urlscan.io logo urlscan.io
SecurityTrails logo

messagent.roulartamail.be Open in urlscan Pro
91.212.185.86  Public Scan

Go To Rescan Add Verdict Report
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF...
Submission: On February 13 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 91.212.185.86, located in Mechelen, Belgium and belongs to ROULARTA-MEDIA-GROUP-AS, BE. The main domain is messagent.roulartamail.be.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 5th 2018. Valid for: 2 years.
This is the only time messagent.roulartamail.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 91.212.185.86 49333 (ROULARTA-...)
5 37.72.160.15 34762 (COMBELL-AS)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 95.131.143.129 47841 (OXALIDE)
1 2 91.212.185.85 49333 (ROULARTA-...)
25 5
7    91.212.185.86 (Mechelen, Belgium)

ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE)
PTR: 86-185-212-91.rmg.be
messagent.roulartamail.be
5    37.72.160.15 (Lommel, Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: n-f.static-37-72-160.as30961.net
ads-roularta.adhese.com
11    2606:4700:20::681a:fcb (United States)

ASN13335 (CLOUDFLARENET, US)
web.static-rmg.be
2    95.131.143.129 (France)

ASN47841 (OXALIDE, FR)
plusmagazine.knack.be
2    91.212.185.85 (Mechelen, Belgium)

ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE)
PTR: 85-185-212-91.rmg.be
makr.roularta.be
Domain Requested by
11 web.static-rmg.be messagent.roulartamail.be
7 messagent.roulartamail.be messagent.roulartamail.be
5 ads-roularta.adhese.com messagent.roulartamail.be
2 makr.roularta.be 1 redirects messagent.roulartamail.be
2 plusmagazine.knack.be 1 redirects messagent.roulartamail.be
25 5

This site contains links to these domains. Also see Links.

Domain
clicks-roularta.adhese.com
Subject Issuer Validity Valid
messagent.roulartamail.be
COMODO RSA Domain Validation Secure Server CA		 2018-10-05 -
2020-10-04		 2 years crt.sh
*.adhese.com
Let's Encrypt Authority X3		 2020-01-30 -
2020-04-29		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-17 -
2020-10-09		 a year crt.sh
*.knack.be
Sectigo RSA Domain Validation Secure Server CA		 2019-03-14 -
2021-03-13		 2 years crt.sh
*.roularta.be
Sectigo RSA Domain Validation Secure Server CA		 2019-09-30 -
2021-09-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Frame ID: 4BE8210DCFA026DAFE96FA65CEF3B7A2
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

25
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

301 kB
Transfer

354 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://plusmagazine.knack.be/assets/785/avatar_402291.jpg HTTP 301
  • https://plusmagazine.knack.be/assets/785/avatar_402291.jpg
Request Chain 21
  • https://makr.roularta.be/makr-resize-cover/getCover.action?editionCode=OT HTTP 302
  • https://makr.roularta.be/covers/ARCHIEF/2020/02/OT/COVER/cover_0_0.jpg

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optiextension.dll
messagent.roulartamail.be/optiext/ 		70 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
227dfb7d673d485dfeef55d82450b8c44dbb4fb7d3165342c62b09b156fc12d7

Request headers

Host
messagent.roulartamail.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Content-Type
text/html
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Date
Thu, 13 Feb 2020 12:17:48 GMT
X-Varnish-PTTL
0.000
X-Varnish-C
N
Content-Encoding
gzip
X-Varnish
5221493
Age
0
Via
1.1 varnish-v4
X-Varnish-H
M
X-Varnish-B
messagt
Transfer-Encoding
chunked
Accept-Ranges
bytes
tlall
ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-LB1/da20200213/ci2100/geM/inT_AGE_55_64/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-LB1/da20200213/ci2100/geM/inT_AGE_55_64/tlall
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.72.160.15 Lommel, Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
n-f.static-37-72-160.as30961.net
Software
Apache-Coyote/1.1 /
Resource Hash
bcc20dbb20be1a265cadc00a200badbb6e694ea231c35cad869eaa396648dd9e

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 12:17:50 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Content-Length
594
Via
1.1 ads-roularta.adhese.com
logo_plusmagazine2019.png
messagent.roulartamail.be/images/newsletter/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/newsletter/logo_plusmagazine2019.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
843d77c399525823c08d3e075d9a48d0f51280cbe324bd1dd8be2c2a4dfd44a6

