r.oferting.it Open in urlscan Pro
52.208.205.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://w.oferting.it/x/c/?hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9llVvCF7UGVTlqyqy33yRm2...
Effective URL:
https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term...
Submission: On October 19 via api (October 19th 2023, 1:50:47 pm UTC) from ES — Scanned from IT

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 17 domains to perform 26 HTTP transactions. The main IP is 52.208.205.27, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is r.oferting.it.
TLS certificate: Issued by R3 on August 21st 2023. Valid for: 3 months.

This is the only time r.oferting.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	91.197.72.25 91.197.72.25	20559 (FUNDAMENT...) (FUNDAMENTS-AS)
1 4	52.208.205.27 52.208.205.27	16509 (AMAZON-02) (AMAZON-02)
2	18.66.97.65 18.66.97.65	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
4	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1 2	52.0.58.100 52.0.58.100	14618 (AMAZON-AES) (AMAZON-AES)
1	52.0.66.190 52.0.66.190	14618 (AMAZON-AES) (AMAZON-AES)
3 3	89.207.16.75 89.207.16.75	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	142.250.186.134 142.250.186.134	() ()
1	104.103.90.112 104.103.90.112	() ()
1 2	44.214.204.240 44.214.204.240	14618 (AMAZON-AES) (AMAZON-AES)
26	10

2 91.197.72.25 (Netherlands) 2 redirects

ASN20559 (FUNDAMENTS-AS, NL)
PTR: eu25.webpower.eu

w.oferting.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oferting.webpower.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.205.27 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: mail.oferting.it

r.oferting.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trac.oferting.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-65.fra56.r.cloudfront.net

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.58.100 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-58-100.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.66.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-66-190.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.207.16.75 (Amsterdam, Netherlands) 3 redirects

ASN41041 (VCLK-EU-SE, US)

www.anrdoezrs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cj.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.emjcd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (None, ) 1 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.90.112 (None, )

ASN- ()

www.thenorthface.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.214.204.240 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-204-240.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
5	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3307 rp.liadm.com — Cisco Umbrella Rank: 1727 i.liadm.com — Cisco Umbrella Rank: 617	20 KB
5	oferting.it 2 redirects w.oferting.it r.oferting.it trac.oferting.it	57 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	301 KB
2	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 2310	234 B
1	thenorthface.it www.thenorthface.it
1	doubleclick.net 1 redirects ad.doubleclick.net	794 B
1	emjcd.com 1 redirects www.emjcd.com — Cisco Umbrella Rank: 17995	804 B
1	dotomi.com 1 redirects cj.dotomi.com — Cisco Umbrella Rank: 18346	1 KB
1	anrdoezrs.net 1 redirects www.anrdoezrs.net — Cisco Umbrella Rank: 27495	329 B
1	webpower.eu 1 redirects oferting.webpower.eu	1 KB
0	zemanta.com Failed b1sync.zemanta.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	criteo.com Failed dis.criteo.com Failed
0	turn.com Failed d.turn.com Failed
0	adsrvr.org Failed match.adsrvr.org Failed
0	rezync.com Failed live.rezync.com Failed
26	17

	Domain	Requested by
4	www.google-analytics.com	r.oferting.it
4	www.googletagmanager.com	r.oferting.it www.googletagmanager.com
3	r.oferting.it	r.oferting.it
2	mid.rkdms.com	1 redirects i.liadm.com
2	rp.liadm.com	1 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	b-code.liadm.com	r.oferting.it b-code.liadm.com
1	www.thenorthface.it
1	ad.doubleclick.net	1 redirects
1	www.emjcd.com	1 redirects
1	cj.dotomi.com	1 redirects
1	www.anrdoezrs.net	1 redirects
1	trac.oferting.it	1 redirects
1	i.liadm.com	b-code.liadm.com
1	oferting.webpower.eu	1 redirects
1	w.oferting.it	1 redirects
0	b1sync.zemanta.com Failed	i.liadm.com
0	x.bidswitch.net Failed	i.liadm.com
0	dis.criteo.com Failed	i.liadm.com
0	d.turn.com Failed	i.liadm.com
0	match.adsrvr.org Failed	i.liadm.com
0	live.rezync.com Failed	i.liadm.com
26	22

This site contains no links.

