137 16509 (AMAZON-02)
1 2 72.246.169.24 16625 (AKAMAI-AS)
1 178.250.1.9 44788 (ASN-CRITE...)
1 35.157.73.176 16509 (AMAZON-02)
1 2 54.74.69.97 16509 (AMAZON-02)
23 16
2    91.197.72.25 (Netherlands)

ASN20559 (FUNDAMENTS-AS, NL)
PTR: eu25.webpower.eu
w.oferting.fr
oferting.webpower.eu
3    52.213.184.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: mail.oferting.fr
r.oferting.fr
1    2600:9000:225e:c400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:1f18:730:b150:6f5f:943c:95a6:9eb1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    44.198.227.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-227-25.compute-1.amazonaws.com
rp4.liadm.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
3    34.199.75.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-75-211.compute-1.amazonaws.com
i.liadm.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    107.23.224.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-224-201.compute-1.amazonaws.com
mid.rkdms.com
2    18.66.248.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-56.dus51.r.cloudfront.net
live.rezync.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    35.157.73.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-73-176.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.74.69.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-69-97.eu-west-1.compute.amazonaws.com
dpm.demdex.net
Apex Domain
Subdomains		 Transfer
6 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 2977
rp.liadm.com — Cisco Umbrella Rank: 1632
rp4.liadm.com — Cisco Umbrella Rank: 6685
i.liadm.com — Cisco Umbrella Rank: 517
19 KB
4 oferting.fr
w.oferting.fr
r.oferting.fr
trac.oferting.fr Failed
66 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
869 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1554
1 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
615 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1698
189 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
306 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
143 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
149 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
1 KB
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
291 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
416 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
401 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 590
16 KB
1 webpower.eu
oferting.webpower.eu
1 KB
0 parfumsmoinschers.com Failed
www.parfumsmoinschers.com Failed
0 clicplan.fr Failed
ercm.clicplan.fr Failed
ersq.clicplan.fr Failed
23 21
Domain Requested by
3 idsync.rlcdn.com 2 redirects i.liadm.com
3 i.liadm.com 2 redirects b-code.liadm.com
3 r.oferting.fr r.oferting.fr
2 dpm.demdex.net 1 redirects i.liadm.com
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 cm.g.doubleclick.net 2 redirects
2 live.rezync.com 2 redirects
2 mid.rkdms.com 1 redirects i.liadm.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com r.oferting.fr
www.googletagmanager.com
1 x.bidswitch.net i.liadm.com
1 dis.criteo.com i.liadm.com
1 match.adsrvr.org i.liadm.com
1 p.rfihub.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 d.turn.com 1 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com r.oferting.fr
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 b-code.liadm.com r.oferting.fr
1 oferting.webpower.eu 1 redirects
1 w.oferting.fr 1 redirects
0 trac.oferting.fr Failed r.oferting.fr
0 www.parfumsmoinschers.com Failed
0 ersq.clicplan.fr Failed r.oferting.fr
0 ercm.clicplan.fr Failed r.oferting.fr
23 27

This site contains no links.

Subject Issuer Validity Valid
r.oferting.fr
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2023-12-02 -
2024-12-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 2 frames:

Frame: https://trac.oferting.fr/of/?st=webpower_smtp&na=0&emn_i=346&emn_a=7260&emn_c=68189&emn_e=dce212a6a9997341079f93b6dcdce96d&emn_rt=0&ol=C&emn_p=&emn_cat=10009622-9757726&term=&emn_t=9757726&ref_offer=10009622&hs=2217790082&sd=w.oferting.fr&go=https%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmclic%3DP4642355CBA8191%26argsite%3Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%26redir%3Dhttps%253A%252F%252Fwww.parfumsmoinschers.com%252F
Frame ID: AABA45A668C2886E51C956F4A64B62D0
Requests: 15 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Frame ID: 528F5C51F4C2B3F0202FAF256D2930DB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Oferting -- we are redirecting you to Parfumsmoinschers's website

Page URL History Show full URLs

  1. https://w.oferting.fr/x/c/?hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzf... HTTP 302
    https://oferting.webpower.eu/x/c/?hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzf... HTTP 302
    https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-97... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

