messagent.roulartamail.be
Open in
urlscan Pro
91.212.185.86
Public Scan
Submitted URL: http://www.kw.be/meerdanjeverwacht
Effective URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=6BJGIK0inDuQPt1ME76Lz8oDyN%2BvW0pLwPBqcCEmPEhp3%2BwNzjxvqeaGpoIXGS5...
Submission: On January 19 via api from BE
Effective URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=6BJGIK0inDuQPt1ME76Lz8oDyN%2BvW0pLwPBqcCEmPEhp3%2BwNzjxvqeaGpoIXGS5...
Submission: On January 19 via api from BE
Summary
This website contacted 8 IPs
in 5 countries
across 11 domains to perform 13 HTTP transactions.
The main IP is 91.212.185.86, located in
Mechelen, Belgium and
belongs to ROULARTA-MEDIA-GROUP-AS, BE.
The main domain is messagent.roulartamail.be.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 5th 2018. Valid for: 2 years.
This is the only time messagent.roulartamail.be was scanned on urlscan.io!
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 5th 2018. Valid for: 2 years.
This is the only time messagent.roulartamail.be was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 217.19.237.54 217.19.237.54 | 34762 (COMBELL-AS) (COMBELL-AS) | |
| 2 2 | 95.131.143.129 95.131.143.129 | 47841 (OXALIDE) (OXALIDE) | |
| 3 | 91.212.185.86 91.212.185.86 | 49333 (ROULARTA-...) (ROULARTA-MEDIA-GROUP-AS) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81a::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 2a00:1450:400... 2a00:1450:4001:814::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 4 | 178.32.205.233 178.32.205.233 | 16276 (OVH) (OVH) | |
| 1 1 | 2a00:1450:400... 2a00:1450:400c:c0c::9a | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 2a00:1450:400... 2a00:1450:4001:81b::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:824::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 13 | 8 |
1
217.19.237.54
(Brussels, Belgium)
ASN34762 (COMBELL-AS, BE)
PTR: 217.19.237.54.static.hosted.by.combell.com
ASN34762 (COMBELL-AS, BE)
PTR: 217.19.237.54.static.hosted.by.combell.com
| www.kw.be |
3
91.212.185.86
(Mechelen, Belgium)
ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE)
PTR: 86-185-212-91.rmg.be
ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE)
PTR: 86-185-212-91.rmg.be
| messagent.roulartamail.be |
1
2a00:1450:4001:81a::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2a00:1450:4001:814::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
gemius.pl
1 redirects
gabe.hit.gemius.pl |
11 KB |
| 3 |
roulartamail.be
messagent.roulartamail.be |
758 KB |
| 3 |
kw.be
3 redirects
www.kw.be kw.be |
942 B |
| 2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
22 KB |
| 1 |
google.de
www.google.de |
109 B |
| 1 |
google.com
1 redirects
www.google.com |
191 B |
| 1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
160 B |
| 1 |
googletagmanager.com
www.googletagmanager.com |
35 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
739 B |
| 1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
20 KB |
| 13 | 11 |
| Domain | Requested by | |
|---|---|---|
| 4 | gabe.hit.gemius.pl |
1 redirects
messagent.roulartamail.be
gabe.hit.gemius.pl |
| 3 | messagent.roulartamail.be |
messagent.roulartamail.be
|
| 2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
| 2 | fonts.gstatic.com |
messagent.roulartamail.be
|
| 2 | kw.be | 2 redirects |
| 1 | www.google.de |
messagent.roulartamail.be
|
| 1 | www.google.com | 1 redirects |
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | www.googletagmanager.com |
messagent.roulartamail.be
|
| 1 | fonts.googleapis.com |
messagent.roulartamail.be
|
| 1 | maxcdn.bootstrapcdn.com |
messagent.roulartamail.be
|
| 1 | www.kw.be | 1 redirects |
| 13 | 12 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| messagent.roulartamail.be COMODO RSA Domain Validation Secure Server CA |
2018-10-05 - 2020-10-04 |
2 years | crt.sh |
| *.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
| *.storage.googleapis.com GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
| *.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA |
2019-09-11 - 2021-09-24 |
2 years | crt.sh |
| www.google.de GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=6BJGIK0inDuQPt1ME76Lz8oDyN%2BvW0pLwPBqcCEmPEhp3%2BwNzjxvqeaGpoIXGS5ukSR%2BXXyrWRxUKR
Frame ID: 25C2F69AFA6F1A408D5FC6C77BBC5709
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.kw.be/meerdanjeverwacht
HTTP 301
http://kw.be/meerdanjeverwacht HTTP 301
https://kw.be/meerdanjeverwacht HTTP 302
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=6BJGIK0inDuQPt1ME76Lz8oDyN%2BvW0pLwPBqcCEmPEhp3... Page URL
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Varnish
(Cache Tools)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
IIS
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Gemius () Expand
Overall confidence: %
Detected patterns
Detected patterns
