urlscan.io logo urlscan.io
SecurityTrails logo

clk.tradedoubler.com Open in urlscan Pro
34.95.109.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=8053774bd2862da33a8bac3863db0a45401d1b7f&url_key...
Effective URL: https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-6019eb707a4a540
Submission: On February 03 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 7 domains to perform 17 HTTP transactions. The main IP is 34.95.109.120, located in United States and belongs to GOOGLE, US. The main domain is clk.tradedoubler.com.
TLS certificate: Issued by R3 on January 23rd 2021. Valid for: 3 months.
This is the only time clk.tradedoubler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    78.137.118.22 (Manchester, United Kingdom)

ASN61323 (UKFAST, GB)
PTR: 78.137.118.22.srvlist.ukfast.net
nl-be.cashbackdeals.be
7    2a02:21a8:0:3::ca6b:ba66 (United Kingdom)

ASN61323 (UKFAST, GB)
static.orangebuddies.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    34.95.109.120 (United States)

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com
clk.tradedoubler.com
1    13.224.194.12 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-12.fra2.r.cloudfront.net
vht.tradedoubler.com
1    188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com
analytics.tradedoubler.com
Domain Requested by
7 static.orangebuddies.com nl-be.cashbackdeals.be
static.orangebuddies.com
2 www.google-analytics.com nl-be.cashbackdeals.be
www.google-analytics.com
2 nl-be.cashbackdeals.be 1 redirects
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 clk.tradedoubler.com
1 fonts.googleapis.com static.orangebuddies.com
nl-be.cashbackdeals.be
1 maxcdn.bootstrapcdn.com nl-be.cashbackdeals.be
0 www.mediamarkt.be Failed
17 9

This site contains no links.

Subject Issuer Validity Valid
www.cashbackkorting.nl
Sectigo RSA Domain Validation Secure Server CA		 2019-05-06 -
2021-05-21		 2 years crt.sh
static.orangebuddies.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-17 -
2021-06-17		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.tradedoubler.com
R3		 2021-01-23 -
2021-04-23		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=f27283f83130860ac61f8d8526035ee9
Frame ID: 5F81B2D319C2ADEBC3C103FA78BC5CBA
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=8053774bd2862da33a8bac3863db... HTTP 302
    https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267 Page URL
  2. https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-6019eb707a4a540 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

88 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

10
IPs

6
Countries

133 kB
Transfer

440 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=8053774bd2862da33a8bac3863db0a45401d1b7f&url_key=media-markt&type=voucher&typeId=713267 HTTP 302
    https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267 Page URL
  2. https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-6019eb707a4a540 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=8053774bd2862da33a8bac3863db0a45401d1b7f&url_key=media-markt&type=voucher&typeId=713267 HTTP 302
  • https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Request Chain 15
  • https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-6019eb707a4a540 HTTP 302
  • https://redir.tradedoubler.com/projectr/?rbtc=tra|con|2297478||||&tduid=f27283f83130860ac61f8d8526035ee9&_td_deeplink=http://www.mediamarkt.be/nl/ HTTP 302
  • http://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=f27283f83130860ac61f8d8526035ee9 HTTP 301
  • https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=f27283f83130860ac61f8d8526035ee9

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set visit.php
nl-be.cashbackdeals.be/popup/
Redirect Chain
  • https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=8053774bd2862da33a8bac3863db0a45401d1b7f&url_key=media-markt&type=voucher&typeId=713267
  • https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
2e439b222e54a9a2aac52935776add82c259801910dc8e43fb28e83b06c45b7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
nl-be.cashbackdeals.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=tqucv6sfhkcc6bhesvklc46a47
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Wed, 03 Feb 2021 00:16:48 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1517
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie
stores_viewed_by_user=a%3A1%3A%7Bi%3A43891%3Bs%3A5%3A%2243891%22%3B%7D; expires=Thu, 18-Feb-2021 00:16:48 GMT; Max-Age=1296000; path=/; secure visitedStoresKey=a%3A1%3A%7Bi%3A0%3Bs%3A11%3A%22media-markt%22%3B%7D; expires=Thu, 18-Feb-2021 00:16:48 GMT; Max-Age=1296000; path=/; secure cashback_mediamarkt.be=yes; expires=Wed, 03-Feb-2021 00:46:48 GMT; Max-Age=1800; path=/; secure
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*