61 %
HTTPS

23 %
IPv6

21
Domains

27
Subdomains

16
IPs

6
Countries

243 kB
Transfer

633 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://w.oferting.fr/x/c/?hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzfDakLqzTPUoqaoa7KNTrA1d0r6oG2fK7_NrEEV2gY2hDDNP85n.0if.fnnEsxtdosXkk3cq8XMxmk7i0H6OYukkZ1eDOtgEbxzCRPcTFz3lqGiKCjB_Jk2ddNgkjmve2a4XfiYOoP0ht0lX8KfzIfAMsWKTBxIz6xcMw_jvRRBO.up81S_nPAVnuC5eBQMkFORKq9zOJWXVd4nt0p.m02YTphYDmABiTT2piEvK7JXkQGBBymgJC1q6V5LqDshMcKccEppU1aoaKii5Z10AhhKur3Vh.0jboTkdUcnyI.ZPHb8aw2Q0Yyvttj0xXmpbk7BUR_2AjyAGReMUdPQomgjMnfx4H_7QnoH4Kd3uI7u1dE.ePFka25k4ErpUfNUCmcSG.x7Pg1T3HM1YtQiZpffFalwWdevv15aRFHsJNz3sw4y8TyGhnBH2D1EiuWbSAPTpadxh_xD_C4dlnVd8.9_ykM88FvH3rR9f9pdfC4.AAA41 HTTP 302
    https://oferting.webpower.eu/x/c/?hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzfDakLqzTPUoqaoa7KNTrA1d0r6oG2fK7_NrEEV2gY2hDDNP85n.0if.fnnEsxtdosXkk3cq8XMxmk7i0H6OYukkZ1eDOtgEbxzCRPcTFz3lqGiKCjB_Jk2ddNgkjmve2a4XfiYOoP0ht0lX8KfzIfAMsWKTBxIz6xcMw_jvRRBO.up81S_nPAVnuC5eBQMkFORKq9zOJWXVd4nt0p.m02YTphYDmABiTT2piEvK7JXkQGBBymgJC1q6V5LqDshMcKccEppU1aoaKii5Z10AhhKur3Vh.0jboTkdUcnyI.ZPHb8aw2Q0Yyvttj0xXmpbk7BUR_2AjyAGReMUdPQomgjMnfx4H_7QnoH4Kd3uI7u1dE.ePFka25k4ErpUfNUCmcSG.x7Pg1T3HM1YtQiZpffFalwWdevv15aRFHsJNz3sw4y8TyGhnBH2D1EiuWbSAPTpadxh_xD_C4dlnVd8.9_ykM88FvH3rR9f9pdfC4.AAA41stored HTTP 302
    https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://rp.liadm.com/j?dtstmp=1702892265715&aid=a-00xy&se=e30&duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&tna=v2.11.2&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dparfumsmoinschers%26utm_medium%3Ddedicado%26utm_campaign%3D10009622-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D7260%2526emn_c%253D68189%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D10009622-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10009622%2526hs%253D2217790082%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Faction.metaffiliation.com%25252Ftrk.php%25253Fmclic%25253DP4642355CBA8191%252526argsite%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%252526redir%25253Dhttps%2525253A%2525252F%2525252Fwww.parfumsmoinschers.com%2525252F&wpn=lc-bundle&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUGFyZnVtc21vaW5zY2hlcnMncyB3ZWJzaXRlPC90aXRsZT4 HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&aid=a-00xy&tna=v2.11.2&dtstmp=1702892265715&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dparfumsmoinschers%26utm_medium%3Ddedicado%26utm_campaign%3D10009622-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D7260%2526emn_c%253D68189%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D10009622-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10009622%2526hs%253D2217790082%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Faction.metaffiliation.com%25252Ftrk.php%25253Fmclic%25253DP4642355CBA8191%252526argsite%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%252526redir%25253Dhttps%2525253A%2525252F%2525252Fwww.parfumsmoinschers.com%2525252F&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUGFyZnVtc21vaW5zY2hlcnMncyB3ZWJzaXRlPC90aXRsZT4
