r-fr.oferting.net
Open in
urlscan Pro
52.214.46.158
Public Scan
Submitted URL: https://st.oferting.net/f/a/RCE_Fgfi5QgMdNKMN8MGjw~~/AAAIxQA~/RgRhI3_hP4QkAmh0dHBzOi8vci1mci5vZmVydGluZy5uZXQvci8_dXRtX3...
Effective URL: https://r-fr.oferting.net/r/?utm_source=grpn&utm_medium=dedicado&utm_campaign=9637996-9630867&orig=manual&utm_term=generic...
Submission: On August 22 via api from BE
Effective URL: https://r-fr.oferting.net/r/?utm_source=grpn&utm_medium=dedicado&utm_campaign=9637996-9630867&orig=manual&utm_term=generic...
Submission: On August 22 via api from BE
Summary
This website contacted 12 IPs
in 7 countries
across 13 domains to perform 17 HTTP transactions.
The main IP is 52.214.46.158, located in
Dublin, Ireland and
belongs to AMAZON-02, US.
The main domain is r-fr.oferting.net.
TLS certificate: Issued by Amazon on July 3rd 2020. Valid for: a year.
This is the only time r-fr.oferting.net was scanned on urlscan.io!
TLS certificate: Issued by Amazon on July 3rd 2020. Valid for: a year.
This is the only time r-fr.oferting.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
6
52.214.46.158
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-46-158.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-46-158.eu-west-1.compute.amazonaws.com
| st.oferting.net | |
| r-fr.oferting.net | |
| ercm.clicplan.fr | |
| ersq.clicplan.fr |
1
52.215.55.150
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-55-150.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-55-150.eu-west-1.compute.amazonaws.com
| eu.spgo.io |
2
46.51.205.54
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-205-54.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-205-54.eu-west-1.compute.amazonaws.com
| er.cloud-media.fr |
4
2a00:1450:4001:802::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
2a00:1450:4001:802::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2600:1f18:730:b150:e012:d004:2b3d:e4f0
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| rp.liadm.com |
1
35.171.210.100
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-210-100.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-210-100.compute-1.amazonaws.com
| rp4.liadm.com |
1
54.80.200.212
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-200-212.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-200-212.compute-1.amazonaws.com
| i.liadm.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
liadm.com
1 redirects
b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com |
14 KB |
| 4 |
google-analytics.com
1 redirects
www.google-analytics.com |
19 KB |
| 4 |
oferting.net
1 redirects
st.oferting.net r-fr.oferting.net |
54 KB |
| 3 |
taboola.com
cdn.taboola.com trc.taboola.com trc-events.taboola.com |
22 KB |
| 2 |
cloud-media.fr
1 redirects
er.cloud-media.fr |
419 B |
| 2 |
clicplan.fr
2 redirects
ercm.clicplan.fr ersq.clicplan.fr |
337 B |
| 1 |
google.de
www.google.de |
470 B |
| 1 |
google.com
1 redirects
www.google.com |
147 B |
| 1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
479 B |
| 1 |
googletagmanager.com
www.googletagmanager.com |
40 KB |
| 1 |
