r.oferting.fr
Open in
urlscan Pro
52.213.184.39
Public Scan
Submitted URL: https://w.oferting.fr/x/c/?hVJNj5swFPwrvaS3TWzAgFtZ1a5WkSr12nNk.AHexRgZs_n_evrsOJt0L5UQnjczxn7zEKzcLCM1LTfPcIsbREi9jU6...
Effective URL: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757854&orig=manual&utm_term=te...
Submission: On December 18 via api from ES — Scanned from FR
Effective URL: https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757854&orig=manual&utm_term=te...
Submission: On December 18 via api from ES — Scanned from FR
Summary
This website contacted 14 IPs
in 6 countries
across 20 domains to perform 19 HTTP transactions.
The main IP is 52.213.184.39, located in
Dublin, Ireland and
belongs to AMAZON-02, US.
The main domain is r.oferting.fr.
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.
This is the only time r.oferting.fr was scanned on urlscan.io!
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.
This is the only time r.oferting.fr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
MIME: PDF document, version 1.3
Size: 89 KB (90974 bytes, 100% done)
Downloaded from: https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d
Domain & IP information
2
91.197.72.25
(Netherlands)
ASN20559 (FUNDAMENTS-AS, NL)
PTR: eu25.webpower.eu
ASN20559 (FUNDAMENTS-AS, NL)
PTR: eu25.webpower.eu
| w.oferting.fr | |
| oferting.webpower.eu |
4
52.213.184.39
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: mail.oferting.fr
ASN16509 (AMAZON-02, US)
PTR: mail.oferting.fr
| r.oferting.fr | |
| trac.oferting.fr |
2
2a00:1450:4001:81c::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2600:1f18:730:b120:12e:9f8f:e13b:3343
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| rp.liadm.com |
1
3.220.148.57
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-148-57.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-148-57.compute-1.amazonaws.com
| rp4.liadm.com |
3
44.195.173.209
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-173-209.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-173-209.compute-1.amazonaws.com
| i.liadm.com |
2
52.208.49.162
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-49-162.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-49-162.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
99.84.88.113
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-113.muc50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-113.muc50.r.cloudfront.net
| live.rezync.com |
3
35.244.174.68
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
2
142.250.186.66
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
| cm.g.doubleclick.net |
2
72.246.169.24
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
| x.dlx.addthis.com |
1
15.197.193.217
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
| match.adsrvr.org |
2
35.156.190.4
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
| x.bidswitch.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
liadm.com
3 redirects
b-code.liadm.com — Cisco Umbrella Rank: 2977 rp.liadm.com — Cisco Umbrella Rank: 1632 rp4.liadm.com — Cisco Umbrella Rank: 6685 i.liadm.com — Cisco Umbrella Rank: 517 |
19 KB |
| 5 |
oferting.fr
2 redirects
w.oferting.fr r.oferting.fr trac.oferting.fr |
56 KB |
| 3 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 408 |
869 B |
| 2 |
bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336 |
291 B |
| 2 |
addthis.com
1 redirects
x.dlx.addthis.com — Cisco Umbrella Rank: 1554 |
1 KB |