Request Chain 12
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3183931862166182124 HTTP 303
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=2fd24d0a-2c2d-4334-bd11-50b815afee48&liid=&_ct=im HTTP 302
  • https://mid.rkdms.com/restricted
Request Chain 13
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2fd24d0a-2c2d-4334-bd11-50b815afee48 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=24c87353-06f6-4d5c-a801-c8234785fcac%3A1702892266.846073&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D24c87353-06f6-4d5c-a801-c8234785fcac%253A1702892266.846073%26_%3D1702892266.8490865&cb=1702892266.8491256 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928937196197&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D24c87353-06f6-4d5c-a801-c8234785fcac%253A1702892266.846073%26_%3D1702892266.8490865 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=24c87353-06f6-4d5c-a801-c8234785fcac%3A1702892266.846073&_=1702892266.8490865 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjYyNGM4NzM1My0wNmY2LTRkNWMtYTgwMS1jODIzNDc4NWZjYWM6MTcwMjg5MjI2Ni44NDYwNzMQABoNCOulgKwGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_error=15
Request Chain 15
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2fd24d0a-2c2d-4334-bd11-50b815afee48 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2fd24d0a-2c2d-4334-bd11-50b815afee48&rd=Y
Request Chain 18
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=2fd24d0a-2c2d-4334-bd11-50b815afee48 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=2fd24d0a-2c2d-4334-bd11-50b815afee48
Request Chain 19
  • https://trac.oferting.fr/of/?st=webpower_smtp&na=0&emn_i=346&emn_a=7260&emn_c=68189&emn_e=dce212a6a9997341079f93b6dcdce96d&emn_rt=0&ol=C&emn_p=&emn_cat=10009622-9757726&term=&emn_t=9757726&ref_offer=10009622&hs=2217790082&sd=w.oferting.fr&go=https%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmclic%3DP4642355CBA8191%26argsite%3Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%26redir%3Dhttps%253A%252F%252Fwww.parfumsmoinschers.com%252F HTTP 302
  • https://action.metaffiliation.com/trk.php?mclic=P4642355CBA8191&argsite=07260034601000962209757726068189dce212a6a9997341079f93b6dcdce96d&redir=https%3A%2F%2Fwww.parfumsmoinschers.com%2F HTTP 302
  • https://www.parfumsmoinschers.com/?kwkuniv=P4642355CBA8100-ccp4642355cba8191-MDcyNjAwMzQ2MDEwMDA5NjIyMDk3NTc3MjYwNjgxODlkY2UyMTJhNmE5OTk3MzQxMDc5ZjkzYjZkY2RjZTk2ZA%3D%3D&utm_source=netaffiliation&utm_medium=cpc&utm_campaign=netaffiliation&utm_content=379816

