r.oferting.fr Open in urlscan Pro
52.213.184.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://w.oferting.fr/x/c/?hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVGtXlDG6BoFfsQNopStQ1D...
Effective URL:
https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=be...
Submission: On December 18 via api (December 18th 2023, 9:38:19 am UTC) from ES — Scanned from FR

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 21 domains to perform 19 HTTP transactions. The main IP is 52.213.184.39, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is r.oferting.fr.
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.

This is the only time r.oferting.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

mentionslegales-trafic-generique-decembre.pdf 89 KB application/pdf

SHA256: c5fcc734e8d6a7969496c650ee9909f8077fcc3e849bee58de2862e2809de6e2

MIME: PDF document, version 1.3

Size: 89 KB (90974 bytes, 100% done)

Downloaded from: https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d

Domain & IP information

	IP Address	AS Autonomous System
2 2	91.197.72.25 91.197.72.25	20559 (FUNDAMENT...) (FUNDAMENTS-AS)
1 4	52.213.184.39 52.213.184.39	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:4800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b150:6f5f:943c:95a6:9eb1	14618 (AMAZON-AES) (AMAZON-AES)
1	44.198.227.25 44.198.227.25	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3 4	34.199.75.211 34.199.75.211	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:303... 2606:4700:3034::6815:465f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.66.248.56 18.66.248.56	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 3	35.244.174.68 35.244.174.68	() ()
2 2	142.250.185.162 142.250.185.162	() ()
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.209.217.80 52.209.217.80	() ()
1 2	2.18.97.171 2.18.97.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	18.158.157.189 18.158.157.189	16509 (AMAZON-02) (AMAZON-02)
1 1	50.31.142.63 50.31.142.63	() ()
19	14

2 91.197.72.25 (Netherlands) 2 redirects

ASN20559 (FUNDAMENTS-AS, NL)
PTR: eu25.webpower.eu

w.oferting.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oferting.webpower.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.184.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: mail.oferting.fr

r.oferting.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trac.oferting.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:4800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:6f5f:943c:95a6:9eb1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.227.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-227-25.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.199.75.211 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-75-211.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:465f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

olx.relieautr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

collecte.aventurecollecte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.adv-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.56 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-56.dus51.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (None, ) 2 redirects

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (None, ) 2 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.217.80 (None, ) 1 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.97.171 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-171.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.157.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.63 (None, ) 1 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	liadm.com 4 redirects b-code.liadm.com — Cisco Umbrella Rank: 2977 rp.liadm.com — Cisco Umbrella Rank: 1632 rp4.liadm.com — Cisco Umbrella Rank: 6685 i.liadm.com — Cisco Umbrella Rank: 517	20 KB
5	oferting.fr 2 redirects w.oferting.fr r.oferting.fr trac.oferting.fr	56 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com	867 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1554	1 KB
2	demdex.net 1 redirects dpm.demdex.net	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	1 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	615 B
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1785	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	143 KB
1	zemanta.com 1 redirects b1sync.zemanta.com	291 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1349	416 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	1 KB
1	adv-img.com i.adv-img.com
1	aventurecollecte.com 1 redirects collecte.aventurecollecte.com	819 B
1	relieautr.com 1 redirects olx.relieautr.com	564 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	243 B
1	webpower.eu 1 redirects oferting.webpower.eu	1 KB
0	clicplan.fr Failed ercm.clicplan.fr Failed ersq.clicplan.fr Failed
19	21

	Domain	Requested by
4	i.liadm.com	3 redirects b-code.liadm.com
3	idsync.rlcdn.com	2 redirects i.liadm.com
3	r.oferting.fr	r.oferting.fr
2	x.bidswitch.net	i.liadm.com
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	1 redirects i.liadm.com
2	ib.adnxs.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	live.rezync.com	2 redirects
2	www.googletagmanager.com	r.oferting.fr www.googletagmanager.com
1	b1sync.zemanta.com	1 redirects
1	dis.criteo.com	i.liadm.com
1	d.turn.com	1 redirects
1	match.adsrvr.org	i.liadm.com
1	p.rfihub.com	1 redirects
1	i.adv-img.com
1	collecte.aventurecollecte.com	1 redirects
1	olx.relieautr.com	1 redirects
1	trac.oferting.fr	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	b-code.liadm.com	r.oferting.fr
1	oferting.webpower.eu	1 redirects
1	w.oferting.fr	1 redirects
0	ersq.clicplan.fr Failed	r.oferting.fr
0	ercm.clicplan.fr Failed	r.oferting.fr
19	27

This site contains no links.