| 2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 219 |
615 B |
| 2 |
rezync.com
2 redirects
live.rezync.com — Cisco Umbrella Rank: 1785 |
1 KB |
| 2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 208 |
1 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
143 KB |
| 1 |
zemanta.com
1 redirects
b1sync.zemanta.com — Cisco Umbrella Rank: 586 |
291 B |
| 1 |
criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550 |
363 B |
| 1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331 |
149 B |
| 1 |
rfihub.com
1 redirects
p.rfihub.com — Cisco Umbrella Rank: 825 |
1 KB |
| 1 |
turn.com
1 redirects
d.turn.com — Cisco Umbrella Rank: 1349 |
416 B |
| 1 |
adv-img.com
i.adv-img.com |
|
| 1 |
aventurecollecte.com
1 redirects
collecte.aventurecollecte.com |
819 B |
| 1 |
relieautr.com
1 redirects
olx.relieautr.com |
568 B |
| 1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189 |
252 B |
| 1 |
webpower.eu
1 redirects
oferting.webpower.eu |
1 KB |
| 0 |
clicplan.fr
Failed
ercm.clicplan.fr Failed ersq.clicplan.fr Failed |
|
| 19 | 20 |
| Domain | Requested by | |
|---|---|---|
| 3 | idsync.rlcdn.com |
2 redirects
i.liadm.com
|
| 3 | i.liadm.com |
2 redirects
b-code.liadm.com
|
| 3 | r.oferting.fr |
r.oferting.fr
|
| 2 | x.bidswitch.net |
i.liadm.com
|
| 2 | x.dlx.addthis.com |
1 redirects
i.liadm.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | live.rezync.com | 2 redirects |
| 2 | dpm.demdex.net |
1 redirects
i.liadm.com
|
| 2 | www.googletagmanager.com |
r.oferting.fr
www.googletagmanager.com |
| 1 | b1sync.zemanta.com | 1 redirects |
| 1 | dis.criteo.com |
i.liadm.com
|
| 1 | match.adsrvr.org |
i.liadm.com
|
| 1 | p.rfihub.com | 1 redirects |
| 1 | d.turn.com | 1 redirects |
| 1 | i.adv-img.com | |
| 1 | collecte.aventurecollecte.com | 1 redirects |
| 1 | olx.relieautr.com | 1 redirects |
| 1 | trac.oferting.fr | 1 redirects |
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | rp4.liadm.com | |
| 1 | rp.liadm.com | 1 redirects |
| 1 | b-code.liadm.com |
r.oferting.fr
|
| 1 | oferting.webpower.eu | 1 redirects |
| 1 | w.oferting.fr | 1 redirects |
| 0 | ersq.clicplan.fr Failed |
r.oferting.fr
|
| 0 | ercm.clicplan.fr Failed |
r.oferting.fr
|
| 19 | 26 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| r.oferting.fr R3 |
2023-10-22 - 2024-01-20 |
3 months | crt.sh |
| *.liadm.com Amazon RSA 2048 M03 |
2023-12-02 - 2024-12-29 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| adv-img.com E1 |
2023-12-02 - 2024-03-01 |
3 months | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
| *.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2023-03-23 - 2024-03-23 |
a year | crt.sh |
| *.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-01 - 2024-03-01 |
3 months | crt.sh |
This page contains 2 frames:
Frame:
https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d
Frame ID: F15603E40B17E3BB461F0FA8E806D887
Requests: 11 HTTP requests in this frame
Frame:
https://i.liadm.com/s/c/a-00xy?duid=6b4e69b91e72--01hhybnscx1nh01j5e6akpf2tt&euns=0&s=&version=v2.11.2&
Frame ID: 94C5FF128DFE1FB0661B3B3948FE85D0
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Oferting -- we are redirecting you to Redbysfr's websitePage URL History Show full URLs
-
https://w.oferting.fr/x/c/?hVJNj5swFPwrvaS3TWzAgFtZ1a5WkSr12nNk.AHexRgZs_n_evrsOJt0L5UQnjczxn7zEKz...
HTTP 302
https://oferting.webpower.eu/x/c/?hVJNj5swFPwrvaS3TWzAgFtZ1a5WkSr12nNk.AHexRgZs_n_evrsOJt0L5UQnjczxn7zEKz... HTTP 302
https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757854&ori... Page URL