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
r.oferting.fr/r/
Redirect Chain
  • https://w.oferting.fr/x/c/?hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzfDakLqzTPUoqaoa7KNTrA1d0r6oG2fK7_NrEEV2gY2hDDNP85n.0if.fnnEsxtdosXkk3cq8XMxmk7i0H6OYukkZ1eDOtgEbxzCR...
  • https://oferting.webpower.eu/x/c/?hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzfDakLqzTPUoqaoa7KNTrA1d0r6oG2fK7_NrEEV2gY2hDDNP85n.0if.fnnEsxtdosXkk3cq8XMxmk7i0H6OYukkZ1eDOt...
  • https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.f...
35 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.213.184.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.oferting.fr
Software
nginx/1.23.3 /
Resource Hash
0473510e4c0e6a82ee40e1fe0393882425c2af3d5ae7ad7443da39b166d2da6d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 09:37:45 GMT
Server
nginx/1.23.3
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 09:37:45 GMT
location
https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
p3p
policyref="https://oferting.webpower.eu/x/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND NAV COM"
server
nginx
a-00xy.min.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-00xy.min.js
Requested by
Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8055f27eeba86022e0c261677609b407d1b9cde2f6ff1389ee576b7992ec53ec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://r.oferting.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:40:23 GMT
content-encoding
gzip
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
50242
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
KSrWtTAGlU_U5m2l3mivbW425lyc93yP5Pk81FfVQ1EOtpM9Zn7eOg==
0f6236e0-0f87-431b-ba56-c3f6d629310e
ercm.clicplan.fr/r/dce212a6a9997341079f93b6dcdce96d/ 		0
0
asset
ersq.clicplan.fr/1693/ 		0
0
preload.gif
r.oferting.fr/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.oferting.fr/images/preload.gif
Requested by
Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.213.184.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.oferting.fr
Software
nginx/1.23.3 /
Resource Hash
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 09:37:45 GMT
Last-Modified
Tue, 28 Mar 2023 13:38:10 GMT
Server
nginx/1.23.3
ETag
"6422edc2-47ed"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18413
jquery-3.3.1.min.js
r.oferting.fr/js/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.oferting.fr/js/jquery-3.3.1.min.js
Requested by
Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.213.184.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.oferting.fr
Software
nginx/1.23.3 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 09:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 13:38:10 GMT
Server
nginx/1.23.3
ETag
W/"6422edc2-1538f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P5VTTG9
Requested by
Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a94c5e3a48a7eccc8a89fbafbda546120e63ef6a230459f40c17a488dd408ec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://r.oferting.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:37:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63371
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Dec 2023 09:37:45 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5VTTG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
988073c53b33d2ccfbfac2d60dc42a9af79dc055f2adfed2a433206e1d09a276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://r.oferting.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:37:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82591
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 09:37:45 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1702892265715&aid=a-00xy&se=e30&duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&tna=v2.11.2&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dparfumsmoinschers%26utm_...
  • https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&aid=a-00xy&tna=v2.11.2&dtstmp=1702892265715&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2...
13 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&aid=a-00xy&tna=v2.11.2&dtstmp=1702892265715&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dparfumsmoinschers%26utm_medium%3Ddedicado%26utm_campaign%3D10009622-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D7260%2526emn_c%253D68189%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D10009622-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10009622%2526hs%253D2217790082%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Faction.metaffiliation.com%25252Ftrk.php%25253Fmclic%25253DP4642355CBA8191%252526argsite%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%252526redir%25253Dhttps%2525253A%2525252F%2525252Fwww.parfumsmoinschers.com%2525252F&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUGFyZnVtc21vaW5zY2hlcnMncyB3ZWJzaXRlPC90aXRsZT4
Protocol
H2
Server
44.198.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-227-25.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://r.oferting.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:37:46 GMT
x-pixel-event-id
de210872-9604-4824-84e2-bdaa4e6620c4
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&aid=a-00xy&tna=v2.11.2&dtstmp=1702892265715&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dparfumsmoinschers%26utm_medium%3Ddedicado%26utm_campaign%3D10009622-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D7260%2526emn_c%253D68189%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D10009622-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10009622%2526hs%253D2217790082%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Faction.metaffiliation.com%25252Ftrk.php%25253Fmclic%25253DP4642355CBA8191%252526argsite%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%252526redir%25253Dhttps%2525253A%2525252F%2525252Fwww.parfumsmoinschers.com%2525252F&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUGFyZnVtc21vaW5zY2hlcnMncyB3ZWJzaXRlPC90aXRsZT4
access-control-allow-origin
https://r.oferting.fr