Subject Issuer	Validity	Valid
r.oferting.fr R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adv-img.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 2 frames:

Frame: https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
Frame ID: 13701A71F22379A8AFF7ED0017E31E19
Requests: 11 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&
Frame ID: A230456106359CC0999C42854D9EA5A4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oferting -- we are redirecting you to Redbysfr's website

Page URL History Show full URLs

https://w.oferting.fr/x/c/?hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVG... HTTP 302
https://oferting.webpower.eu/x/c/?hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVG... HTTP 302
https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&ori... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

63 %
HTTPS

32 %
IPv6

21
Domains

27
Subdomains

14
IPs

6
Countries

216 kB
Transfer

559 kB
Size

32
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://w.oferting.fr/x/c/?hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVGtXlDG6BoFfsQNopStQ1DivA.WxOTGbm.jOogG13jtRZ.SNH85HOK9fIiHb0vypzksURkRjW4vs42fpZ__Zt4b7RYvNBxK6vDGKwDSdaPACNUcEfLAG9o0hBVHiK4TXo6LHN46koletEYu6VK4mJIowApUTiWSUX2BnRjN_eqCi6NRyYXxOsCu_r4jR3hSlOp_EqCCzVJ1nNOuej6bdgpnE0_zT9OOsFECiQAYP54c4KpmW5WVR.qIt1JBiRnmNd8IA4RWhmAimeScN1WNUcMtr1qmFSic6c0a03ZLGAA8bewE_PZxmR0fUwMx5.Nuy6Z3LRp7ChZmvWsFup9zTTiuOWU8..6s8_T.xsK6AOQ1PEJzfDQHCK8w.NlHM7i8lLhXwRc2B.sKzTdfdUyXyWTwfNuG8dINWWeu8K1T6EUjq2WHWtf3Gmlr_heLtCku_XtxujhzSenTrx8bKkeZeN4cKG8CwXLQbVK0BXHdyf8WsWrx042vn7amB0L_AgA31 HTTP 302
https://oferting.webpower.eu/x/c/?hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVGtXlDG6BoFfsQNopStQ1DivA.WxOTGbm.jOogG13jtRZ.SNH85HOK9fIiHb0vypzksURkRjW4vs42fpZ__Zt4b7RYvNBxK6vDGKwDSdaPACNUcEfLAG9o0hBVHiK4TXo6LHN46koletEYu6VK4mJIowApUTiWSUX2BnRjN_eqCi6NRyYXxOsCu_r4jR3hSlOp_EqCCzVJ1nNOuej6bdgpnE0_zT9OOsFECiQAYP54c4KpmW5WVR.qIt1JBiRnmNd8IA4RWhmAimeScN1WNUcMtr1qmFSic6c0a03ZLGAA8bewE_PZxmR0fUwMx5.Nuy6Z3LRp7ChZmvWsFup9zTTiuOWU8..6s8_T.xsK6AOQ1PEJzfDQHCK8w.NlHM7i8lLhXwRc2B.sKzTdfdUyXyWTwfNuG8dINWWeu8K1T6EUjq2WHWtf3Gmlr_heLtCku_XtxujhzSenTrx8bKkeZeN4cKG8CwXLQbVK0BXHdyf8WsWrx042vn7amB0L_AgA31stored HTTP 302
https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://rp.liadm.com/j?dtstmp=1702892295323&aid=a-00xy&se=e30&duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&tna=v2.11.2&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dredbysfr%26utm_medium%3Ddedicado%26utm_campaign%3D10049022-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dtech%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D8581%2526emn_c%253D161949%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10049022-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10049022%2526hs%253D1291495691%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Folx.relieautr.com%25252Ftracking%25252F%25253Ftype%25253Dredirectemail%252526i%25253Dbic0jd0fdag0bihhd0dfehjf0de%252526avuid%25253D%2525255BUID%2525255D%252526emn_sid%25253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d&wpn=lc-bundle&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUmVkYnlzZnIncyB3ZWJzaXRlPC90aXRsZT4 HTTP 302
https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&aid=a-00xy&tna=v2.11.2&dtstmp=1702892295323&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dredbysfr%26utm_medium%3Ddedicado%26utm_campaign%3D10049022-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dtech%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D8581%2526emn_c%253D161949%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10049022-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10049022%2526hs%253D1291495691%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Folx.relieautr.com%25252Ftracking%25252F%25253Ftype%25253Dredirectemail%252526i%25253Dbic0jd0fdag0bihhd0dfehjf0de%252526avuid%25253D%2525255BUID%2525255D%252526emn_sid%25253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUmVkYnlzZnIncyB3ZWJzaXRlPC90aXRsZT4