- script /hit\.gemius\.pl\/xgemius\.js/i
- script /hit\.gemius\.pl/i
- script /xgemius\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.kw.be/meerdanjeverwacht
HTTP 301
http://kw.be/meerdanjeverwacht HTTP 301
https://kw.be/meerdanjeverwacht HTTP 302
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=6BJGIK0inDuQPt1ME76Lz8oDyN%2BvW0pLwPBqcCEmPEhp3%2BwNzjxvqeaGpoIXGS5ukSR%2BXXyrWRxUKR Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=738186018&t=pageview&_s=1&dl=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D6BJGIK0inDuQPt1ME76Lz8oDyN%252BvW0pLwPBqcCEmPEhp3%252BwNzjxvqeaGpoIXGS5ukSR%252BXXyrWRxUKR&dp=virtual%2Fprod%2Fkw%2Fkw2020%2F202001%2Fnl%2Fhome&ul=en-us&de=UTF-8&dt=kw2020%20-%20home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1471449009&gjid=302976732&cid=308343207.1579461269&tid=UA-8272409-18&_gid=684300259.1579461269&_r=1>m=2wg181MHVRMGQ&cd10=kw&cd11=kw2020&cd12=202001&cd13=nl&cd14=home&cd17=RMG&cd18=site-messagent-nl&z=2083819337 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8272409-18&cid=308343207.1579461269&jid=1471449009&_gid=684300259.1579461269&gjid=302976732&_v=j79&z=2083819337 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8272409-18&cid=308343207.1579461269&jid=1471449009&_v=j79&z=2083819337 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8272409-18&cid=308343207.1579461269&jid=1471449009&_v=j79&z=2083819337&slf_rd=1&random=1220428027
- https://gabe.hit.gemius.pl/_1579461268873/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D6BJGIK0inDuQPt1ME76Lz8oDyN%252BvW0pLwPBqcCEmPEhp3%252BwNzjxvqeaGpoIXGS5ukSR%252BXXyrWRxUKR&ref=&screen=1600x1200r1000&col=24&window=1600x1200<ime=0&lsdata=-NOTSUP&fpdata=1Cvbq3SYOLXWqbTqPFgEwxYg5MPb5OBSila8qGK.FF3.t7&vis=1 HTTP 301
- https://gabe.hit.gemius.pl/__/_1579461268873/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D6BJGIK0inDuQPt1ME76Lz8oDyN%252BvW0pLwPBqcCEmPEhp3%252BwNzjxvqeaGpoIXGS5ukSR%252BXXyrWRxUKR&ref=&screen=1600x1200r1000&col=24&window=1600x1200<ime=0&lsdata=-NOTSUP&fpdata=1Cvbq3SYOLXWqbTqPFgEwxYg5MPb5OBSila8qGK.FF3.t7&vis=1
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
optiextension.dll
messagent.roulartamail.be/optiext/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ |
141 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
7 KB 739 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-kw.png
messagent.roulartamail.be/images/preweb2/journey/kw/2020/kw2020/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
113 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg-landingspagina.jpg
messagent.roulartamail.be/images/preweb2/journey/kw/2020/kw2020/ |
750 KB 750 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xgemius.js
gabe.hit.gemius.pl/ |
33 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fpdata.js
gabe.hit.gemius.pl/ |
273 B 386 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rexdot.js
gabe.hit.gemius.pl/__/_1579461268873/ Redirect Chain
|
180 B 440 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga string| pp_gemius_identifier object| pp_gemius_extraparameters object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gemius_cmpclient object| gemius_hcconn function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event number| pp_gemius_cnt boolean| gemius_hcref4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .roulartamail.be/ | Name: _gat_UA-8272409-18 Value: 1 |
|
| .roulartamail.be/ | Name: _gid Value: GA1.2.684300259.1579461269 |
|
| .roulartamail.be/ | Name: __gfp_64b Value: 1Cvbq3SYOLXWqbTqPFgEwxYg5MPb5OBSila8qGK.FF3.t7 |
|
| .roulartamail.be/ | Name: _ga Value: GA1.2.308343207.1579461269 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
gabe.hit.gemius.pl
kw.be
maxcdn.bootstrapcdn.com
messagent.roulartamail.be
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.kw.be
178.32.205.233
2001:4de0:ac19::1:b:2b
217.19.237.54
2a00:1450:4001:806::200a
2a00:1450:4001:814::2003
2a00:1450:4001:814::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2004
2a00:1450:4001:824::2003
2a00:1450:400c:c0c::9a
91.212.185.86
95.131.143.129
04cfd7bbc1cb58de9bf5e7016aa9d6aaf2a4c8a541d94f32cde6f30320a1d344
0cf08b3d62e7729332e974a2dd98e7fbce41eb392a17e4e40edaf0b6663b4b5e
1b3ac2b04ddb3dfd23ec5903c9075f4157c22335fcdfb57471c8633842918f6c
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1c03ce74661e68bfeeebe02b5c8e867b5d0018c060af3881fff5b53e74f77133
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
31faebe3cc086c8a6ab1fee17d33781db8b632c05f56bae5865d34c9c3383b39
53d2b310b78267a9c18bc1bbc3885d58d12d8fe5b286d8c9aa482331757b9812
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
a31b6cbcdac76f8de942ef17d40f9d6145b55708de527585707ccd64fabd5fc1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0b905f52ba1fb24ad49b7d86a3edb3389f4451c470bfe7945225f2948295c2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629