easydmp.net
asset.easydmp.net |
648 B |
| 1 |
email-match.com
1 redirects
asset.email-match.com |
404 B |
| 1 |
spgo.io
1 redirects
eu.spgo.io |
508 B |
| 17 | 13 |
| Domain | Requested by | |
|---|---|---|
| 4 | www.google-analytics.com |
1 redirects
r-fr.oferting.net
|
| 3 | r-fr.oferting.net |
r-fr.oferting.net
|
| 2 | er.cloud-media.fr |
1 redirects
r-fr.oferting.net
|
| 2 | b-code.liadm.com |
r-fr.oferting.net
b-code.liadm.com |
| 1 | trc-events.taboola.com |
cdn.taboola.com
|
| 1 | i.liadm.com |
b-code.liadm.com
|
| 1 | trc.taboola.com |
cdn.taboola.com
|
| 1 | rp4.liadm.com |
r-fr.oferting.net
|
| 1 | rp.liadm.com | 1 redirects |
| 1 | cdn.taboola.com |
r-fr.oferting.net
|
| 1 | www.google.de |
r-fr.oferting.net
|
| 1 | www.google.com | 1 redirects |
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | www.googletagmanager.com |
r-fr.oferting.net
|
| 1 | asset.easydmp.net |
r-fr.oferting.net
|
| 1 | asset.email-match.com | 1 redirects |
| 1 | ersq.clicplan.fr | 1 redirects |
| 1 | ercm.clicplan.fr | 1 redirects |
| 1 | eu.spgo.io | 1 redirects |
| 1 | st.oferting.net | 1 redirects |
| 17 | 20 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.oferting.net Amazon |
2020-07-03 - 2021-08-03 |
a year | crt.sh |
| b-code.liadm.com DigiCert Secure Site ECC CA-1 |
2020-06-23 - 2021-09-22 |
a year | crt.sh |
| *.cmrt.io Amazon |
2019-10-11 - 2020-11-11 |
a year | crt.sh |
| c.every-test.com Let's Encrypt Authority X3 |
2020-07-17 - 2020-10-15 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
| *.google.de GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
| *.taboola.com DigiCert SHA2 Secure Server CA |
2020-08-10 - 2021-12-31 |
a year | crt.sh |
| *.liadm.com Amazon |
2020-01-17 - 2021-02-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://r-fr.oferting.net/r/?utm_source=grpn&utm_medium=dedicado&utm_campaign=9637996-9630867&orig=manual&utm_term=generica&rtt=&f=0&g=&c=beauty&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fst%3Dsparkpost%26na%3D1%26emn_i%3D346%26emn_a%3D976%26emn_c%3D7364%26emn_e%3Df8ae3b5e24630277f7c5fd8f3e7711f4%26emn_rt%3D0%26emn_p%3D%26emn_cat%3D9637996-9630867%26term%3D%26emn_t%3D9630867%26ol%3DA%26ref_offer%3D9637996%26hs%3D2789260098%26go%3Dhttps%253A%252F%252Fgo.oferting.net%252F1g0C7%253Fvars%253D_vmd5%25253Df8ae3b5e24630277f7c5fd8f3e7711f4
Frame ID: 9556B4A23038EEDF0C0ED91BB238852B
Requests: 16 HTTP requests in this frame
Frame:
https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=1ffc951fb2a6--01egb3mbemz0n0gtsg74vgqjza&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 0F15EB766976F0263C9A098B4EA808A7
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://st.oferting.net/f/a/RCE_Fgfi5QgMdNKMN8MGjw~~/AAAIxQA~/RgRhI3_hP4QkAmh0dHBzOi8vci1mci5vZmVydG...
HTTP 301
https://eu.spgo.io/f/a/RCE_Fgfi5QgMdNKMN8MGjw~~/AAAIxQA~/RgRhI3_hP4QkAmh0dHBzOi8vci1mci5vZmVydG... HTTP 302