Request Chain 10

https://trac.oferting.fr/of/?st=webpower_smtp&na=0&emn_i=346&emn_a=8581&emn_c=161949&emn_e=dce212a6a9997341079f93b6dcdce96d&emn_rt=0&ol=B&emn_p=&emn_cat=10049022-9757726&term=&emn_t=9757726&ref_offer=10049022&hs=1291495691&sd=w.oferting.fr&go=https%3A%2F%2Folx.relieautr.com%2Ftracking%2F%3Ftype%3Dredirectemail%26i%3Dbic0jd0fdag0bihhd0dfehjf0de%26avuid%3D%255BUID%255D%26emn_sid%3D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d HTTP 302
https://olx.relieautr.com/tracking/?type=redirectemail&i=bic0jd0fdag0bihhd0dfehjf0de&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d HTTP 301
http://collecte.aventurecollecte.com/tracking/?type=redirectemail&iid=bic0jd0fdag0bihhd0dfehjf0de&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d HTTP 302
https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d

Request Chain 11

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=755ccdca-4b13-4adc-ae4f-1cc959157709 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=360fed2e-9a9e-438e-8bf5-398c6195c065%3A1702892298.5436482&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D360fed2e-9a9e-438e-8bf5-398c6195c065%253A1702892298.5436482%26_%3D1702892298.5454943&cb=1702892298.5455334 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336726968825681&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D360fed2e-9a9e-438e-8bf5-398c6195c065%253A1702892298.5436482%26_%3D1702892298.5454943 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=360fed2e-9a9e-438e-8bf5-398c6195c065%3A1702892298.5436482&_=1702892298.5454943 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjczNjBmZWQyZS05YTllLTQzOGUtOGJmNS0zOThjNjE5NWMwNjU6MTcwMjg5MjI5OC41NDM2NDgyEAAaDQiKpoCsBhIFCOgHEABCAEoA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_error=15

Request Chain 13

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2676551922701615957 HTTP 303
https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fi.liadm.com%2Fs%2F81081%3Fbidder_id%3D91218%26bidder_uuid%3D%24UID%26gdpr%3D0 HTTP 302
https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=2671030032584130310&gdpr=0 HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=755ccdca-4b13-4adc-ae4f-1cc959157709 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=755ccdca-4b13-4adc-ae4f-1cc959157709

Request Chain 14

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=755ccdca-4b13-4adc-ae4f-1cc959157709 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=755ccdca-4b13-4adc-ae4f-1cc959157709&rd=Y

Request Chain 17

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=755ccdca-4b13-4adc-ae4f-1cc959157709&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
r.oferting.fr/r/
Redirect Chain

https://w.oferting.fr/x/c/?hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVGtXlDG6BoFfsQNopStQ1DivA.WxOTGbm.jOogG13jtRZ.SNH85HOK9fIiHb0vypzksURkRjW4vs42fpZ__Zt4b7RYvNBxK6vDGKw...
https://oferting.webpower.eu/x/c/?hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVGtXlDG6BoFfsQNopStQ1DivA.WxOTGbm.jOogG13jtRZ.SNH85HOK9fIiHb0vypzksURkRjW4vs42fpZ__Zt4b7RYvNBx...
https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3...

4 KB
2 KB

112ms
41ms

Document
text/html

52.213.184.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.184.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: mail.oferting.fr
Software: nginx/1.23.3 /
Resource Hash: 059402ab75b04caa016e1c8c800fc696925e18f92ce44cb69e2adc7be87b61ad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Dec 2023 09:38:15 GMT
Server: nginx/1.23.3
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Dec 2023 09:38:14 GMT
location: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
p3p: policyref="https://oferting.webpower.eu/x/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND NAV COM"
server: nginx