Subject Issuer	Validity	Valid
r.oferting.it R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.thenorthface.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-15` - `2024-02-23`	a year	crt.sh

This page contains 2 frames:

Frame: https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803&utm_content=Emailing+Network&utm_medium=affiliate&utm_source=CJ&utm_campaign=AFFILIATES_ECOM_IT&CJEVENT=7ecd7e2f6e8611ee8027fb2d0a18ba74&dclid=CNOa7deggoIDFSGe_QcduTYGRA
Frame ID: D5BE5A87C0C6765CDB9FDEC2BE11AD00
Requests: 18 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00xy?s=&ps=true&ls=true&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&euns=0&version=sc-v0.3.15&
Frame ID: 07CAC47B5037747E557FB6B2A9CF9604
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://w.oferting.it/x/c/?hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9ll... HTTP 302
https://oferting.webpower.eu/x/c/?hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9ll... HTTP 302
https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

65 %
HTTPS

0 %
IPv6

17
Domains

22
Subdomains

10
IPs

3
Countries

395 kB
Transfer

1063 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://w.oferting.it/x/c/?hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9llVvCF7UGVTlqyqy33yRm2F72yA0fXFCPukuKjFPqgBYImv53N4Tp.D_fMK8zX6NRirYLDOBxg6bexHPS_fUm627bjOqsXD6NY.eINAj71TUspK8upF1pyRpsoFPoy9mrVb9fRoABvSGHMfEQBUBp0i_TT3sFcRgna9DfcyXBusgdG7u4QT_3KiF3ywyjxrQcp3KcUuEU7sbbO3xW82XOMMy4kKp5EkCOzsriNiVvEjShlKa3aEBkNRcXmEFsNONoTdGnmjspbCSNmWRNBaGEFKhqmjNMCxw08Ivh7sgvj3aJ0q.nIMc8mb96pc88gF2119h0LfO5EdYpJQykYwzmmDTGyT6j8tEb1H8m4c5ck6nszD17ZthXah9fZniIWzkNlpdN9jRjUVDSE0Y.ix2Azaqc.nvwY_.0B5P.J_hclCMcA8pY5LEhjHNuE3klwneBGEHMrIoZuQdAP.s31v1Tf84g9H00spfwEA38 HTTP 302
https://oferting.webpower.eu/x/c/?hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9llVvCF7UGVTlqyqy33yRm2F72yA0fXFCPukuKjFPqgBYImv53N4Tp.D_fMK8zX6NRirYLDOBxg6bexHPS_fUm627bjOqsXD6NY.eINAj71TUspK8upF1pyRpsoFPoy9mrVb9fRoABvSGHMfEQBUBp0i_TT3sFcRgna9DfcyXBusgdG7u4QT_3KiF3ywyjxrQcp3KcUuEU7sbbO3xW82XOMMy4kKp5EkCOzsriNiVvEjShlKa3aEBkNRcXmEFsNONoTdGnmjspbCSNmWRNBaGEFKhqmjNMCxw08Ivh7sgvj3aJ0q.nIMc8mb96pc88gF2119h0LfO5EdYpJQykYwzmmDTGyT6j8tEb1H8m4c5ck6nszD17ZthXah9fZniIWzkNlpdN9jRjUVDSE0Y.ix2Azaqc.nvwY_.0B5P.J_hclCMcA8pY5LEhjHNuE3klwneBGEHMrIoZuQdAP.s31v1Tf84g9H00spfwEA38stored HTTP 302
https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://rp.liadm.com/j?dtstmp=1697723440697&aid=a-00xy&se=e30&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&tna=v2.9.2&pu=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&wpn=lc-bundle&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gVGhlbm9ydGhmYWNlJ3Mgd2Vic2l0ZTwvdGl0bGU- HTTP 302
https://rp.liadm.com/j?se=e30&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&aid=a-00xy&tna=v2.9.2&dtstmp=1697723440697&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gVGhlbm9ydGhmYWNlJ3Mgd2Vic2l0ZTwvdGl0bGU-