date
Mon, 18 Dec 2023 09:37:45 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B5QPSJDJ8N&gtm=45je3bt0v9119464476z89119459821&_p=1702892265522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=755181712.1702892266&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702892265&sct=1&seg=0&dl=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dparfumsmoinschers%26utm_medium%3Ddedicado%26utm_campaign%3D10009622-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D7260%2526emn_c%253D68189%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D10009622-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10009622%2526hs%253D2217790082%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Faction.metaffiliation.com%25252Ftrk.php%25253Fmclic%25253DP4642355CBA8191%252526argsite%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%252526redir%25253Dhttps%2525253A%2525252F%2525252Fwww.parfumsmoinschers.com%2525252F&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Parfumsmoinschers%27s%20website&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_md5=dce212a6a9997341079f93b6dcdce96d&ep.ref_newsletter=9757726&ep.ref_offer=10009622&ep.program_emn=Oferting&ep.origin_emn=manual&ep.user_group=new&ep.offer_label=C&ep.emn_i=346&ep.category_class=beauty&ep.ref_announcer=7260&tfd=793
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://r.oferting.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 09:37:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.oferting.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-rum-1.249.0.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.249.0.min.js
Requested by
Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=parfumsmoinschers&utm_medium=dedicado&utm_campaign=10009622-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=beauty&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D7260%26emn_c%3D68189%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D10009622-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10009622%26hs%3D2217790082%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Faction.metaffiliation.com%252Ftrk.php%253Fmclic%253DP4642355CBA8191%2526argsite%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%2526redir%253Dhttps%25253A%25252F%25252Fwww.parfumsmoinschers.com%25252F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://r.oferting.fr/
Origin
https://r.oferting.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
3PbzC_N7CIB1L071r8FgkLVtaRZzQS.L
content-encoding
br
via
1.1 varnish
date
Mon, 18 Dec 2023 09:37:45 GMT
strict-transport-security
max-age=300
x-amz-request-id
65DH7JH8XE0ZRJCG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15747
x-amz-id-2
5AEyMn5jeqC6XdXtAd4N9lyxiPbTqTV7KWYf0TEe3A5cy912YKWycUnjKWHqAOQVH9xDhloy9mI=
x-served-by
cache-lcy-eglc8600055-LCY
last-modified
Thu, 14 Dec 2023 16:36:09 GMT
server
AmazonS3
x-timer
S1702892266.811170,VS0,VE0
etag
"2ccd2352d2d5668fd135b1090e86b079"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
125727
801818eb79
bam.nr-data.net/1/ 		40 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/801818eb79?a=193777088&v=1.249.0&to=b1BbMUZZDxBTAkFYWlYaeAZAUQ4NHQBFQWpKUF0MRl0CFw%3D%3D&rst=863&ck=0&s=d59c7c2a51eb5640&ref=https://r.oferting.fr/r/&ap=15&be=524&fe=274&dc=108&at=QxdYRw5DHB4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1702892264970,%22n%22:0,%22f%22:407,%22dn%22:408,%22dne%22:408,%22c%22:408,%22s%22:436,%22ce%22:469,%22rq%22:469,%22rp%22:524,%22rpe%22:526,%22di%22:632,%22ds%22:632,%22de%22:632,%22dc%22:797,%22l%22:797,%22le%22:798%7D,%22navigation%22:%7B%7D%7D&fp=588&fcp=588
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.249.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://r.oferting.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 09:37:45 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://r.oferting.fr
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-lcy-eglc8600045-LCY
a-00xy
i.liadm.com/s/c/ Frame 528F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00xy.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.75.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-75-211.compute-1.amazonaws.com
Software
/
Resource Hash
61fbc69f0a42f73340add642edd29814c0b61bb13df0bc0a6b990eb34d9879f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://r.oferting.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
672
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 09:37:46 GMT
Request-Time
19
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
restricted
mid.rkdms.com/ Frame 528F
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3183931862166182124
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=2fd24d0a-2c2d-4334-bd11-50b815afee48&liid=&_ct=im
  • https://mid.rkdms.com/restricted
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/restricted
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Protocol
H2
Server
107.23.224.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-224-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 09:37:47 GMT
server
awselb/2.0
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://mid.rkdms.com/restricted
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
362358.gif
idsync.rlcdn.com/ Frame 528F
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2fd24d0a-2c2d-4334-bd11-50b815afee48
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=24c87353-06f6-4d5c-a801-c8234785fcac%3A1702892266.846073&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D24c87353-06f6-4d5c-a801-c8234785...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928937196197&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D24c87353-06f6-4d5c-a8...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=24c87353-06f6-4d5c-a801-c8234785fcac%3A1702892266.846073&_=1702892266.8490865
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjYyNGM4NzM1My0wNmY2LTRkNWMtYTgwMS1jODIzNDc4NWZjYWM6MTcwMjg5MjI2Ni44NDYwNzMQABoNCOulgKwGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