GET
H2 200 a-00xy.min.js Show response
b-code.liadm.com/ 47 KB
15 KB 86ms
32ms Script
application/javascript 2600:9000:225e:4800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00xy.min.js
Requested by: Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8055f27eeba86022e0c261677609b407d1b9cde2f6ff1389ee576b7992ec53ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://r.oferting.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 19:40:23 GMT
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 50272
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: K6oEndCaSP6TiPL38UsewohKMJlHb-IwmM73UwtvvTR6MEsBs4hLKQ==

GET 0f6236e0-0f87-431b-ba56-c3f6d629310e
ercm.clicplan.fr/r/dce212a6a9997341079f93b6dcdce96d/ 0
0

GET asset
ersq.clicplan.fr/1693/ 0
0

GET
H/1.1 200
OK preload.gif
r.oferting.fr/images/ 18 KB
18 KB 58ms
58ms Image
image/gif 52.213.184.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.oferting.fr/images/preload.gif
Requested by: Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.184.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: mail.oferting.fr
Software: nginx/1.23.3 /
Resource Hash: 7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 09:38:15 GMT
Last-Modified: Tue, 28 Mar 2023 13:38:10 GMT
Server: nginx/1.23.3
ETag: "6422edc2-47ed"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18413

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
r.oferting.fr/js/ 85 KB
34 KB 122ms
66ms Script
application/javascript 52.213.184.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.oferting.fr/js/jquery-3.3.1.min.js
Requested by: Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.184.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: mail.oferting.fr
Software: nginx/1.23.3 /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 09:38:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Mar 2023 13:38:10 GMT
Server: nginx/1.23.3
ETag: W/"6422edc2-1538f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
62 KB 94ms
35ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5VTTG9

Requested by

Host: r.oferting.fr
URL: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30c6a91d4b1952266318a0f41f3f624be6be6aa5e69cc66519f94dcd90ed81c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://r.oferting.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 09:38:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63371
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Dec 2023 09:38:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5VTTG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

988073c53b33d2ccfbfac2d60dc42a9af79dc055f2adfed2a433206e1d09a276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://r.oferting.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 09:38:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 09:38:15 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1702892295323&aid=a-00xy&se=e30&duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&tna=v2.11.2&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dredbysfr%26utm_medium%3D...
https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&aid=a-00xy&tna=v2.11.2&dtstmp=1702892295323&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2...

13 B
318 B

303ms
96ms

XHR
application/json

44.198.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&aid=a-00xy&tna=v2.11.2&dtstmp=1702892295323&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dredbysfr%26utm_medium%3Ddedicado%26utm_campaign%3D10049022-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dtech%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D8581%2526emn_c%253D161949%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10049022-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10049022%2526hs%253D1291495691%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Folx.relieautr.com%25252Ftracking%25252F%25253Ftype%25253Dredirectemail%252526i%25253Dbic0jd0fdag0bihhd0dfehjf0de%252526avuid%25253D%2525255BUID%2525255D%252526emn_sid%25253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUmVkYnlzZnIncyB3ZWJzaXRlPC90aXRsZT4
Protocol: H2
Server: 44.198.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-227-25.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://r.oferting.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 09:38:15 GMT
x-pixel-event-id: 3b8fc791-3a0d-4d80-ae0f-57925024dbfc
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&aid=a-00xy&tna=v2.11.2&dtstmp=1702892295323&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dredbysfr%26utm_medium%3Ddedicado%26utm_campaign%3D10049022-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dtech%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D8581%2526emn_c%253D161949%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10049022-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10049022%2526hs%253D1291495691%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Folx.relieautr.com%25252Ftracking%25252F%25253Ftype%25253Dredirectemail%252526i%25253Dbic0jd0fdag0bihhd0dfehjf0de%252526avuid%25253D%2525255BUID%2525255D%252526emn_sid%25253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUmVkYnlzZnIncyB3ZWJzaXRlPC90aXRsZT4
access-control-allow-origin: https://r.oferting.fr
date: Mon, 18 Dec 2023 09:38:15 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 70ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B5QPSJDJ8N&gtm=45je3bt0v9119464476z89119459821&_p=1702892295122&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=328843774.1702892295&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702892295&sct=1&seg=0&dl=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dredbysfr%26utm_medium%3Ddedicado%26utm_campaign%3D10049022-9757726%26orig%3Dmanual%26utm_term%3Dbeauty%26rtt%3D%26f%3D0%26c%3Dtech%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D8581%2526emn_c%253D161949%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10049022-9757726%2526term%253D%2526emn_t%253D9757726%2526ref_offer%253D10049022%2526hs%253D1291495691%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Folx.relieautr.com%25252Ftracking%25252F%25253Ftype%25253Dredirectemail%252526i%25253Dbic0jd0fdag0bihhd0dfehjf0de%252526avuid%25253D%2525255BUID%2525255D%252526emn_sid%25253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Redbysfr%27s%20website&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_md5=dce212a6a9997341079f93b6dcdce96d&ep.ref_newsletter=9757726&ep.ref_offer=10049022&ep.program_emn=Oferting&ep.origin_emn=manual&ep.user_group=new&ep.offer_label=B&ep.emn_i=346&ep.category_class=tech&ep.ref_announcer=8581&tfd=533
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://r.oferting.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 09:38:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.oferting.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a-00xy Show response
i.liadm.com/s/c/ Frame A230 1 KB
1 KB 2488ms
108ms Document
text/html 34.199.75.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00xy.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.75.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-75-211.compute-1.amazonaws.com