Request Chain 15

https://trac.oferting.it/of/?st=webpower_smtp&na=0&emn_i=345&emn_a=2273&emn_c=6459&emn_e=f9803b89b29796c99d106276c6013803&emn_rt=0&ol=C&emn_p=&emn_cat=9994954-9753084&term=&emn_t=9753084&ref_offer=9994954&hs=3198635528&sd=w.oferting.it&go=https%3A%2F%2Fwww.anrdoezrs.net%2Flinks%2F7268002%2Ftype%2Fdlg%2Fhttps%3A%2F%2Fwww.thenorthface.it%2Foutlet.html%3Femn_sid%3D02273034500999495409753084006459f9803b89b29796c99d106276c6013803 HTTP 302
https://www.anrdoezrs.net/links/7268002/type/dlg/https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803 HTTP 302
https://cj.dotomi.com/links-t/7268002/type/dlg/https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803 HTTP 302
https://www.emjcd.com/links-i/?d=eyJzdXJmZXIiOiI0MDA5MDU0MTY5NjIyNDk5Njk6R1dJYS5VZXBEMHhDIiwibGFzdENsaWNrTmFtZSI6IkxDTEsiLCJsYXN0Q2xpY2tWYWx1ZSI6ImNqbyF4aDB6LXZscGprYTAiLCJkZXN0aW5hdGlvblVybCI6Imh0dHBzOi8vd3d3LnRoZW5vcnRoZmFjZS5pdC9vdXRsZXQuaHRtbD9lbW5fc2lkPTAyMjczMDM0NTAwOTk5NDk1NDA5NzUzMDg0MDA2NDU5Zjk4MDNiODliMjk3OTZjOTlkMTA2Mjc2YzYwMTM4MDMiLCJ0eXBlIjoiZGxnIiwicGlkIjo3MjY4MDAyLCJldmVudElkIjoiN2VjZDdlMmY2ZTg2MTFlZTgwMjdmYjJkMGExOGJhNzQiLCJjalNlc3Npb24iOiI3NjE3NzVjZC1jZDAwLTQ3MjQtOTliOS0wZGFkYTBmYmNmNDIiLCJsb3lhbHR5RXhwaXJhdGlvbiI6MCwiY2pDb25zZW50RW51bSI6Ik5FVkVSX0FTS0VEIn0%3D HTTP 302
https://ad.doubleclick.net/ddm/clk/470344456;275787113;n?https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803&utm_content=Emailing+Network&utm_medium=affiliate&utm_source=CJ&utm_campaign=AFFILIATES_ECOM_IT&CJEVENT=7ecd7e2f6e8611ee8027fb2d0a18ba74 HTTP 302
https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803&utm_content=Emailing+Network&utm_medium=affiliate&utm_source=CJ&utm_campaign=AFFILIATES_ECOM_IT&CJEVENT=7ecd7e2f6e8611ee8027fb2d0a18ba74&dclid=CNOa7deggoIDFSGe_QcduTYGRA

Request Chain 22

https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=2583eedc-48af-4036-9696-5eeae361e277&liid=&_ct=im HTTP 302
https://mid.rkdms.com/restricted

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
r.oferting.it/r/
Redirect Chain

https://w.oferting.it/x/c/?hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9llVvCF7UGVTlqyqy33yRm2F72yA0fXFCPukuKjFPqgBYImv53N4Tp.D_fMK8zX6NRirYLDOBxg6bexHPS_fUm627bjOqsXD6NY.eI...
https://oferting.webpower.eu/x/c/?hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9llVvCF7UGVTlqyqy33yRm2F72yA0fXFCPukuKjFPqgBYImv53N4Tp.D_fMK8zX6NRirYLDOBxg6bexHPS_fUm627bjOqsX...
https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F...