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 11:44:37 GMT
Via
1.1 varnish-v4
Age
1991
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Mon, 15 Jul 2019 07:58:56 GMT
Content-Length
4310
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#3098/1608.549
ETag
"24bccc26e33ad51:0"
X-Varnish-PTTL
3600.000
X-Varnish
3356244 4129983
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/png
logo_pluszone.png
messagent.roulartamail.be/images/newsletter/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/newsletter/logo_pluszone.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8057bfc5818364b33157861e529660d23c28b53565afed9e3fbec09d0aee0bec

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 11:44:35 GMT
Via
1.1 varnish-v4
Age
1994
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Thu, 03 Sep 2015 08:24:21 GMT
Content-Length
1471
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#96225/1606.138
ETag
"8a247ef21e6d01:0"
X-Varnish-PTTL
3600.000
X-Varnish
3619328 993380
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/png
c1a4b4e03a662a9db0dd410055a83331.jpg
web.static-rmg.be/if/c_fit,w_620,h_413/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_620,h_413/c1a4b4e03a662a9db0dd410055a83331.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
cc15566418d453d4e58f1130f58a4fc031b086e3159df19404a1e8113bd11ef4

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17011
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="c1a4b4e03a662a9db0dd410055a83331.webp"
content-length
42206
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=103568
accept-ranges
bytes
cf-ray
5646bdd12ea81f4d-FRA
expires
Thu, 20 Feb 2020 07:33:47 GMT
button_facebook2.png
messagent.roulartamail.be/images/newsletter/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/newsletter/button_facebook2.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6b97d9a1f7205130a3af317c03e085b73d6d389060dd3cd5c412c7edcf280f7c

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 11:44:34 GMT
Via
1.1 varnish-v4
Age
1994
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Mon, 25 Jan 2016 10:39:03 GMT
Content-Length
1374
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#151962/1605.925
ETag
"4296d59b5c57d11:0"
X-Varnish-PTTL
3600.000
X-Varnish
3249759 4129947
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/png
button_twitter.png
messagent.roulartamail.be/images/newsletter/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/newsletter/button_twitter.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9a32583c45dc69e9af326b9ae0880a36e38bff3586a083828fbd08f9e0b035d4

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 11:44:35 GMT
Via
1.1 varnish-v4
Age
1994
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Mon, 25 Jan 2016 10:24:59 GMT
Content-Length
1376
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#140532/1606.095
ETag
"c35010a55a57d11:0"
X-Varnish-PTTL
3600.000
X-Varnish
5936788 3166702
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/png
9be9166a2fcfdf026f8ea1327b93adcc.jpg
web.static-rmg.be/if/c_fit,w_140,h_93/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_140,h_93/9be9166a2fcfdf026f8ea1327b93adcc.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
8212229750d03512c3999e04c664896a3881e39345f73d27e40a96ac2a5830a2

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17011
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="9be9166a2fcfdf026f8ea1327b93adcc.webp"
content-length
3014
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=9081
accept-ranges
bytes
cf-ray
5646bdd12ea91f4d-FRA
expires
Wed, 19 Feb 2020 13:00:14 GMT
a767776e815d077a754673874f104636.jpg
web.static-rmg.be/if/c_fit,w_140,h_93/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_140,h_93/a767776e815d077a754673874f104636.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
0d0d85fc8bf1898a98822543c451ead871351540c905515b5b00689b8127889c

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17012
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="a767776e815d077a754673874f104636.webp"
content-length
3246
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=6954
accept-ranges
bytes
cf-ray
5646bdd12eab1f4d-FRA
expires
Thu, 20 Feb 2020 07:33:24 GMT
e376ccb08b0ad53dd0790e50e62f61ed.jpg
web.static-rmg.be/if/c_crop,w_992,h_661,x_8,y_155,g_center/c_fit,w_355,h_236/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_crop,w_992,h_661,x_8,y_155,g_center/c_fit,w_355,h_236/e376ccb08b0ad53dd0790e50e62f61ed.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
8e2e6c0346f271f3853c769f94558e55ccc27e56ed96c882fb7b47016c8df99d

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
92859
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="e376ccb08b0ad53dd0790e50e62f61ed.webp"
content-length
9314
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=29380
accept-ranges
bytes
cf-ray
5646bdd12eac1f4d-FRA
expires
Wed, 19 Feb 2020 10:30:11 GMT
a438f5bd2784f66d88f37e49d1364303.jpg
web.static-rmg.be/if/c_fit,w_140,h_92/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_140,h_92/a438f5bd2784f66d88f37e49d1364303.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
c5bb22c8b621fb8e887bde969133e3f406c33dc628bb2693a9b9982ae4dd19c3