  • https://idsync.rlcdn.com/362358.gif?google_error=15
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_error=15
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:37:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 09:37:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 528F 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:37:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
live_intent_sync
x.dlx.addthis.com/e/ Frame 528F
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2fd24d0a-2c2d-4334-bd11-50b815afee48
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2fd24d0a-2c2d-4334-bd11-50b815afee48&rd=Y
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2fd24d0a-2c2d-4334-bd11-50b815afee48&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Protocol
H2
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 09:37:47 GMT
pragma
no-cache
date
Mon, 18 Dec 2023 09:37:47 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2fd24d0a-2c2d-4334-bd11-50b815afee48&rd=Y
pragma
no-cache
date
Mon, 18 Dec 2023 09:37:46 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Mon, 18 Dec 2023 09:37:46 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 528F 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 09:37:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
244670
expires
Mon, 18 Dec 2023 00:00:00 GMT
sync
x.bidswitch.net/ Frame 528F 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=liveintent&user_id=2fd24d0a-2c2d-4334-bd11-50b815afee48
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.73.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-73-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:37:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 528F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=2fd24d0a-2c2d-4334-bd11-50b815afee48
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=2fd24d0a-2c2d-4334-bd11-50b815afee48
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=2fd24d0a-2c2d-4334-bd11-50b815afee48
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm&euns=0&s=&version=v2.11.2&
Protocol
H2
Server
54.74.69.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-69-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-061d389cf.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Mon, 18 Dec 2023 09:37:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
HBfryDMuS4A=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0a8bf9e4f.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Mon, 18 Dec 2023 09:37:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
bMVBVVepTIA=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=2fd24d0a-2c2d-4334-bd11-50b815afee48
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
www.parfumsmoinschers.com/
Redirect Chain
  • https://trac.oferting.fr/of/?st=webpower_smtp&na=0&emn_i=346&emn_a=7260&emn_c=68189&emn_e=dce212a6a9997341079f93b6dcdce96d&emn_rt=0&ol=C&emn_p=&emn_cat=10009622-9757726&term=&emn_t=9757726&ref_offe...
  • https://action.metaffiliation.com/trk.php?mclic=P4642355CBA8191&argsite=07260034601000962209757726068189dce212a6a9997341079f93b6dcdce96d&redir=https%3A%2F%2Fwww.parfumsmoinschers.com%2F
  • https://www.parfumsmoinschers.com/?kwkuniv=P4642355CBA8100-ccp4642355cba8191-MDcyNjAwMzQ2MDEwMDA5NjIyMDk3NTc3MjYwNjgxODlkY2UyMTJhNmE5OTk3MzQxMDc5ZjkzYjZkY2RjZTk2ZA%3D%3D&utm_source=netaffiliation&u...
0
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B5QPSJDJ8N&gtm=45je3bt0v9119464476z89119459821&_p=1702892265522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=755181712.1702892266&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1702892265&sct=1&seg=0&dl=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dparfumsmoinschers%26utm_medium%3Ddedicado%26utm_campaign%3D10009622-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D7260%2526emn_c%253D68189%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D10009622-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10009622%2526hs%253D2217790082%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Faction.metaffiliation.com%25252Ftrk.php%25253Fmclic%25253DP4642355CBA8191%252526argsite%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%252526redir%25253Dhttps%2525253A%2525252F%2525252Fwww.parfumsmoinschers.com%2525252F&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Parfumsmoinschers%27s%20website&en=view_item&ep.user_md5=dce212a6a9997341079f93b6dcdce96d&ep.ref_newsletter=9757726&ep.ref_offer=10009622&ep.program_emn=Oferting&ep.origin_emn=manual&ep.user_group=new&ep.offer_label=C&ep.emn_i=346&ep.category_class=beauty&ep.ref_announcer=7260&_et=2&tfd=5796
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://r.oferting.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 09:37:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.oferting.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trac.oferting.fr/of/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ercm.clicplan.fr
URL
https://ercm.clicplan.fr/r/dce212a6a9997341079f93b6dcdce96d/0f6236e0-0f87-431b-ba56-c3f6d629310e
Domain
ersq.clicplan.fr
URL
https://ersq.clicplan.fr/1693/asset?type=IMG&optin=11&b_optin=11&email=dce212a6a9997341079f93b6dcdce96d@MD5
Domain
www.parfumsmoinschers.com
URL
https://www.parfumsmoinschers.com/?kwkuniv=P4642355CBA8100-ccp4642355cba8191-MDcyNjAwMzQ2MDEwMDA5NjIyMDk3NTc3MjYwNjgxODlkY2UyMTJhNmE5OTk3MzQxMDc5ZjkzYjZkY2RjZTk2ZA%3D%3D&utm_source=netaffiliation&utm_medium=cpc&utm_campaign=netaffiliation&utm_content=379816
Domain
trac.oferting.fr
URL
https://trac.oferting.fr/of/?st=webpower_smtp&na=0&emn_i=346&emn_a=7260&emn_c=68189&emn_e=dce212a6a9997341079f93b6dcdce96d&emn_rt=0&ol=C&emn_p=&emn_cat=10009622-9757726&term=&emn_t=9757726&ref_offer=10009622&hs=2217790082&sd=w.oferting.fr&go=https%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmclic%3DP4642355CBA8191%26argsite%3Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%26redir%3Dhttps%253A%252F%252Fwww.parfumsmoinschers.com%252F