8 KB
2 KB

282ms
140ms

Document
text/html

52.208.205.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.205.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: mail.oferting.it
Software: nginx /
Resource Hash: d2efdfb5035827b71c9a02b874aa4386b9ac93c03d0c40c44c52c940a75cf289

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Oct 2023 13:50:40 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 Oct 2023 13:50:39 GMT
location: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803
p3p: policyref="https://oferting.webpower.eu/x/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND NAV COM"
server: nginx

GET
H2 200 a-00xy.min.js Show response
b-code.liadm.com/ 45 KB
15 KB 141ms
49ms Script
application/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00xy.min.js
Requested by: Host: r.oferting.it
URL: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: /
Resource Hash: aca42d2ef4f1fc4c57e3489f3c133cc82c7137ce7194bbd7716eaf3ab3417015

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:13:10 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 67050
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: 0WlcCWcRUzAPAOEUlxiXSGmkB-Cyuayv01LND6evd-fGgrDxWo-boA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 202ms
102ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N

Requested by

Host: r.oferting.it
URL: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

95f0d93d9a8f6c3e920b3292dfc24ea18520c95b776d93437287fdd74691711d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:50:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 13:50:40 GMT

GET
H/1.1 200
OK preload.gif
r.oferting.it/images/ 18 KB
18 KB 145ms
144ms Image
image/gif 52.208.205.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.oferting.it/images/preload.gif
Requested by: Host: r.oferting.it
URL: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.205.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: mail.oferting.it
Software: nginx /
Resource Hash: 7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 13:50:40 GMT
Last-Modified: Tue, 28 Mar 2023 13:38:10 GMT
Server: nginx
ETag: "6422edc2-47ed"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18413

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
r.oferting.it/js/ 85 KB
34 KB 345ms
195ms Script
application/javascript 52.208.205.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.oferting.it/js/jquery-3.3.1.min.js
Requested by: Host: r.oferting.it
URL: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.205.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: mail.oferting.it
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 13:50:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Mar 2023 13:38:10 GMT
Server: nginx
ETag: W/"6422edc2-1538f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 148ms
42ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 11:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7147
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 19 Oct 2023 13:51:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
77 KB 168ms
120ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ML8Z3ZJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f6f80dd70fbc686ae07e90822f488e149e3c3aa73e68fb8e91a7e28eae1d2424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:50:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78879
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Oct 2023 13:50:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
62 KB 101ms
54ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5VTTG9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ac2455443894d17d6ecb4c83b64e5502d06e2b9433639e47de32eb9ca75e63a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:50:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63289
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Oct 2023 13:50:40 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 5 KB
3 KB 44ms
44ms Script
application/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00xy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38346c661a5d9c7cac02ddcf5012e9905d07a9246d501065551a8a5b3f7f6f9a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:12:52 GMT
x-amz-version-id: sPhVZ104DboVs7S8pa39MuSI_bOZsMl7
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 12:28:53 GMT
server: AmazonS3
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"966e0937ec1a9c25d3d81f08ccfa817a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 67069
x-amz-cf-id: pROgOPTqThNamMoEPrIz5GslXYjtGyFkXqgEaBX8foDVTafls_enZQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 62ms
61ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5VTTG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a06d917dde7c8a4aa710813ca38df79a07dcd65dca53e66482289d7ddec92567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:50:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 13:50:40 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 47ms
45ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1659885651&t=pageview&_s=1&dl=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&ul=en-us&de=UTF-8&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Thenorthface%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGgAAAABAAAAAAAAIE~&cid=1388479702.1697723441&tid=UA-46029424-2&_gid=1092068559.1697723441&z=419715535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 05:55:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28499
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 47ms
46ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1659885651&t=pageview&_s=1&dl=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&ul=en-us&de=UTF-8&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Thenorthface%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GgACAABBAAAAAAAIE~&cid=1388479702.1697723441&tid=UA-46029424-1&_gid=429793826.1697723441&z=211011114

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 05:55:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28499
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 48ms
47ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1659885651&t=pageview&_s=1&dl=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&ul=en-us&de=UTF-8&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Thenorthface%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GgACAABBAAAAAAAIE~&cid=1388479702.1697723441&uid=f9803b89b29796c99d106276c6013803&tid=UA-2213239-17&_gid=958566798.1697723441&cd1=9753084&cd4=9994954&cd6=Oferting&cd7=manual&cd8=stranger&cd9=C&cd10=345&cd12=f9803b89b29796c99d106276c6013803&cd15=2273&z=96759224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 05:55:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28499
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 149ms
55ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B5QPSJDJ8N&gtm=45je3ai0&_p=1659885651&cid=1388479702.1697723441&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697723440&sct=1&seg=0&dl=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Thenorthface%27s%20website&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:50:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.oferting.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1697723440697&aid=a-00xy&se=e30&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&tna=v2.9.2&pu=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium...
https://rp.liadm.com/j?se=e30&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&aid=a-00xy&tna=v2.9.2&dtstmp=1697723440697&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dt...