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17012
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="a438f5bd2784f66d88f37e49d1364303.webp"
content-length
3346
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=6996
accept-ranges
bytes
cf-ray
5646bdd12ead1f4d-FRA
expires
Sat, 15 Feb 2020 16:25:08 GMT
9101c9cca51e2e5b021bff1fa6ba6b09.jpg
web.static-rmg.be/if/c_fit,w_140,h_93/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_140,h_93/9101c9cca51e2e5b021bff1fa6ba6b09.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
d90ddbbd32c69abaa1af84117c4cb83cf75470ebf550fd77d04be5a5c6286a85

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17012
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="9101c9cca51e2e5b021bff1fa6ba6b09.webp"
content-length
6488
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=15221
accept-ranges
bytes
cf-ray
5646bdd12eaf1f4d-FRA
expires
Wed, 19 Feb 2020 13:00:14 GMT
fec4ba1fe5a7c9bd1d5b9c353aab3c2a.jpg
web.static-rmg.be/if/c_fit,w_620,h_413/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_620,h_413/fec4ba1fe5a7c9bd1d5b9c353aab3c2a.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
f760d0f76a7e1e1478aa3d45b446dcbe8fddf9820bc83ef413b62af5d808a3f4

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17011
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="fec4ba1fe5a7c9bd1d5b9c353aab3c2a.webp"
content-length
70954
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=150289
accept-ranges
bytes
cf-ray
5646bdd12eca1f4d-FRA
expires
Thu, 20 Feb 2020 07:33:24 GMT
tlall
ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-M.RECTANGL/da20200213/ci2100/geM/inT_AGE_55_64/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-M.RECTANGL/da20200213/ci2100/geM/inT_AGE_55_64/tlall
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.72.160.15 Lommel, Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
n-f.static-37-72-160.as30961.net
Software
Apache-Coyote/1.1 /
Resource Hash
dd585a386e748fdb3d7fd30eb79552e2c581d119cc16b7c8c1d5bd44800d7a3e

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 12:17:49 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
image/jpeg
Access-Control-Allow-Headers
X-Requested-With
Content-Length
36085
Via
1.1 ads-roularta.adhese.com
tlall
ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-ADV1/da20200213/ci2100/geM/inT_AGE_55_64/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-ADV1/da20200213/ci2100/geM/inT_AGE_55_64/tlall
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.72.160.15 Lommel, Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
n-f.static-37-72-160.as30961.net
Software
Apache-Coyote/1.1 /
Resource Hash
667ad4340ec2f3b657fa55550a031f593d01747eeecdccadc256527d6d79ec8d

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 12:17:50 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Content-Length
581
Via
1.1 ads-roularta.adhese.com
tlall
ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-LEADGEN/da20200213/ci2100/geM/inT_AGE_55_64/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-LEADGEN/da20200213/ci2100/geM/inT_AGE_55_64/tlall
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.72.160.15 Lommel, Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
n-f.static-37-72-160.as30961.net
Software
Apache-Coyote/1.1 /
Resource Hash
667ad4340ec2f3b657fa55550a031f593d01747eeecdccadc256527d6d79ec8d

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 12:17:49 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Content-Length
581
Via
1.1 ads-roularta.adhese.com
1e6cc701be17272950d213f828776d5d.jpg
web.static-rmg.be/if/c_fit,w_300,h_200/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_300,h_200/1e6cc701be17272950d213f828776d5d.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
8d6f490b65ebae0a301897d272a91a1b722b2d5d572722915182bcdf2929d503

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
12224
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-length
19246
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=16070400
cf-polished
degrade=85, origSize=45889, status=webp_bigger
accept-ranges
bytes
cf-ray
5646bdd12ec01f4d-FRA
expires
Thu, 20 Feb 2020 08:31:25 GMT
icon_infoservices.gif
messagent.roulartamail.be/images/newsletter/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/newsletter/icon_infoservices.gif
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
438d3f3be596d2798bdeb1aef20ddb30b3db74ab16068e2db6397bacad576d2a