https://r-fr.oferting.net/r/?utm_source=grpn&utm_medium=dedicado&utm_campaign=9637996-9630867&orig=man... Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://st.oferting.net/f/a/RCE_Fgfi5QgMdNKMN8MGjw~~/AAAIxQA~/RgRhI3_hP4QkAmh0dHBzOi8vci1mci5vZmVydGluZy5uZXQvci8_dXRtX3NvdXJjZT1ncnBuJnV0bV9tZWRpdW09ZGVkaWNhZG8mdXRtX2NhbXBhaWduPTk2Mzc5OTYtOTYzMDg2NyZvcmlnPW1hbnVhbCZ1dG1fdGVybT1nZW5lcmljYSZydHQ9JmY9MCZnPSZjPWJlYXV0eSZyZWRpcmVjdGlvbj1odHRwcyUzQSUyRiUyRnRyYWMub2ZlcnRpbmcubmV0JTJGb2YlMkYlM0ZzdCUzRHNwYXJrcG9zdCUyNm5hJTNEMSUyNmVtbl9pJTNEMzQ2JTI2ZW1uX2ElM0Q5NzYlMjZlbW5fYyUzRDczNjQlMjZlbW5fZSUzRGY4YWUzYjVlMjQ2MzAyNzdmN2M1ZmQ4ZjNlNzcxMWY0JTI2ZW1uX3J0JTNEMCUyNmVtbl9wJTNEJTI2ZW1uX2NhdCUzRDk2Mzc5OTYtOTYzMDg2NyUyNnRlcm0lM0QlMjZlbW5fdCUzRDk2MzA4NjclMjZvbCUzREElMjZyZWZfb2ZmZXIlM0Q5NjM3OTk2JTI2aHMlM0QyNzg5MjYwMDk4JTI2Z28lM0RodHRwcyUyNTNBJTI1MkYlMjUyRmdvLm9mZXJ0aW5nLm5ldCUyNTJGMWcwQzclMjUzRnZhcnMlMjUzRF92bWQ1JTI1MjUzRGY4YWUzYjVlMjQ2MzAyNzdmN2M1ZmQ4ZjNlNzcxMWY0VwVzcGNldUIKABzh-kBf9SejClISZGRld2l0YmVAc2t5bmV0LmJlWAQAAAAA
HTTP 301
https://eu.spgo.io/f/a/RCE_Fgfi5QgMdNKMN8MGjw~~/AAAIxQA~/RgRhI3_hP4QkAmh0dHBzOi8vci1mci5vZmVydGluZy5uZXQvci8_dXRtX3NvdXJjZT1ncnBuJnV0bV9tZWRpdW09ZGVkaWNhZG8mdXRtX2NhbXBhaWduPTk2Mzc5OTYtOTYzMDg2NyZvcmlnPW1hbnVhbCZ1dG1fdGVybT1nZW5lcmljYSZydHQ9JmY9MCZnPSZjPWJlYXV0eSZyZWRpcmVjdGlvbj1odHRwcyUzQSUyRiUyRnRyYWMub2ZlcnRpbmcubmV0JTJGb2YlMkYlM0ZzdCUzRHNwYXJrcG9zdCUyNm5hJTNEMSUyNmVtbl9pJTNEMzQ2JTI2ZW1uX2ElM0Q5NzYlMjZlbW5fYyUzRDczNjQlMjZlbW5fZSUzRGY4YWUzYjVlMjQ2MzAyNzdmN2M1ZmQ4ZjNlNzcxMWY0JTI2ZW1uX3J0JTNEMCUyNmVtbl9wJTNEJTI2ZW1uX2NhdCUzRDk2Mzc5OTYtOTYzMDg2NyUyNnRlcm0lM0QlMjZlbW5fdCUzRDk2MzA4NjclMjZvbCUzREElMjZyZWZfb2ZmZXIlM0Q5NjM3OTk2JTI2aHMlM0QyNzg5MjYwMDk4JTI2Z28lM0RodHRwcyUyNTNBJTI1MkYlMjUyRmdvLm9mZXJ0aW5nLm5ldCUyNTJGMWcwQzclMjUzRnZhcnMlMjUzRF92bWQ1JTI1MjUzRGY4YWUzYjVlMjQ2MzAyNzdmN2M1ZmQ4ZjNlNzcxMWY0VwVzcGNldUIKABzh-kBf9SejClISZGRld2l0YmVAc2t5bmV0LmJlWAQAAAAA HTTP 302
https://r-fr.oferting.net/r/?utm_source=grpn&utm_medium=dedicado&utm_campaign=9637996-9630867&orig=manual&utm_term=generica&rtt=&f=0&g=&c=beauty&redirection=https%3A%2F%2Ftrac.oferting.net%2Fof%2F%3Fst%3Dsparkpost%26na%3D1%26emn_i%3D346%26emn_a%3D976%26emn_c%3D7364%26emn_e%3Df8ae3b5e24630277f7c5fd8f3e7711f4%26emn_rt%3D0%26emn_p%3D%26emn_cat%3D9637996-9630867%26term%3D%26emn_t%3D9630867%26ol%3DA%26ref_offer%3D9637996%26hs%3D2789260098%26go%3Dhttps%253A%252F%252Fgo.oferting.net%252F1g0C7%253Fvars%253D_vmd5%25253Df8ae3b5e24630277f7c5fd8f3e7711f4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://ercm.clicplan.fr/r/f8ae3b5e24630277f7c5fd8f3e7711f4/0f6236e0-0f87-431b-ba56-c3f6d629310e HTTP 302
- https://er.cloud-media.fr/r/f8ae3b5e24630277f7c5fd8f3e7711f4/0f6236e0-0f87-431b-ba56-c3f6d629310e HTTP 302
- https://er.cloud-media.fr/c/f8ae3b5e24630277f7c5fd8f3e7711f4/0f6236e0-0f87-431b-ba56-c3f6d629310e
- https://ersq.clicplan.fr/1693/asset?type=IMG&optin=11&b_optin=11&email=f8ae3b5e24630277f7c5fd8f3e7711f4@MD5 HTTP 302
- https://asset.email-match.com/1693/asset?type=IMG&optin=11&b_optin=11&email=f8ae3b5e24630277f7c5fd8f3e7711f4@MD5?type=IMG&optin=11&b_optin=11&email=f8ae3b5e24630277f7c5fd8f3e7711f4@MD5 HTTP 302
- https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1693&p=1693&known_user=1&m=f8ae3b5e24630277f7c5fd8f3e7711f4&rand=1598100745.8729
- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=160697030&t=pageview&_s=1&dl=https%3A%2F%2Fr-fr.oferting.net%2Fr%2F%3Futm_source%3Dgrpn%26utm_medium%3Ddedicado%26utm_campaign%3D9637996-9630867%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26g%3D%26c%3Dbeauty%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fst%253Dsparkpost%2526na%253D1%2526emn_i%253D346%2526emn_a%253D976%2526emn_c%253D7364%2526emn_e%253Df8ae3b5e24630277f7c5fd8f3e7711f4%2526emn_rt%253D0%2526emn_p%253D%2526emn_cat%253D9637996-9630867%2526term%253D%2526emn_t%253D9630867%2526ol%253DA%2526ref_offer%253D9637996%2526hs%253D2789260098%2526go%253Dhttps%25253A%25252F%25252Fgo.oferting.net%25252F1g0C7%25253Fvars%25253D_vmd5%2525253Df8ae3b5e24630277f7c5fd8f3e7711f4&ul=en-us&de=UTF-8&dt=Oferting%20--%20we%20are%20redirecting%20you%20to%20Grpn%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABB~&jid=1582657700&gjid=290768514&cid=961573583.1598100746&uid=f8ae3b5e24630277f7c5fd8f3e7711f4&tid=UA-2213239-17&_gid=1376630037.1598100746&_r=1&cd1=9630867&cd4=9637996&cd6=Oferting&cd7=manual&cd9=A&cd10=346&cd11=beauty&cd12=f8ae3b5e24630277f7c5fd8f3e7711f4&z=609586412 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2213239-17&cid=961573583.1598100746&jid=1582657700&uid=f8ae3b5e24630277f7c5fd8f3e7711f4&_gid=1376630037.1598100746&gjid=290768514&_v=j83&z=609586412 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2213239-17&cid=961573583.1598100746&jid=1582657700&_v=j83&z=609586412 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2213239-17&cid=961573583.1598100746&jid=1582657700&_v=j83&z=609586412&slf_rd=1&random=1437696806
- https://rp.liadm.com/p?tna=v1.1.10&aid=a-00xy&wpn=lc-bundle&pu=https%3A%2F%2Fr-fr.oferting.net%2Fr%2F%3Futm_source%3Dgrpn%26utm_medium%3Ddedicado%26utm_campaign%3D9637996-9630867%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26g%3D%26c%3Dbeauty%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fst%253Dsparkpost%2526na%253D1%2526emn_i%253D346%2526emn_a%253D976%2526emn_c%253D7364%2526emn_e%253Df8ae3b5e24630277f7c5fd8f3e7711f4%2526emn_rt%253D0%2526emn_p%253D%2526emn_cat%253D9637996-9630867%2526term%253D%2526emn_t%253D9630867%2526ol%253DA%2526ref_offer%253D9637996%2526hs%253D2789260098%2526go%253Dhttps%25253A%25252F%25252Fgo.oferting.net%25252F1g0C7%25253Fvars%25253D_vmd5%2525253Df8ae3b5e24630277f7c5fd8f3e7711f4&duid=1ffc951fb2a6--01egb3mbemz0n0gtsg74vgqjza&se=e30&dtstmp=1598100745786 HTTP 302
- https://rp4.liadm.com/p?tna=v1.1.10&aid=a-00xy&wpn=lc-bundle&pu=https%3A%2F%2Fr-fr.oferting.net%2Fr%2F%3Futm_source%3Dgrpn%26utm_medium%3Ddedicado%26utm_campaign%3D9637996-9630867%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26g%3D%26c%3Dbeauty%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.net%252Fof%252F%253Fst%253Dsparkpost%2526na%253D1%2526emn_i%253D346%2526emn_a%253D976%2526emn_c%253D7364%2526emn_e%253Df8ae3b5e24630277f7c5fd8f3e7711f4%2526emn_rt%253D0%2526emn_p%253D%2526emn_cat%253D9637996-9630867%2526term%253D%2526emn_t%253D9630867%2526ol%253DA%2526ref_offer%253D9637996%2526hs%253D2789260098%2526go%253Dhttps%25253A%25252F%25252Fgo.oferting.net%25252F1g0C7%25253Fvars%25253D_vmd5%2525253Df8ae3b5e24630277f7c5fd8f3e7711f4&duid=1ffc951fb2a6--01egb3mbemz0n0gtsg74vgqjza&se=e30&dtstmp=1598100745786&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