13 B
329 B

132ms
130ms

XHR
application/json

52.0.58.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?se=e30&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&aid=a-00xy&tna=v2.9.2&dtstmp=1697723440697&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gVGhlbm9ydGhmYWNlJ3Mgd2Vic2l0ZTwvdGl0bGU-
Protocol: H2
Server: 52.0.58.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-58-100.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:50:41 GMT
x-pixel-event-id: ce7cb726-dd40-4a8c-aa77-dcf67b6e6149
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://r.oferting.it
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: /j?se=e30&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&aid=a-00xy&tna=v2.9.2&dtstmp=1697723440697&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gVGhlbm9ydGhmYWNlJ3Mgd2Vic2l0ZTwvdGl0bGU-
access-control-allow-origin: https://r.oferting.it
date: Thu, 19 Oct 2023 13:50:41 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H/1.1 200
OK a-00xy
i.liadm.com/s/c/ Frame 07CA 1 KB
1 KB 549ms
141ms Document
text/html 52.0.66.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-00xy?s=&ps=true&ls=true&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&euns=0&version=sc-v0.3.15&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.66.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-66-190.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://r.oferting.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 719
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Oct 2023 13:50:41 GMT
Request-Time: 16
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2

200

outlet.html
www.thenorthface.it/
Redirect Chain

https://trac.oferting.it/of/?st=webpower_smtp&na=0&emn_i=345&emn_a=2273&emn_c=6459&emn_e=f9803b89b29796c99d106276c6013803&emn_rt=0&ol=C&emn_p=&emn_cat=9994954-9753084&term=&emn_t=9753084&ref_offer=...
https://www.anrdoezrs.net/links/7268002/type/dlg/https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803
https://cj.dotomi.com/links-t/7268002/type/dlg/https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803
https://www.emjcd.com/links-i/?d=eyJzdXJmZXIiOiI0MDA5MDU0MTY5NjIyNDk5Njk6R1dJYS5VZXBEMHhDIiwibGFzdENsaWNrTmFtZSI6IkxDTEsiLCJsYXN0Q2xpY2tWYWx1ZSI6ImNqbyF4aDB6LXZscGprYTAiLCJkZXN0aW5hdGlvblVybCI6Imh0...
https://ad.doubleclick.net/ddm/clk/470344456;275787113;n?https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803&utm_content=Emailing+Networ...
https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803&utm_content=Emailing+Network&utm_medium=affiliate&utm_source=CJ&utm_campaign=AFFILIA...

0
0

702ms
437ms

Document
text/html

104.103.90.112

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803&utm_content=Emailing+Network&utm_medium=affiliate&utm_source=CJ&utm_campaign=AFFILIATES_ECOM_IT&CJEVENT=7ecd7e2f6e8611ee8027fb2d0a18ba74&dclid=CNOa7deggoIDFSGe_QcduTYGRA