Redirect headers

Server
nginx
Date
Wed, 03 Feb 2021 00:16:48 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
20
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=tqucv6sfhkcc6bhesvklc46a47; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location
/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
layout.css
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/ 		248 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/layout.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
e280d3478f73dee7242bc08dc7b01bf46ced43a1337924bad5ac43d79e317c6f

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 00:16:48 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 05:25:05 GMT
server
nginx/1.4.7
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ddosx-request-id
fbcb81f833b0760e5ec7a76dad131233
responsive.css
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/ 		64 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/responsive.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
a7d71c13c964162b9c9644bc35a10b22af22bb31a44926b20f3c257fdddfa853

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 00:16:48 GMT
content-encoding
gzip
last-modified
Wed, 14 Nov 2018 11:28:27 GMT
server
nginx/1.4.7
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ddosx-request-id
40492a520fb35cc584b9933fe7c4bd56
popup.css
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/popup/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/popup/popup.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
eb193dfdf3eb42ba3654fc23c494ea2a51031fba581d4f58931c9fb4319f1598

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 00:16:48 GMT
content-encoding
gzip
last-modified
Fri, 26 Jun 2020 12:32:29 GMT
server
nginx/1.4.7
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ddosx-request-id
682f6161ba5c5a242e747474333b5716
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
6079
43891.jpg
static.orangebuddies.com/image/stores/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/image/stores/43891.jpg
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
92b7b3076b98eb6f61c1336d4717909736e3e1f7ef47de2c57022721daebab89

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 00:16:48 GMT
last-modified
Tue, 04 Apr 2017 12:50:29 GMT
server
nginx/1.4.7
etag
"58e39695-108e"
content-type
image/jpeg
access-control-allow-origin
*
content-length
4238
accept-ranges
bytes
x-ddosx-request-id
769e249d98ddf1a6c66b3b4d8ca68b64
41297-ExitPage468x60.jpg
static.orangebuddies.com/image/banners/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/image/banners/41297-ExitPage468x60.jpg
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
69c78fcfbd429a5b7e7171f476c002e454c8d95f2b9cff68f7b97272f6bebe40

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 00:16:48 GMT
last-modified
Wed, 17 Apr 2019 13:21:13 GMT
server
nginx/1.4.7
etag
"5cb72849-23f2"
content-type
image/jpeg
access-control-allow-origin
*
content-length
9202
accept-ranges
bytes
x-ddosx-request-id
694cc85ac9589317464efb1f2e2b669f
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3765
date
Tue, 02 Feb 2021 23:14:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 03 Feb 2021 01:14:03 GMT
collect
www.google-analytics.com/j/ 		2 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1931284457&t=pageview&_s=1&dl=https%3A%2F%2Fnl-be.cashbackdeals.be%2Fpopup%2Fvisit.php%3Furl_key%3Dmedia-markt%26type%3Dvoucher%26typeId%3D713267&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1921058129&gjid=1985609455&cid=584765603.1612311409&tid=UA-45189585-1&_gid=619533384.1612311409&_r=1&_slc=1&z=2086206432
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 00:16:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nl-be.cashbackdeals.be
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		1 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51c552a2f1fa3269e9104546eab7cb63a94f51db880d6a41fe9803e0b2526e96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 22:50:27 GMT
server
ESF
date
Wed, 03 Feb 2021 00:16:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Feb 2021 00:16:48 GMT
css
fonts.googleapis.com/ 		0
0
bg.jpg
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/assets/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/assets/bg.jpg
Requested by
Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/layout.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f

Request headers

Referer
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 00:16:48 GMT
last-modified
Wed, 02 Nov 2016 07:31:44 GMT
server
nginx/1.4.7
etag
"58199660-39c1"
content-type
image/jpeg
access-control-allow-origin
*
content-length
14785
accept-ranges
bytes
x-ddosx-request-id
07c8810ba29f0350c3b135c2bc004136
bar-loading.gif
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/assets/bar-loading.gif
Requested by
Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/popup/popup.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2

