urlscan.io logo urlscan.io
SecurityTrails logo

messagent.roulartamail.be Open in urlscan Pro
91.212.185.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=5VZ5ge7MBYIW0CEr8tvFk1rVKZS4grz8r+zgfI1AXLxOlM3fkP43YrDtXbDxWKM6kjI...
Effective URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80C...
Submission: On May 29 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 91.212.185.86, located in Roeselare, Belgium and belongs to ROULARTA-MEDIA-GROUP-AS, BE. The main domain is messagent.roulartamail.be.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 29th 2020. Valid for: a year.
This is the only time messagent.roulartamail.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 91.212.185.86 49333 (ROULARTA-...)
1 1 95.131.143.139 47841 (OXALIDE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 146.59.29.8 16276 (OVH)
15 5
8    91.212.185.86 (Roeselare, Belgium)

ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE)
PTR: 86-185-212-91.rmg.be
messagent.roulartamail.be
1    95.131.143.139 (France)

ASN47841 (OXALIDE, FR)
weekend.knack.be
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    146.59.29.8 (France)

ASN16276 (OVH, FR)
PTR: ip8.ip-146-59-29.eu
gabe.hit.gemius.pl
Domain Requested by
8 messagent.roulartamail.be 1 redirects messagent.roulartamail.be
4 gabe.hit.gemius.pl 1 redirects messagent.roulartamail.be
gabe.hit.gemius.pl
3 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com messagent.roulartamail.be
1 fonts.googleapis.com messagent.roulartamail.be
1 weekend.knack.be 1 redirects
15 6

This site contains no links.

Subject Issuer Validity Valid
messagent.roulartamail.be
Sectigo RSA Domain Validation Secure Server CA		 2020-07-29 -
2021-10-05		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Frame ID: AC2D840F62073D778E7ED8B12113B437
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://messagent.roulartamail.be/optiext/optiextension.dll?ID=5VZ5ge7MBYIW0CEr8tvFk1rVKZS4grz8r+zgfI1AXLxOlM3... HTTP 302
    https://weekend.knack.be/laurier?cel_hash=&chts=1622294928 HTTP 302
    https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpO... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: %
Detected patterns
  • script /hit\.gemius\.pl\/xgemius\.js/i
  • script /hit\.gemius\.pl/i
  • script /xgemius\.js/i

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

811 kB
Transfer

1075 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://messagent.roulartamail.be/optiext/optiextension.dll?ID=5VZ5ge7MBYIW0CEr8tvFk1rVKZS4grz8r+zgfI1AXLxOlM3fkP43YrDtXbDxWKM6kjIqki5xLqQpYCRRGDTAPGAQ_44yiTfHT5 HTTP 302
    https://weekend.knack.be/laurier?cel_hash=&chts=1622294928 HTTP 302
    https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://gabe.hit.gemius.pl/_1622287730345/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DJi6J3CM%252BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju&ref=&mtp=0&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=2q.HOk1N4y4vtL68J3YSZyEh1_OhsSVohtg0GvUJ4Wv.b7&vis=1 HTTP 301
  • https://gabe.hit.gemius.pl/__/_1622287730345/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DJi6J3CM%252BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju&ref=&mtp=0&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=2q.HOk1N4y4vtL68J3YSZyEh1_OhsSVohtg0GvUJ4Wv.b7&vis=1

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optiextension.dll
messagent.roulartamail.be/optiext/
Redirect Chain
  • https://messagent.roulartamail.be/optiext/optiextension.dll?ID=5VZ5ge7MBYIW0CEr8tvFk1rVKZS4grz8r+zgfI1AXLxOlM3fkP43YrDtXbDxWKM6kjIqki5xLqQpYCRRGDTAPGAQ_44yiTfHT5
  • https://weekend.knack.be/laurier?cel_hash=&chts=1622294928
  • https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Roeselare, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2456bfb00273f42b52f9bca65e4092d40584ef88feec03f14fe2578fda3ea15a

Request headers

Host
messagent.roulartamail.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
access-control-allow-origin
*
date
Sat, 29 May 2021 11:28:48 GMT
x-varnish-pttl
0.000
x-varnish-c
N
content-encoding
gzip
x-varnish
1977695
age
0
via
1.1 varnish-v4
x-varnish-h
M
x-varnish-b
messagt
content-length
2846
accept-ranges
bytes