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

104.103.90.112 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://r.oferting.it/r/?utm_source=thenorthface&utm_medium=dedicado&utm_campaign=9994954-9753084&orig=manual&utm_term=deco&rtt=&f=0&c=&g=stranger&redirection=https%3A%2F%2Ftrac.oferting.it%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D345%26emn_a%3D2273%26emn_c%3D6459%26emn_e%3Df9803b89b29796c99d106276c6013803%26emn_rt%3D0%26ol%3DC%26emn_p%3D%26emn_cat%3D9994954-9753084%26term%3D%26emn_t%3D9753084%26ref_offer%3D9994954%26hs%3D3198635528%26sd%3Dw.oferting.it%26go%3Dhttps%253A%252F%252Fwww.anrdoezrs.net%252Flinks%252F7268002%252Ftype%252Fdlg%252Fhttps%253A%252F%252Fwww.thenorthface.it%252Foutlet.html%253Femn_sid%253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 19 Oct 2023 13:50:47 GMT
etag: "3da02-6080eb8da35c4-gzip"
expires: Thu, 19 Oct 2023 13:50:47 GMT
pragma: no-cache
server: Apache
server-timing: origin; dur=111 edge; dur=46 cdn-cache; desc=MISS ak_p; desc="1697723447091_1600460663_1978173086_15703_13704_35_179_255";dur=1
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
x-akamai-transformed: 9 29686 0 pmb=mNONE,1mTOE,2mRUM,2
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:50:46 GMT
location: https://www.thenorthface.it/outlet.html?emn_sid=02273034500999495409753084006459f9803b89b29796c99d106276c6013803&utm_content=Emailing+Network&utm_medium=affiliate&utm_source=CJ&utm_campaign=AFFILIATES_ECOM_IT&CJEVENT=7ecd7e2f6e8611ee8027fb2d0a18ba74&dclid=CNOa7deggoIDFSGe_QcduTYGRA
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET sync
live.rezync.com/ Frame 07CA 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame 07CA 0
0

GET 53233
d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/ Frame 07CA 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 07CA 0
0

GET sync
x.bidswitch.net/ Frame 07CA 0
0

GET /
b1sync.zemanta.com/usersync/liveintent/ Frame 07CA 0
0

GET
H2

200

restricted
mid.rkdms.com/ Frame 07CA
Redirect Chain

https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=2583eedc-48af-4036-9696-5eeae361e277&liid=&_ct=im
https://mid.rkdms.com/restricted

0
0

140ms
140ms

Image
text/html

44.214.204.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&ps=true&ls=true&duid=4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r&euns=0&version=sc-v0.3.15&
Protocol: H2
Server: 44.214.204.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-204-240.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:50:42 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: nginx
location: /restricted
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 54ms
54ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B5QPSJDJ8N&gtm=45je3ai0&_p=1659885651&cid=1388479702.1697723441&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697723440&sct=1&seg=0&dl=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Thenorthface%27s%20website&en=view_item&ep.userId=&ep.propertie1=&ep.propertie2=&ep.propertie3=&ep.propertie4=&ep.propertie5=&ep.propertie6=&ep.propertie7=&ep.propertie8=&ep.propertie9=&ep.propertie10=&ep.propertie11=&ep.propertie12=&ep.propertie13=&ep.propertie14=&ep.propertie15=&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B5QPSJDJ8N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://r.oferting.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:50:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.oferting.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: live.rezync.com
URL: https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2583eedc-48af-4036-9696-5eeae361e277

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

Domain: d.turn.com
URL: https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=liveintent&user_id=2583eedc-48af-4036-9696-5eeae361e277

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B5QPSJDJ8N&gtm=45je3ai0&_p=1659885651&cid=1388479702.1697723441&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1697723440&sct=1&seg=0&dl=https%3A%2F%2Fr.oferting.it%2Fr%2F%3Futm_source%3Dthenorthface%26utm_medium%3Ddedicado%26utm_campaign%3D9994954-9753084%26orig%3Dmanual%26utm_term%3Ddeco%26rtt%3D%26f%3D0%26c%3D%26g%3Dstranger%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.it%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D345%2526emn_a%253D2273%2526emn_c%253D6459%2526emn_e%253Df9803b89b29796c99d106276c6013803%2526emn_rt%253D0%2526ol%253DC%2526emn_p%253D%2526emn_cat%253D9994954-9753084%2526term%253D%2526emn_t%253D9753084%2526ref_offer%253D9994954%2526hs%253D3198635528%2526sd%253Dw.oferting.it%2526go%253Dhttps%25253A%25252F%25252Fwww.anrdoezrs.net%25252Flinks%25252F7268002%25252Ftype%25252Fdlg%25252Fhttps%25253A%25252F%25252Fwww.thenorthface.it%25252Foutlet.html%25253Femn_sid%25253D02273034500999495409753084006459f9803b89b29796c99d106276c6013803&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Thenorthface%27s%20website&en=user_engagement&_et=6996