Software

Resource Hash

0c3c466e8c6e497662d6d7592fb6ce1274f034c0f31b12081d170ab3c07a6e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://r.oferting.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 687
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Dec 2023 09:38:18 GMT
Request-Time: 15
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2

200

mentionslegales-trafic-generique-decembre.pdf
i.adv-img.com/content/upl/red/2023/Trafic/
Redirect Chain

https://trac.oferting.fr/of/?st=webpower_smtp&na=0&emn_i=346&emn_a=8581&emn_c=161949&emn_e=dce212a6a9997341079f93b6dcdce96d&emn_rt=0&ol=B&emn_p=&emn_cat=10049022-9757726&term=&emn_t=9757726&ref_off...
https://olx.relieautr.com/tracking/?type=redirectemail&i=bic0jd0fdag0bihhd0dfehjf0de&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
http://collecte.aventurecollecte.com/tracking/?type=redirectemail&iid=bic0jd0fdag0bihhd0dfehjf0de&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d

0
0

81ms
37ms

Document
application/pdf

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757726&orig=manual&utm_term=beauty&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757726%26term%3D%26emn_t%3D9757726%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83766ea17fad3cf3-CDG
content-length: 90974
content-type: application/pdf
date: Mon, 18 Dec 2023 09:38:18 GMT
etag: "1635e-60b7435c7538b"
last-modified: Fri, 01 Dec 2023 15:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XQ1poL7QUFZENS0YUKpr%2FFlKdVAOQ7keAwQtaBwIfyESfQTwl0rDMjlIaEW63DCA5miNTTobzuRAP9833A%2B3PnGJxXh1DCzvQlvenettOwsGK1F6%2FEfNNAzzVnY9MRggfRi%2B%2FTe0pzP%2FewL"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 83766ea0fc273ce1-CDG
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Dec 2023 09:38:18 GMT
Location: https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757726161949dce212a6a9997341079f93b6dcdce96d
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZrPfwxF2dV7aHXa7ytejJpEs8zyCL6cNtozfp%2Bd9hQWs6NkjMmGIRJxch7a%2F26ldx3BErodaNxYTFDeTiMLnbN4QCjXbaGWEl41%2B%2FcSqyzLW5FlE3sLITUVWdL3U9G5K9ptVKIwHWdHyXojUef24M0VFkTDvyhJqVhZbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame A230
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=755ccdca-4b13-4adc-ae4f-1cc959157709
https://p.rfihub.com/cm?pub=39342&in=1&userid=360fed2e-9a9e-438e-8bf5-398c6195c065%3A1702892298.5436482&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D360fed2e-9a9e-438e-8bf5-398c619...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336726968825681&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D360fed2e-9a9e-438e-8b...
https://idsync.rlcdn.com/501709.gif?partner_uid=360fed2e-9a9e-438e-8bf5-398c6195c065%3A1702892298.5436482&_=1702892298.5454943
https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjczNjBmZWQyZS05YTllLTQzOGUtOGJmNS0zOThjNjE5NWMwNjU6MTcwMjg5MjI5OC41NDM2NDgyEAAaDQiKpoCsBhIFCOgHEABCAEoA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_error=15