Request headers

Referer
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/popup/popup.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 00:16:48 GMT
last-modified
Thu, 30 Jun 2016 11:28:29 GMT
server
nginx/1.4.7
etag
"5775025d-c59"
content-type
image/gif
access-control-allow-origin
*
content-length
3161
accept-ranges
bytes
x-ddosx-request-id
ee8dfe0d83bc213d9f51833594d5dcc1
Primary Request click
clk.tradedoubler.com/ 		1012 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-6019eb707a4a540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
08c36c75a8148aeb73c060d436d7ca8db87b83524aeb7c6a934a511fa45c6770

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=272943&a=2297478&g=23552574&epi=40-OBS-6019eb707a4a540
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=713267

Response headers

content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Wed, 03 Feb 2021 00:16:49 GMT
content-length
1012
via
1.1 google
alt-svc
clear
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-6019eb707a4a540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-12.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 Jan 2021 03:44:36 GMT
Content-Encoding
gzip
Age
246733
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
ETag
W/"2509-57841106334e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
Fh--VTIEj5H-1TyyeSksDkHyfxSl_RbMmtXwUqeR1Z6Y7-4El-y8zA==
Expires
Sun, 07 Feb 2021 03:44:36 GMT
/
analytics.tradedoubler.com/ 		0
241 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 03 Feb 2021 00:16:50 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
www.mediamarkt.be/nl/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-6019eb707a4a540
  • https://redir.tradedoubler.com/projectr/?rbtc=tra|con|2297478||||&tduid=f27283f83130860ac61f8d8526035ee9&_td_deeplink=http://www.mediamarkt.be/nl/
  • http://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=f27283f83130860ac61f8d8526035ee9
  • https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=f27283f83130860ac61f8d8526035ee9
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400italic,400|Open+Sans+Condensed:700
Domain
www.mediamarkt.be
URL
https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=f27283f83130860ac61f8d8526035ee9

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
www.mediamarkt.be/ Name: TS827b433d027
Value: 08381b7c0bab200087b00a81128d2f93cb95d9dedc34e6bbfdf16b7403a3f4d0822992846be7d00a081991212f11300010750e4fae249a919ceeb7cd2f5686207ffaeb4dc6eca2ede5853d50472b4dcda2b2f468edbe219a07c4ac57430d2dbe
.mediamarkt.be/ Name: TS0182667c
Value: 014cde7230f39bd76d94271eae0947cc34f0d2e6aa5cadd465f7ad32bf9394dbff24a762497e70035a39f8db950da79dd3d36e7bd7135a5d3d3d225272a225b6255867a822
www.mediamarkt.be/ Name: TS0173859f
Value: 014cde7230a897ad60ddd4e4a22e8803f8745f22175cadd465f7ad32bf9394dbff24a76249512a03bde0271a1833970a65c1fb2cf1
.mediamarkt.be/ Name: dtCookie
Value: 3$56216CF128B97DF610439AE81752415A

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
clk.tradedoubler.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
nl-be.cashbackdeals.be
static.orangebuddies.com
vht.tradedoubler.com
www.google-analytics.com
www.mediamarkt.be
fonts.googleapis.com
www.mediamarkt.be
13.224.194.12
188.165.150.177
2001:4de0:ac19::1:b:1b
2a00:1450:4001:808::200a
2a00:1450:4001:821::200e
2a00:1450:4001:825::200e
2a02:21a8:0:3::ca6b:ba66
34.95.109.120
78.137.118.22
08c36c75a8148aeb73c060d436d7ca8db87b83524aeb7c6a934a511fa45c6770
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f
2e439b222e54a9a2aac52935776add82c259801910dc8e43fb28e83b06c45b7e
51c552a2f1fa3269e9104546eab7cb63a94f51db880d6a41fe9803e0b2526e96
69c78fcfbd429a5b7e7171f476c002e454c8d95f2b9cff68f7b97272f6bebe40
92b7b3076b98eb6f61c1336d4717909736e3e1f7ef47de2c57022721daebab89
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a7d71c13c964162b9c9644bc35a10b22af22bb31a44926b20f3c257fdddfa853
e280d3478f73dee7242bc08dc7b01bf46ced43a1337924bad5ac43d79e317c6f
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb193dfdf3eb42ba3654fc23c494ea2a51031fba581d4f58931c9fb4319f1598