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.249.0.PROD object| newrelic object| dataLayer object| LI object| __li__evt_bus object| liQ object| liQ_instances function| $ function| jQuery object| google_tag_manager object| google_tag_data object| gaGlobal

40 Cookies

Domain/Path Name / Value
trac.oferting.fr/of Name: emntkgidentifiant
Value: mpxgon03o7w2o7yf51tzds5u96vcasxm
trac.oferting.fr/of Name: emntkgidentifiant_cpl
Value: mpxgon03o7w2o7yf51tzds5u96vcasxm
trac.oferting.fr/of Name: emntkgidentifiant_cpv
Value: mpxgon03o7w2o7yf51tzds5u96vcasxm
trac.oferting.fr/of Name: emntkgidentifiant_usr
Value: dce212a6a9997341079f93b6dcdce96d
trac.oferting.fr/of Name: emntkg_308da0b7f92887c4ebcdbd801c729c36
Value: 7260%7C68189%7C346%7C0%7C
trac.oferting.fr/of Name: emntkg_cpl_308da0b7f92887c4ebcdbd801c729c36
Value: 7260%7C68189%7C346%7C0%7C
trac.oferting.fr/of Name: emntkg_cpv_308da0b7f92887c4ebcdbd801c729c36
Value: 7260%7C68189%7C346%7C0%7C
.liadm.com/j Name: lidid
Value: 2fd24d0a-2c2d-4334-bd11-50b815afee48
i.liadm.com/s Name: _li_ss
Value: CkUKBQgKEOEWCgYI3QEQ4RYKBgilARDhFgoGCIEBEOEWCgUIDBDrFgoGCKIBEOEWCgYIiwEQ4RYKBgjSARDhFgoFCH4Q4RY
.w.oferting.fr/ Name: DMDconv
Value: hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzfDakLqzTPUoqaoa7KNTrA1d0r6oG2fK7_NrEEV2gY2hDDNP85n.0if.fnnEsxtdosXkk3cq8XMxmk7i0H6OYukkZ1eDOtgEbxzCRPcTFz3lqGiKCjB_Jk2ddNgkjmve2a4XfiYOoP0ht0lX8KfzIfAMsWKTBxIz6xcMw_jvRRBO.up81S_nPAVnuC5eBQMkFORKq9zOJWXVd4nt0p.m02YTphYDmABiTT2piEvK7JXkQGBBymgJC1q6V5LqDshMcKccEppU1aoaKii5Z10AhhKur3Vh.0jboTkdUcnyI.ZPHb8aw2Q0Yyvttj0xXmpbk7BUR_2AjyAGReMUdPQomgjMnfx4H_7QnoH4Kd3uI7u1dE.ePFka25k4ErpUfNUCmcSG.x7Pg1T3HM1YtQiZpffFalwWdevv15aRFHsJNz3sw4y8TyGhnBH2D1EiuWbSAPTpadxh_xD_C4dlnVd8.9_ykM88FvH3rR9f9pdfC4.AAA41
.oferting.webpower.eu/ Name: DMDconv
Value: hVLBjqQgEP2VubS3sQUVZROymZ1On_awf9ChEZSMgEGM2a93CkYzvbuHqRipeq8oHw8FKzfDakLqzTPUoqaoa7KNTrA1d0r6oG2fK7_NrEEV2gY2hDDNP85n.0if.fnnEsxtdosXkk3cq8XMxmk7i0H6OYukkZ1eDOtgEbxzCRPcTFz3lqGiKCjB_Jk2ddNgkjmve2a4XfiYOoP0ht0lX8KfzIfAMsWKTBxIz6xcMw_jvRRBO.up81S_nPAVnuC5eBQMkFORKq9zOJWXVd4nt0p.m02YTphYDmABiTT2piEvK7JXkQGBBymgJC1q6V5LqDshMcKccEppU1aoaKii5Z10AhhKur3Vh.0jboTkdUcnyI.ZPHb8aw2Q0Yyvttj0xXmpbk7BUR_2AjyAGReMUdPQomgjMnfx4H_7QnoH4Kd3uI7u1dE.ePFka25k4ErpUfNUCmcSG.x7Pg1T3HM1YtQiZpffFalwWdevv15aRFHsJNz3sw4y8TyGhnBH2D1EiuWbSAPTpadxh_xD_C4dlnVd8.9_ykM88FvH3rR9f9pdfC4.AAA41
.oferting.fr/ Name: _li_dcdm_c
Value: .oferting.fr
.oferting.fr/ Name: _lc2_fpi
Value: 6b4e69b91e72--01hhy4kr3sb7sf4aqfestn7vnm
.oferting.fr/ Name: _lc2_fpi_meta
Value: {%22w%22:1702892265593}
.oferting.fr/ Name: _ga
Value: GA1.1.755181712.1702892266
.oferting.fr/ Name: _ga_B5QPSJDJ8N
Value: GS1.1.1702892265.1.0.1702892265.0.0.0
.liadm.com/ Name: lidid
Value: 2fd24d0a-2c2d-4334-bd11-50b815afee48
.oferting.fr/ Name: _li_ss
Value: CjUKBQgKEOEWCgYI3QEQ4RYKBQgMEOsWCgYIogEQ4RYKBgiLARDhFgoGCNIBEOEWCgUIfhDhFg
.oferting.fr/ Name: _li_ss_meta
Value: {%22w%22:1702892266717%2C%22e%22:1705484266717}
.demdex.net/ Name: demdex
Value: 01137396242731030701962011013885560375
.turn.com/ Name: uid
Value: 3183931862166182124
.dpm.demdex.net/ Name: dpm
Value: 01137396242731030701962011013885560375
.addthis.com/ Name: na_id
Value: 2023121809374600051621942424
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 658012eadc2c7170
.addthis.com/ Name: ouid
Value: 658012ea00010fba79dd979e878901ddbf72bc7cfe447772ae93
.rezync.com/ Name: zync-uuid