42 B
60 B

26ms
26ms

Image
image/gif

35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_error=15
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&
Protocol: H3
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 09:38:19 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 18 Dec 2023 09:38:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A230 70 B
149 B 110ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 09:38:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame A230
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2676551922701615957
https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fi.liadm.com%2Fs%2F81081%3Fbidder_id%3D91218%26bidder_uuid%3D%24UID%26gdpr%3D0
https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=2671030032584130310&gdpr=0
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=755ccdca-4b13-4adc-ae4f-1cc959157709
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=755ccdca-4b13-4adc-ae4f-1cc959157709

42 B
717 B

35ms
34ms

Image
image/gif

52.209.217.80

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=755ccdca-4b13-4adc-ae4f-1cc959157709

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&

Protocol

Server

52.209.217.80 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 18 Dec 2023 09:38:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Y5zo/EwwSlU=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-037a2ac12.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 18 Dec 2023 09:38:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: dAHHyFnLRLc=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=755ccdca-4b13-4adc-ae4f-1cc959157709
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame A230
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=755ccdca-4b13-4adc-ae4f-1cc959157709
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=755ccdca-4b13-4adc-ae4f-1cc959157709&rd=Y

43 B
594 B

183ms
182ms

Image
image/gif

2.18.97.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=755ccdca-4b13-4adc-ae4f-1cc959157709&rd=Y

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&

Protocol

Server

2.18.97.171 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-97-171.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 18 Dec 2023 09:38:18 GMT
pragma: no-cache
date: Mon, 18 Dec 2023 09:38:18 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=755ccdca-4b13-4adc-ae4f-1cc959157709&rd=Y
pragma: no-cache
date: Mon, 18 Dec 2023 09:38:18 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 18 Dec 2023 09:38:18 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame A230 43 B
363 B 71ms
22ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 09:38:17 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 214323
expires: Mon, 18 Dec 2023 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame A230 43 B
146 B 78ms
23ms Image
image/gif 18.158.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=liveintent&user_id=755ccdca-4b13-4adc-ae4f-1cc959157709
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 09:38:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

syncd
x.bidswitch.net/ Frame A230
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=755ccdca-4b13-4adc-ae4f-1cc959157709&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D

43 B
145 B

23ms
23ms

Image
image/gif

18.158.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=755ccdca-4b13-4adc-ae4f-1cc959157709&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv&euns=0&s=&version=v2.11.2&
Protocol: H2
Server: 18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 09:38:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=755ccdca-4b13-4adc-ae4f-1cc959157709&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
Date: Mon, 18 Dec 2023 09:38:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ercm.clicplan.fr
URL: https://ercm.clicplan.fr/r/dce212a6a9997341079f93b6dcdce96d/0f6236e0-0f87-431b-ba56-c3f6d629310e

Domain: ersq.clicplan.fr
URL: https://ersq.clicplan.fr/1693/asset?type=IMG&optin=11&b_optin=11&email=dce212a6a9997341079f93b6dcdce96d@MD5