r-fr.oferting.net/r/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a-00xy.min.js
b-code.liadm.com/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0f6236e0-0f87-431b-ba56-c3f6d629310e
er.cloud-media.fr/c/f8ae3b5e24630277f7c5fd8f3e7711f4/ Redirect Chain
|
35 B 230 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
collect_v2.img.php
asset.easydmp.net/ Redirect Chain
|
43 B 648 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
preload.gif
r-fr.oferting.net/images/ |
18 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.min.js
r-fr.oferting.net/js/ |
85 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
122 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
collect
www.google-analytics.com/r/ |
35 B 56 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
collect
www.google-analytics.com/r/ |
35 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 470 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1192092/ |
61 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync-container.js
b-code.liadm.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
rp4.liadm.com/ Redirect Chain
|
43 B 512 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
trc.taboola.com/1192092/trc/3/ |
740 B 856 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
a-00xy
i.liadm.com/s/c/ Frame 0F15 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
unip
trc-events.taboola.com/1192092/log/3/ |
0 294 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .liadm.com/ | Name: lidid Value: ff913cbd-b105-48bf-9bf1-09d2cf8ec285 |
|
| i.liadm.com/s | Name: _li_ss Value: MgUIBhCuDTIFCAoQrg0yBQh6EK0NMgYIiwEQrg0yBQgLEK4NMgUICxCuDTIFCHkQrQ0yCQj_____BxCuDQ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
asset.easydmp.net
asset.email-match.com
b-code.liadm.com
cdn.taboola.com
er.cloud-media.fr
ercm.clicplan.fr
ersq.clicplan.fr
eu.spgo.io
i.liadm.com
r-fr.oferting.net
rp.liadm.com
rp4.liadm.com
st.oferting.net
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
141.226.228.48
151.101.113.44
151.101.13.44
2001:41d0:202:100:145:239:192:103
2001:41d0:301:100:145:239:193:53
2600:1f18:730:b150:e012:d004:2b3d:e4f0
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:809::2004
2a00:1450:4001:81e::2003
2a00:1450:400c:c04::9d
2a02:26f0:10c::5f64:c122
35.171.210.100
46.51.205.54
52.214.46.158
52.215.55.150
54.80.200.212
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b8fc3b2f7f1a8553aa4a4aed8cd9751aac4e6a5838a9d4ef572e69b663067ce
2970d1ed672809203e94da654759c7d6ed6b8b5f7480bd3558caf337f255e3cd
3c5883ba4081d0aaac2c9231d0d99c3ad4ea6a17323bd118b552696ba6a380b0
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
7a77ec5208347759cca8314a7cd7ddcf3262f06920d99fc74e7842d3836863ee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3020aaea91aa72eb37aa896cd154077c54decaaac2f8518af9619561a7d0c79
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955