Value: 24c87353-06f6-4d5c-a801-c8234785fcac:1702892266.846073
.metaffiliation.com/ Name: kwknc
Value: cp4642355cba8191-MDcyNjAwMzQ2MDEwMDA5NjIyMDk3NTc3MjYwNjgxODlkY2UyMTJhNmE5OTk3MzQxMDc5ZjkzYjZkY2RjZTk2ZA%3D%3D
.metaffiliation.com/ Name: kwknc_ssc
Value: cp4642355cba8191-MDcyNjAwMzQ2MDEwMDA5NjIyMDk3NTc3MjYwNjgxODlkY2UyMTJhNmE5OTk3MzQxMDc5ZjkzYjZkY2RjZTk2ZA%3D%3D
.metaffiliation.com/ Name: kwkncses
Value: cp4642355cba8191-MDcyNjAwMzQ2MDEwMDA5NjIyMDk3NTc3MjYwNjgxODlkY2UyMTJhNmE5OTk3MzQxMDc5ZjkzYjZkY2RjZTk2ZA%3D%3D
.metaffiliation.com/ Name: kwkncses_ssc
Value: cp4642355cba8191-MDcyNjAwMzQ2MDEwMDA5NjIyMDk3NTc3MjYwNjgxODlkY2UyMTJhNmE5OTk3MzQxMDc5ZjkzYjZkY2RjZTk2ZA%3D%3D
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0srA0Nje0NDO0NBfiM9SN8vfOK_OsqiwyLg4CAOA4NyElAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByQ3AIAwEwE_acWR8rBe6QUYUksoz8z2waJani-JC4mTLpg5pmkcxb-9eo9Q4zYCXAS3_AWHOzxE5AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0srA0Nje0NDO0NBfiM9SN8vfOK_OsqiwyLg4CAOA4NyElAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_5skbGZkkmxhbmxqrGtglmama5JimqybaGFgqJtsYWRsYm5hmpacmGxlaG5gZGFpZGRmpmdhYmZgbjxLmBcuBqSNFqHyjQHVNdpLWQAAAA
.dlx.addthis.com/ Name: na_sc_x
Value: 1
live.rezync.com/ Name: sd-session-id
Value: .eJwNzEsKwzAMANG7aB0X-SfJvkwwigOmTVridNOQu9fLgcdcMH_qsZW97ifk8_jWCfTVRnXIF_T22-oTMkQbECUkJ8mzTWQTwz1Br7239z63ZRgXVNhHb5BWMmGJaoqgNSrOB5a4atFsGcfDOaKHBEL2cP8BeawlGw.ZYAS6w.bYtzXEDxElyU_2SCnHoMKXbmooI
.rlcdn.com/ Name: rlas3
Value: FESlKOlyn9jh6V6Pyg33g6QG/tg6PgAV0EF32D8yqg8=
.rlcdn.com/ Name: pxrc
Value: COulgKwGEgUI6AcQABIGCLrqARAA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
network error URL: https://ercm.clicplan.fr/r/dce212a6a9997341079f93b6dcdce96d/0f6236e0-0f87-431b-ba56-c3f6d629310e
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ersq.clicplan.fr/1693/asset?type=IMG&optin=11&b_optin=11&email=dce212a6a9997341079f93b6dcdce96d@MD5
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-code.liadm.com
b1sync.zemanta.com
bam.nr-data.net
cm.g.doubleclick.net
d.turn.com
dis.criteo.com
dpm.demdex.net
ercm.clicplan.fr
ersq.clicplan.fr
i.liadm.com
idsync.rlcdn.com
js-agent.newrelic.com
live.rezync.com
match.adsrvr.org
mid.rkdms.com
oferting.webpower.eu
p.rfihub.com
r.oferting.fr
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
trac.oferting.fr
w.oferting.fr
www.googletagmanager.com
www.parfumsmoinschers.com
x.bidswitch.net
x.dlx.addthis.com
ercm.clicplan.fr
ersq.clicplan.fr
trac.oferting.fr
www.parfumsmoinschers.com
107.23.224.201
142.250.185.162
151.101.130.137
162.247.243.29
178.250.1.9
18.66.248.56
193.0.160.130
2001:4860:4802:32::36
2001:678:cb4:bbbb::13
2600:1f18:730:b150:6f5f:943c:95a6:9eb1
2600:9000:225e:c400:8:8845:1500:93a1
2a00:1450:4001:802::2008
34.199.75.211
35.157.73.176
35.244.174.68
35.71.131.137
44.198.227.25
52.213.184.39
54.74.69.97
64.202.112.127
72.246.169.24
91.197.72.25
0473510e4c0e6a82ee40e1fe0393882425c2af3d5ae7ad7443da39b166d2da6d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61fbc69f0a42f73340add642edd29814c0b61bb13df0bc0a6b990eb34d9879f2
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
8055f27eeba86022e0c261677609b407d1b9cde2f6ff1389ee576b7992ec53ec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
988073c53b33d2ccfbfac2d60dc42a9af79dc055f2adfed2a433206e1d09a276
a94c5e3a48a7eccc8a89fbafbda546120e63ef6a230459f40c17a488dd408ec0
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9