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trac.oferting.fr/of	1970-01-20 17:01:32	Name: emntkgidentifiant Value: 3olgpt1ivukitmmhaipwbhiop67p9dc2
trac.oferting.fr/of	1970-01-20 17:44:44	Name: emntkgidentifiant_cpl Value: 3olgpt1ivukitmmhaipwbhiop67p9dc2
trac.oferting.fr/of	1970-01-20 17:44:44	Name: emntkgidentifiant_cpv Value: 3olgpt1ivukitmmhaipwbhiop67p9dc2
trac.oferting.fr/of	1970-01-20 17:44:44	Name: emntkgidentifiant_usr Value: dce212a6a9997341079f93b6dcdce96d
trac.oferting.fr/of	1970-01-20 17:01:32	Name: emntkg_72232364aac7137d5c7486341fc694cd Value: 8581%7C161949%7C346%7C0%7C
trac.oferting.fr/of	1970-01-20 17:44:44	Name: emntkg_cpl_72232364aac7137d5c7486341fc694cd Value: 8581%7C161949%7C346%7C0%7C
trac.oferting.fr/of	1970-01-20 17:44:44	Name: emntkg_cpv_72232364aac7137d5c7486341fc694cd Value: 8581%7C161949%7C346%7C0%7C
.liadm.com/j	1970-01-21 02:37:32	Name: lidid Value: 755ccdca-4b13-4adc-ae4f-1cc959157709
i.liadm.com/s	1970-01-20 17:44:44	Name: _li_ss Value: CkUKBQgKEOEWCgYI3QEQ4RYKBgjhARDhFgoGCIEBEOEWCgUIDBDrFgoGCKIBEOEWCgYIiwEQ4RYKBgjSARDhFgoFCH4Q4RY
.w.oferting.fr/	1970-01-20 17:44:44	Name: DMDconv Value: hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVGtXlDG6BoFfsQNopStQ1DivA.WxOTGbm.jOogG13jtRZ.SNH85HOK9fIiHb0vypzksURkRjW4vs42fpZ__Zt4b7RYvNBxK6vDGKwDSdaPACNUcEfLAG9o0hBVHiK4TXo6LHN46koletEYu6VK4mJIowApUTiWSUX2BnRjN_eqCi6NRyYXxOsCu_r4jR3hSlOp_EqCCzVJ1nNOuej6bdgpnE0_zT9OOsFECiQAYP54c4KpmW5WVR.qIt1JBiRnmNd8IA4RWhmAimeScN1WNUcMtr1qmFSic6c0a03ZLGAA8bewE_PZxmR0fUwMx5.Nuy6Z3LRp7ChZmvWsFup9zTTiuOWU8..6s8_T.xsK6AOQ1PEJzfDQHCK8w.NlHM7i8lLhXwRc2B.sKzTdfdUyXyWTwfNuG8dINWWeu8K1T6EUjq2WHWtf3Gmlr_heLtCku_XtxujhzSenTrx8bKkeZeN4cKG8CwXLQbVK0BXHdyf8WsWrx042vn7amB0L_AgA31
.oferting.webpower.eu/	1970-01-20 17:44:44	Name: DMDconv Value: hVFNj9sgFPwrvaS3TQAbvLRCVVerSJV67TnCfNjsGmNh3DS.3n0QZzfdSyXLzJuZZ.zmKVGtXlDG6BoFfsQNopStQ1DivA.WxOTGbm.jOogG13jtRZ.SNH85HOK9fIiHb0vypzksURkRjW4vs42fpZ__Zt4b7RYvNBxK6vDGKwDSdaPACNUcEfLAG9o0hBVHiK4TXo6LHN46koletEYu6VK4mJIowApUTiWSUX2BnRjN_eqCi6NRyYXxOsCu_r4jR3hSlOp_EqCCzVJ1nNOuej6bdgpnE0_zT9OOsFECiQAYP54c4KpmW5WVR.qIt1JBiRnmNd8IA4RWhmAimeScN1WNUcMtr1qmFSic6c0a03ZLGAA8bewE_PZxmR0fUwMx5.Nuy6Z3LRp7ChZmvWsFup9zTTiuOWU8..6s8_T.xsK6AOQ1PEJzfDQHCK8w.NlHM7i8lLhXwRc2B.sKzTdfdUyXyWTwfNuG8dINWWeu8K1T6EUjq2WHWtf3Gmlr_heLtCku_XtxujhzSenTrx8bKkeZeN4cKG8CwXLQbVK0BXHdyf8WsWrx042vn7amB0L_AgA31
.oferting.fr/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .oferting.fr
.oferting.fr/	1970-01-21 02:37:32	Name: _lc2_fpi Value: 6b4e69b91e72--01hhy4mn10wh27q4zdcrwacwcv
.oferting.fr/	1970-01-21 02:37:32	Name: _lc2_fpi_meta Value: {%22w%22:1702892295201}
.oferting.fr/	1970-01-21 02:37:32	Name: _ga Value: GA1.1.328843774.1702892295
.oferting.fr/	1970-01-21 02:37:32	Name: _ga_B5QPSJDJ8N Value: GS1.1.1702892295.1.0.1702892295.0.0.0
.liadm.com/	1970-01-21 02:37:32	Name: lidid Value: 755ccdca-4b13-4adc-ae4f-1cc959157709
.oferting.fr/	1970-01-20 17:44:44	Name: _li_ss Value: CjYKBQgKEOEWCgYI3QEQ4RYKBgiBARDhFgoFCAwQ6xYKBgiiARDhFgoGCIsBEOEWCgYI0gEQ4RY
.oferting.fr/	1970-01-20 17:44:44	Name: _li_ss_meta Value: {%22w%22:1702892298408%2C%22e%22:1705484298408}
.turn.com/	1970-01-20 21:20:44	Name: uid Value: 2676551922701615957
.rezync.com/	1970-01-20 21:20:44	Name: zync-uuid Value: 360fed2e-9a9e-438e-8bf5-398c6195c065:1702892298.5436482