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 11:44:37 GMT
Via
1.1 varnish-v4
Age
1991
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Thu, 12 Oct 2017 13:59:57 GMT
Content-Length
1329
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#2403/1608.551
ETag
"2a3b17636243d31:0"
X-Varnish-PTTL
3600.000
X-Varnish
5936786 2108622
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/gif
avatar_402291.jpg
plusmagazine.knack.be/assets/785/
Redirect Chain
  • http://plusmagazine.knack.be/assets/785/avatar_402291.jpg
  • https://plusmagazine.knack.be/assets/785/avatar_402291.jpg
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plusmagazine.knack.be/assets/785/avatar_402291.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.131.143.129 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
Software
nginx / Oxalide [01]
Resource Hash
23cbdcc306a9d5bd2efe7c764594e6a5715bc12555722fff5612b4623fe1975f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:17:50 GMT
Content-Encoding
gzip
X-Backend
dir_static_01
Age
223
X-Powered-By
Oxalide [01]
X-Cache
HIT :) 69
Connection
keep-alive
Content-Length
7581
Pragma
public
Last-Modified
Thu, 23 Jan 2020 13:15:43 GMT
Server
nginx
ETag
W/"5e299c7f-1fb8"
Content-Type
image/jpeg
Cache-control
max-age=600
Accept-Ranges
bytes
Expires
Thu, 13 Feb 2020 12:24:07 GMT

Redirect headers

location
https://plusmagazine.knack.be/assets/785/avatar_402291.jpg
Date
Thu, 13 Feb 2020 12:17:50 GMT
Accept-Ranges
bytes
Connection
close
Age
0
X-Powered-By
Oxalide [01]
243a991205fd2c268558844be43b0ee2.jpg
web.static-rmg.be/if/c_fit,w_140,h_93/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_140,h_93/243a991205fd2c268558844be43b0ee2.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
7788983a26970044133c19912203f6842156891e53d68ce0eaef336467f0ea4a

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17012
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="243a991205fd2c268558844be43b0ee2.webp"
content-length
4790
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=11336
accept-ranges
bytes
cf-ray
5646bdd12ece1f4d-FRA
expires
Thu, 20 Feb 2020 07:33:24 GMT
22e8cac83c8e75805e4fd41fb44a08fc.jpg
web.static-rmg.be/if/c_fit,w_140,h_93/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_140,h_93/22e8cac83c8e75805e4fd41fb44a08fc.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
1dd1bdb8edb4e3296dbaeea384d76ee229cd9c0d01e4cb52bcada51e2a053255

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17012
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="22e8cac83c8e75805e4fd41fb44a08fc.webp"
content-length
5954
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=13727
accept-ranges
bytes
cf-ray
5646bdd12ed01f4d-FRA
expires
Thu, 20 Feb 2020 07:33:57 GMT
e9918947f29fe78cf00d4f673aaa5cd4.jpg
web.static-rmg.be/if/c_fit,w_140,h_96/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.static-rmg.be/if/c_fit,w_140,h_96/e9918947f29fe78cf00d4f673aaa5cd4.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Oxalide [01]
Resource Hash
6c57008e8daa91818b1f7677b0576f05abcd4159d4beb71e25f443e5c89ff413

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:17:50 GMT
cf-cache-status
HIT
age
17011
x-powered-by
Oxalide [01]
status
200
content-transfer-encoding
binary
content-disposition
inline; filename="e9918947f29fe78cf00d4f673aaa5cd4.webp"
content-length
2554
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
cf-polished
qual=85, origFmt=jpeg, origSize=6721
accept-ranges
bytes
cf-ray
5646bdd12ed11f4d-FRA
expires
Wed, 19 Feb 2020 13:00:13 GMT
cover_0_0.jpg
makr.roularta.be/covers/ARCHIEF/2020/02/OT/COVER/
Redirect Chain
  • https://makr.roularta.be/makr-resize-cover/getCover.action?editionCode=OT
  • https://makr.roularta.be/covers/ARCHIEF/2020/02/OT/COVER/cover_0_0.jpg
59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://makr.roularta.be/covers/ARCHIEF/2020/02/OT/COVER/cover_0_0.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.85 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
85-185-212-91.rmg.be
Software
Apache/2.2.15 (CentOS) /
Resource Hash
758d70b79f9608b437ae27dfed257a4bab2f83374d020c72851c5ce1d5768d2f

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 11:24:33 GMT
Via
1.1 varnish-v4
Content-Type
image/jpeg
Last-Modified
Wed, 15 Jan 2020 20:03:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
3196
ETag
"67284b8-ec69-59c3332f098a3"
X-Varnish-PTTL
3600.000
X-Varnish-B
webapp
X-Varnish
573043461 586829215
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Varnish-C
Y
Content-Length
60521
X-Varnish-H
H#21026/403.569