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trac.oferting.it/of	1970-01-20 15:35:23	Name: emntkgidentifiant Value: n9xz0f81dzkqkjcxs8lu1ngxt50wxrja
trac.oferting.it/of	1970-01-20 16:18:35	Name: emntkgidentifiant_cpl Value: n9xz0f81dzkqkjcxs8lu1ngxt50wxrja
trac.oferting.it/of	1970-01-20 16:18:35	Name: emntkgidentifiant_cpv Value: n9xz0f81dzkqkjcxs8lu1ngxt50wxrja
trac.oferting.it/of	1970-01-20 16:18:35	Name: emntkgidentifiant_usr Value: f9803b89b29796c99d106276c6013803
trac.oferting.it/of	1970-01-20 15:35:23	Name: emntkg_facb1fe43fe738d6270fc93c5926d06f Value: 2273%7C6459%7C345%7C0%7C
trac.oferting.it/of	1970-01-20 16:18:35	Name: emntkg_cpl_facb1fe43fe738d6270fc93c5926d06f Value: 2273%7C6459%7C345%7C0%7C
trac.oferting.it/of	1970-01-20 16:18:35	Name: emntkg_cpv_facb1fe43fe738d6270fc93c5926d06f Value: 2273%7C6459%7C345%7C0%7C
.liadm.com/j	1970-01-21 01:11:23	Name: lidid Value: 2583eedc-48af-4036-9696-5eeae361e277
i.liadm.com/s	1970-01-20 16:18:35	Name: _li_ss Value: CjYKBQgKEKUWCgYI3QEQpRYKBgilARClFgoGCIEBEKUWCgUIDBCvFgoGCKIBEKUWCgYI0gEQpRY
.w.oferting.it/	1970-01-20 16:18:39	Name: DMDconv Value: hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9llVvCF7UGVTlqyqy33yRm2F72yA0fXFCPukuKjFPqgBYImv53N4Tp.D_fMK8zX6NRirYLDOBxg6bexHPS_fUm627bjOqsXD6NY.eINAj71TUspK8upF1pyRpsoFPoy9mrVb9fRoABvSGHMfEQBUBp0i_TT3sFcRgna9DfcyXBusgdG7u4QT_3KiF3ywyjxrQcp3KcUuEU7sbbO3xW82XOMMy4kKp5EkCOzsriNiVvEjShlKa3aEBkNRcXmEFsNONoTdGnmjspbCSNmWRNBaGEFKhqmjNMCxw08Ivh7sgvj3aJ0q.nIMc8mb96pc88gF2119h0LfO5EdYpJQykYwzmmDTGyT6j8tEb1H8m4c5ck6nszD17ZthXah9fZniIWzkNlpdN9jRjUVDSE0Y.ix2Azaqc.nvwY_.0B5P.J_hclCMcA8pY5LEhjHNuE3klwneBGEHMrIoZuQdAP.s31v1Tf84g9H00spfwEA38
.oferting.webpower.eu/	1970-01-20 16:18:39	Name: DMDconv Value: hVLbrpwgFP2VvkzfjoMgKKchTdOTeeo.TBjES6pgYBvT.rzdMHbOtEnTxMjaa99cC42q9llVvCF7UGVTlqyqy33yRm2F72yA0fXFCPukuKjFPqgBYImv53N4Tp.D_fMK8zX6NRirYLDOBxg6bexHPS_fUm627bjOqsXD6NY.eINAj71TUspK8upF1pyRpsoFPoy9mrVb9fRoABvSGHMfEQBUBp0i_TT3sFcRgna9DfcyXBusgdG7u4QT_3KiF3ywyjxrQcp3KcUuEU7sbbO3xW82XOMMy4kKp5EkCOzsriNiVvEjShlKa3aEBkNRcXmEFsNONoTdGnmjspbCSNmWRNBaGEFKhqmjNMCxw08Ivh7sgvj3aJ0q.nIMc8mb96pc88gF2119h0LfO5EdYpJQykYwzmmDTGyT6j8tEb1H8m4c5ck6nszD17ZthXah9fZniIWzkNlpdN9jRjUVDSE0Y.ix2Azaqc.nvwY_.0B5P.J_hclCMcA8pY5LEhjHNuE3klwneBGEHMrIoZuQdAP.s31v1Tf84g9H00spfwEA38
.oferting.it/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .oferting.it
.oferting.it/	1970-01-21 01:11:23	Name: _lc2_fpi Value: 4d2d00a6626e--01hd437qb7dpfa86dwytqrfm1r
.oferting.it/	1970-01-21 01:11:23	Name: _lc2_fpi_meta Value: {%22w%22:1697723440487}
.oferting.it/	1970-01-20 15:45:28	Name: __li_idexc Value: 1
.oferting.it/	1970-01-20 15:45:28	Name: __li_idexc_meta Value: {%22w%22:1697723440490%2C%22e%22:1698328240490}