Redirect headers

server
nginx
date
Sat, 29 May 2021 11:28:49 GMT
content-type
text/html; charset=UTF-8
content-length
314
cache-control
no-cache
location
//messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
content-encoding
gzip
age
0
x-backend
dir_www
x-cache
MISS :(
x-powered-by
Oxalide [01]
css2
fonts.googleapis.com/ 		9 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
337dbd90c2e418ac7fafe28d235369f22405c35e33caf0a04b769375bf34e030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://messagent.roulartamail.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 May 2021 10:07:23 GMT
server
ESF
date
Sat, 29 May 2021 11:28:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 May 2021 11:28:49 GMT
laurier.css
messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/css/ 		128 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/css/laurier.css
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Roeselare, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
912c99b55aa21e95a252528a5235e44f1c7ef06f10f7e4040ffbbf04859aa3d1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
messagent.roulartamail.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Connection
keep-alive
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:48 GMT
content-encoding
gzip
age
0
x-powered-by
ASP.NET
transfer-encoding
chunked
x-varnish-b
messagt
x-varnish-c
Y
access-control-allow-origin
*
last-modified
Mon, 17 May 2021 18:23:03 GMT
server
Microsoft-IIS/10.0
x-varnish-h
M
etag
W/"6e75edac494bd71:0"
x-varnish-pttl
3600.000
x-varnish
2417761
via
1.1 varnish-v4
accept-ranges
bytes
content-type
text/css
laurierbol01.png
messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/ 		645 KB
646 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/laurierbol01.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Roeselare, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ada826181086574feda7d4ccf78957d5cc24a83a9b3436ab7a895bee3db4dde9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
messagent.roulartamail.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Connection
keep-alive
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:48 GMT
via
1.1 varnish-v4
age
0
x-powered-by
ASP.NET
transfer-encoding
chunked
x-varnish-b
messagt
last-modified
Mon, 17 May 2021 08:07:30 GMT
x-varnish-c
Y
server
Microsoft-IIS/10.0
x-varnish-h
M
etag
"7e31dfaef34ad71:0"
x-varnish-pttl
3600.000
x-varnish
2464800
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
bol-korting.png
messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/bol-korting.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Roeselare, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
468cf6361b301e92b355c0c8cecd17453692c0e96aeb925759cc1fba8d638e3d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
messagent.roulartamail.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Connection
keep-alive
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:48 GMT
via
1.1 varnish-v4
age
0
x-powered-by
ASP.NET
x-varnish-b
messagt
last-modified
Mon, 17 May 2021 08:07:25 GMT
content-length
9631
x-varnish-c
Y
server
Microsoft-IIS/10.0
x-varnish-h
M
etag
"ee8ebabf34ad71:0"
x-varnish-pttl
3600.000
x-varnish
1977703
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
knack-weekend.png
messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/knack-weekend.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Roeselare, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
60a3ee32a59723d686413ac5ad62ccd15acc240c31405c6cd6a121443d9c6957

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
messagent.roulartamail.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Connection
keep-alive
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:48 GMT
via
1.1 varnish-v4
age
0
x-powered-by
ASP.NET
x-varnish-b
messagt
last-modified
Mon, 17 May 2021 08:07:26 GMT
content-length
4753
x-varnish-c
Y
server
Microsoft-IIS/10.0
x-varnish-h
M
etag
"9a4881acf34ad71:0"
x-varnish-pttl
3600.000
x-varnish
734848
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
lauretum.png
messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/lauretum.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Roeselare, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
df70f3b7677fc5b73fae80faa75442317a7c34019c47860af5e4d9cbff4d4d00