Redirect headers

Date
Thu, 13 Feb 2020 12:13:27 GMT
Content-Encoding
gzip
Age
263
Surrogate-Control
max-age=900
X-Varnish-B
webapp
Content-Length
20
Via
1.1 varnish-v4
X-Varnish
573043459 592175795
X-Varnish-C
Y
Server
Apache/2.2.15 (CentOS)
X-Varnish-H
H#23277/636.770
X-Varnish-PTTL
900.000
Content-Language
nl-BE
Content-Type
text/plain; charset=UTF-8
Location
https://makr.roularta.be/covers/ARCHIEF/2020/02/OT/COVER/cover_0_0.jpg
X-Robots-Tag
noindex, nofollow
ls_red.gif
messagent.roulartamail.be/images/newsletter/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/newsletter/ls_red.gif
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b94fdeac9687a3514a43258cb9b2a517115776558d48cff456ea6b1f67ace5a0

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 11:44:35 GMT
Via
1.1 varnish-v4
Age
1994
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Thu, 22 May 2014 11:10:10 GMT
Content-Length
1146
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#42374/1606.282
ETag
"66ab8a65ae75cf1:0"
X-Varnish-PTTL
3600.000
X-Varnish
4024418 2739432
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/gif
tlall
ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-AFFI_300PX_1/da20200213/ci2100/geM/inT_AGE_55_64/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-roularta.adhese.com/ad3/sl_4953_IN02_-E-AFFI_300PX_1/da20200213/ci2100/geM/inT_AGE_55_64/tlall
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.72.160.15 Lommel, Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
n-f.static-37-72-160.as30961.net
Software
Apache-Coyote/1.1 /
Resource Hash
667ad4340ec2f3b657fa55550a031f593d01747eeecdccadc256527d6d79ec8d

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=gOxL04of7nGWFzoK70VT+nHrzMHcB_cTV9+ytES89d1H9PMnZgrtd6lXgUDsdu6YRLF5eMpQTcGtAAJ3WxILNNuLLpXTIhxggI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 12:17:49 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Content-Length
581
Via
1.1 ads-roularta.adhese.com

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads-roularta.adhese.com
makr.roularta.be
messagent.roulartamail.be
plusmagazine.knack.be
web.static-rmg.be
2606:4700:20::681a:fcb
37.72.160.15
91.212.185.85
91.212.185.86
95.131.143.129
0d0d85fc8bf1898a98822543c451ead871351540c905515b5b00689b8127889c
1dd1bdb8edb4e3296dbaeea384d76ee229cd9c0d01e4cb52bcada51e2a053255
227dfb7d673d485dfeef55d82450b8c44dbb4fb7d3165342c62b09b156fc12d7
23cbdcc306a9d5bd2efe7c764594e6a5715bc12555722fff5612b4623fe1975f
438d3f3be596d2798bdeb1aef20ddb30b3db74ab16068e2db6397bacad576d2a
667ad4340ec2f3b657fa55550a031f593d01747eeecdccadc256527d6d79ec8d
6b97d9a1f7205130a3af317c03e085b73d6d389060dd3cd5c412c7edcf280f7c
6c57008e8daa91818b1f7677b0576f05abcd4159d4beb71e25f443e5c89ff413
758d70b79f9608b437ae27dfed257a4bab2f83374d020c72851c5ce1d5768d2f
7788983a26970044133c19912203f6842156891e53d68ce0eaef336467f0ea4a
8057bfc5818364b33157861e529660d23c28b53565afed9e3fbec09d0aee0bec
8212229750d03512c3999e04c664896a3881e39345f73d27e40a96ac2a5830a2
843d77c399525823c08d3e075d9a48d0f51280cbe324bd1dd8be2c2a4dfd44a6
8d6f490b65ebae0a301897d272a91a1b722b2d5d572722915182bcdf2929d503
8e2e6c0346f271f3853c769f94558e55ccc27e56ed96c882fb7b47016c8df99d
9a32583c45dc69e9af326b9ae0880a36e38bff3586a083828fbd08f9e0b035d4
b94fdeac9687a3514a43258cb9b2a517115776558d48cff456ea6b1f67ace5a0
bcc20dbb20be1a265cadc00a200badbb6e694ea231c35cad869eaa396648dd9e
c5bb22c8b621fb8e887bde969133e3f406c33dc628bb2693a9b9982ae4dd19c3
cc15566418d453d4e58f1130f58a4fc031b086e3159df19404a1e8113bd11ef4
d90ddbbd32c69abaa1af84117c4cb83cf75470ebf550fd77d04be5a5c6286a85
dd585a386e748fdb3d7fd30eb79552e2c581d119cc16b7c8c1d5bd44800d7a3e
f760d0f76a7e1e1478aa3d45b446dcbe8fddf9820bc83ef413b62af5d808a3f4