.oferting.it/	1970-01-21 01:11:23	Name: _ga Value: GA1.1.1388479702.1697723441
.oferting.it/	1970-01-21 01:11:23	Name: _ga_B5QPSJDJ8N Value: GS1.1.1697723440.1.0.1697723440.0.0.0
.liadm.com/	1970-01-21 01:11:23	Name: lidid Value: 2583eedc-48af-4036-9696-5eeae361e277
.dotomi.com/	1969-12-31 23:59:59	Name: CJSession Value: 761775cd-cd00-4724-99b9-0dada0fbcf42
.dotomi.com/	1970-01-21 01:02:45	Name: cjae Value: GWIa.UepD0xC
.dotomi.com/	1970-01-21 01:02:45	Name: DotomiUser Value: 400905416962249969$0$1
.dotomi.com/	1970-01-21 01:02:45	Name: LCLK Value: cjo!xh0z-vlpjka0
.emjcd.com/	1969-12-31 23:59:59	Name: CJSession Value: 761775cd-cd00-4724-99b9-0dada0fbcf42
.emjcd.com/	1970-01-21 01:02:45	Name: S Value: 400905416962249969:GWIa.UepD0xC
.emjcd.com/	1970-01-21 01:02:45	Name: LCLK Value: cjo!xh0z-vlpjka0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
b-code.liadm.com
b1sync.zemanta.com
cj.dotomi.com
d.turn.com
dis.criteo.com
i.liadm.com
live.rezync.com
match.adsrvr.org
mid.rkdms.com
oferting.webpower.eu
r.oferting.it
region1.google-analytics.com
rp.liadm.com
trac.oferting.it
w.oferting.it
www.anrdoezrs.net
www.emjcd.com
www.google-analytics.com
www.googletagmanager.com
www.thenorthface.it
x.bidswitch.net
b1sync.zemanta.com
d.turn.com
dis.criteo.com
live.rezync.com
match.adsrvr.org
region1.google-analytics.com
x.bidswitch.net
104.103.90.112
142.250.185.174
142.250.186.134
142.250.186.136
18.66.97.65
216.239.34.36
44.214.204.240
52.0.58.100
52.0.66.190
52.208.205.27
89.207.16.75
91.197.72.25
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
38346c661a5d9c7cac02ddcf5012e9905d07a9246d501065551a8a5b3f7f6f9a
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95f0d93d9a8f6c3e920b3292dfc24ea18520c95b776d93437287fdd74691711d
a06d917dde7c8a4aa710813ca38df79a07dcd65dca53e66482289d7ddec92567
ac2455443894d17d6ecb4c83b64e5502d06e2b9433639e47de32eb9ca75e63a5
aca42d2ef4f1fc4c57e3489f3c133cc82c7137ce7194bbd7716eaf3ab3417015
d2efdfb5035827b71c9a02b874aa4386b9ac93c03d0c40c44c52c940a75cf289
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f6f80dd70fbc686ae07e90822f488e149e3c3aa73e68fb8e91a7e28eae1d2424

r.oferting.it Open in urlscan Pro 52.208.205.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

65 %HTTPS

0 %IPv6

17 Domains

22 Subdomains

10 IPs

3 Countries

395 kBTransfer

1063 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

26 Cookies

Indicators

r.oferting.it Open in urlscan Pro
52.208.205.27 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

65 %
HTTPS

0 %
IPv6

17
Domains

22
Subdomains

10
IPs

3
Countries

395 kB
Transfer

1063 kB
Size

26
Cookies

26 HTTP transactions
0 data transactions