live.rezync.com/	1970-01-20 21:20:44	Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiMzYwZmVkMmUtOWE5ZS00MzhlLThiZjUtMzk4YzYxOTVjMDY1OjE3MDI4OTIyOTguNTQzNjQ4MiJ9.ZYATCg.RWwi3JS7z4HG43325lLeYsSeTVY
.addthis.com/	1970-01-21 02:31:46	Name: na_id Value: 2023121809381800016253255186
.addthis.com/	1970-01-21 02:31:46	Name: na_tc Value: Y
.addthis.com/	1970-01-21 02:31:46	Name: uid Value: 6580130a00be3549
.addthis.com/	1970-01-21 02:31:46	Name: ouid Value: 6580130a00015847ed9a53e22f5d3aa370680166fa296768b937
.adnxs.com/	1970-01-20 19:11:08	Name: uuid2 Value: 2671030032584130310
.rfihub.com/	1970-01-21 02:23:08	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrM0s7AwMjWzMBTiM9R1NohKNkpPDA0NcEoDABpuExslAAAA
.rfihub.com/	1970-01-21 02:23:08	Name: eud Value: H4sIAAAAAAAA_1XIuRGAMAwAsAmoMoc5x7_ZBoIzECUlk1JylNLVnA1nnVSQexYIR0EcU4EzhvXUgaZbd6RIooxVhU2C7rZ86cLP3_IC4nbR31oAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrM0s7AwMjWzMBTiM9R1NohKNkpPDA0NcEoDABpuExslAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXByRGAMAwEsA_tmHF8ZZduIDiFUDnSd0wv3f1aC2-2hKMFz05xYtVgLq28xlQDzYgzwytgP40ly3s6AAAA
.dlx.addthis.com/	1970-01-20 17:44:44	Name: na_sc_x Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ersq.clicplan.fr/1693/asset?type=IMG&optin=11&b_optin=11&email=dce212a6a9997341079f93b6dcdce96d@MD5 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ercm.clicplan.fr/r/dce212a6a9997341079f93b6dcdce96d/0f6236e0-0f87-431b-ba56-c3f6d629310e Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-code.liadm.com
b1sync.zemanta.com
cm.g.doubleclick.net
collecte.aventurecollecte.com
d.turn.com
dis.criteo.com
dpm.demdex.net
ercm.clicplan.fr
ersq.clicplan.fr
i.adv-img.com
i.liadm.com
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
match.adsrvr.org
oferting.webpower.eu
olx.relieautr.com
p.rfihub.com
r.oferting.fr
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
trac.oferting.fr
w.oferting.fr
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
ercm.clicplan.fr
ersq.clicplan.fr
142.250.185.162
15.197.193.217
178.250.1.9
18.158.157.189
18.66.248.56
193.0.160.130
2.18.97.171
2001:4860:4802:34::36
2001:678:cb4:bbbb::13
2600:1f18:730:b150:6f5f:943c:95a6:9eb1
2600:9000:225e:4800:8:8845:1500:93a1
2606:4700:3034::6815:465f
2a00:1450:4001:802::2008
2a06:98c1:3120::3
34.199.75.211
35.244.174.68
37.252.171.53
44.198.227.25
50.31.142.63
52.209.217.80
52.213.184.39
91.197.72.25
059402ab75b04caa016e1c8c800fc696925e18f92ce44cb69e2adc7be87b61ad
0c3c466e8c6e497662d6d7592fb6ce1274f034c0f31b12081d170ab3c07a6e05
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
30c6a91d4b1952266318a0f41f3f624be6be6aa5e69cc66519f94dcd90ed81c8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
8055f27eeba86022e0c261677609b407d1b9cde2f6ff1389ee576b7992ec53ec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
988073c53b33d2ccfbfac2d60dc42a9af79dc055f2adfed2a433206e1d09a276
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

r.oferting.fr Open in urlscan Pro 52.213.184.39 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

63 %HTTPS

32 %IPv6

21 Domains

27 Subdomains

14 IPs

6 Countries

216 kBTransfer

559 kBSize

32 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

32 Cookies

2 Console Messages

Indicators

r.oferting.fr Open in urlscan Pro
52.213.184.39 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

63 %
HTTPS

32 %
IPv6

21
Domains

27
Subdomains

14
IPs

6
Countries

216 kB
Transfer

559 kB
Size

32
Cookies

19 HTTP transactions
0 data transactions