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
messagent.roulartamail.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Connection
keep-alive
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:48 GMT
via
1.1 varnish-v4
age
0
x-powered-by
ASP.NET
transfer-encoding
chunked
x-varnish-b
messagt
last-modified
Mon, 17 May 2021 08:07:27 GMT
x-varnish-c
Y
server
Microsoft-IIS/10.0
x-varnish-h
M
etag
"f4d426adf34ad71:0"
x-varnish-pttl
3600.000
x-varnish
2464803
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
aveve.png
messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/weekend/2021/laurier/aveve.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Roeselare, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
051ccd534de457cdc06ce4e0b5155bab8ab05bbbc522a42acf2f2ba448454e2c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
messagent.roulartamail.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Connection
keep-alive
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:48 GMT
via
1.1 varnish-v4
age
0
x-powered-by
ASP.NET
x-varnish-b
messagt
last-modified
Mon, 17 May 2021 08:07:24 GMT
content-length
12897
x-varnish-c
Y
server
Microsoft-IIS/10.0
x-varnish-h
M
etag
"6ca436abf34ad71:0"
x-varnish-pttl
3600.000
x-varnish
2559748
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
gtm.js
www.googletagmanager.com/ 		168 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHVRMGQ
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c0c14e6211e5f4da16396822e461cecad44e2bd283e3108dcdf5bfc9bde38a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://messagent.roulartamail.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54730
x-xss-protection
0
last-modified
Sat, 29 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 May 2021 11:28:50 GMT
mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://messagent.roulartamail.be
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:38:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:56 GMT
server
sffe
age
309018
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15188
x-xss-protection
0
expires
Wed, 25 May 2022 21:38:32 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://messagent.roulartamail.be
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:31:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
309434
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 25 May 2022 21:31:36 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://messagent.roulartamail.be
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
309404
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
xgemius.js
gabe.hit.gemius.pl/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/xgemius.js
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.29.8 , France, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-146-59-29.eu
Software
GHC /
Resource Hash
3e2a6d63486204b8ab690e430c113ebb89379191be81e2dc84154863cb7ecbcd

Request headers

Referer
https://messagent.roulartamail.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:50 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 09:58:52 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10701
expires
Sat, 29 May 2021 23:28:50 GMT
fpdata.js
gabe.hit.gemius.pl/ 		284 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/fpdata.js?href=messagent.roulartamail.be
Requested by
Host: gabe.hit.gemius.pl
URL: https://gabe.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.29.8 , France, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-146-59-29.eu
Software
GHC /
Resource Hash
3f2786316431253181f85e3d03b41616ec41767711aa2b1b5e76687e3988bda9

Request headers

Referer
https://messagent.roulartamail.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:28:50 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
284
expires
Mon, 28 Jun 2021 11:28:50 GMT
rexdot.js
gabe.hit.gemius.pl/__/_1622287730345/
Redirect Chain
  • https://gabe.hit.gemius.pl/_1622287730345/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-120&fv=-&href=htt...
  • https://gabe.hit.gemius.pl/__/_1622287730345/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-120&fv=-&href=...
180 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/__/_1622287730345/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DJi6J3CM%252BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju&ref=&mtp=0&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=2q.HOk1N4y4vtL68J3YSZyEh1_OhsSVohtg0GvUJ4Wv.b7&vis=1
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=Ji6J3CM%2BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.29.8 , France, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-146-59-29.eu
Software
GHC /
Resource Hash
eda29282348ee6a1c159c98bdef327ad8161d2ddfbfd3fa5d8bf47735ff03110

Request headers

Referer
https://messagent.roulartamail.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 May 2021 11:28:50 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
180
expires
Fri, 28 May 2021 11:28:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 May 2021 11:28:50 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1622287730345/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DJi6J3CM%252BIYdF2W_e225LBvwP2rWQ4ycMgLCSAAlXQLmpOsFiS3gb_d8pIyR3ie80CVfU8ZpmNW86Ju&ref=&mtp=0&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=2q.HOk1N4y4vtL68J3YSZyEh1_OhsSVohtg0GvUJ4Wv.b7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 28 May 2021 11:28:50 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager string| pp_gemius_identifier object| pp_gemius_extraparameters object| gemius_cmpclient object| gemius_hcconn function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event number| pp_gemius_cnt boolean| gemius_hcref

1 Cookies

Domain/Path Name / Value
.roulartamail.be/ Name: __gfp_64b
Value: 2q.HOk1N4y4vtL68J3YSZyEh1_OhsSVohtg0GvUJ4Wv.b7|1622287730