Detected technologies
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://w.oferting.fr/x/c/?hVJNj5swFPwrvaS3TWzAgFtZ1a5WkSr12nNk.AHexRgZs_n_evrsOJt0L5UQnjczxn7zEKzcLCM1LTfPcIsbREi9jU6w895p5YOZ_r3228ga3JJtYEMI8.LtcPD38sEffqzBnha3eqGYV7J7X7T.yu38PfJWSbNaJmERXLoPXgDgpp8YRqiiqCgeaEOallTJ4bzpmeXTysePHUF5y4ISQ2J8CCwBzVBaxU3r2aTOFxcc65UIxk2X6_.Kx11xhCd4Lu77AMrpKJXHJezK57PqZndW.rTYMO_KeuJAIgDKTicDuKzqXEWlJS3OpYAS15hWNBMKCClUgQtec0ppU1YYNVTTsqulAIXWMlt9yKe4EcBTZmfA14.z6PicGYgxnZstmm6aV.rkNPR6txXoYYl1QXFF4S_I119k7PzfWOreAXkJryAxPhIDhJcb._y9Go3ia.B74WxiY7CvsPnqK4.hfVYRPF_noSw3Y9Rrk.jOCPQikZa8R50ZBomkVsOLRlIlF39bjUzOWBLy9PtnRmlJHS.ZgeIkEAwHXTtFOYjLTP43iE2yX2Z6.ZI3PTR.AQA41
HTTP 302
https://oferting.webpower.eu/x/c/?hVJNj5swFPwrvaS3TWzAgFtZ1a5WkSr12nNk.AHexRgZs_n_evrsOJt0L5UQnjczxn7zEKzcLCM1LTfPcIsbREi9jU6w895p5YOZ_r3228ga3JJtYEMI8.LtcPD38sEffqzBnha3eqGYV7J7X7T.yu38PfJWSbNaJmERXLoPXgDgpp8YRqiiqCgeaEOallTJ4bzpmeXTysePHUF5y4ISQ2J8CCwBzVBaxU3r2aTOFxcc65UIxk2X6_.Kx11xhCd4Lu77AMrpKJXHJezK57PqZndW.rTYMO_KeuJAIgDKTicDuKzqXEWlJS3OpYAS15hWNBMKCClUgQtec0ppU1YYNVTTsqulAIXWMlt9yKe4EcBTZmfA14.z6PicGYgxnZstmm6aV.rkNPR6txXoYYl1QXFF4S_I119k7PzfWOreAXkJryAxPhIDhJcb._y9Go3ia.B74WxiY7CvsPnqK4.hfVYRPF_noSw3Y9Rrk.jOCPQikZa8R50ZBomkVsOLRlIlF39bjUzOWBLy9PtnRmlJHS.ZgeIkEAwHXTtFOYjLTP43iE2yX2Z6.ZI3PTR.AQA41stored HTTP 302
https://r.oferting.fr/r/?utm_source=redbysfr&utm_medium=dedicado&utm_campaign=10049022-9757854&orig=manual&utm_term=tech&rtt=&f=0&c=tech&g=new&redirection=https%3A%2F%2Ftrac.oferting.fr%2Fof%2F%3Fst%3Dwebpower_smtp%26na%3D0%26emn_i%3D346%26emn_a%3D8581%26emn_c%3D161949%26emn_e%3Ddce212a6a9997341079f93b6dcdce96d%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10049022-9757854%26term%3D%26emn_t%3D9757854%26ref_offer%3D10049022%26hs%3D1291495691%26sd%3Dw.oferting.fr%26go%3Dhttps%253A%252F%252Folx.relieautr.com%252Ftracking%252F%253Ftype%253Dredirectemail%2526i%253Dbic0jd0fdag0bihhd0dfehjf0de%2526avuid%253D%25255BUID%25255D%2526emn_sid%253D08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://rp.liadm.com/j?dtstmp=1702899672599&aid=a-00xy&se=e30&duid=6b4e69b91e72--01hhybnscx1nh01j5e6akpf2tt&tna=v2.11.2&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dredbysfr%26utm_medium%3Ddedicado%26utm_campaign%3D10049022-9757854%26orig%3Dmanual%26utm_term%3Dtech%26rtt%3D%26f%3D0%26c%3Dtech%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D8581%2526emn_c%253D161949%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10049022-9757854%2526term%253D%2526emn_t%253D9757854%2526ref_offer%253D10049022%2526hs%253D1291495691%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Folx.relieautr.com%25252Ftracking%25252F%25253Ftype%25253Dredirectemail%252526i%25253Dbic0jd0fdag0bihhd0dfehjf0de%252526avuid%25253D%2525255BUID%2525255D%252526emn_sid%25253D08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d&wpn=lc-bundle&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUmVkYnlzZnIncyB3ZWJzaXRlPC90aXRsZT4 HTTP 302
- https://rp4.liadm.com/j?se=e30&duid=6b4e69b91e72--01hhybnscx1nh01j5e6akpf2tt&aid=a-00xy&tna=v2.11.2&dtstmp=1702899672599&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0MWQwOmQ6MzY0ZDo6Mg%3D%3D&pu=https%3A%2F%2Fr.oferting.fr%2Fr%2F%3Futm_source%3Dredbysfr%26utm_medium%3Ddedicado%26utm_campaign%3D10049022-9757854%26orig%3Dmanual%26utm_term%3Dtech%26rtt%3D%26f%3D0%26c%3Dtech%26g%3Dnew%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.fr%252Fof%252F%253Fst%253Dwebpower_smtp%2526na%253D0%2526emn_i%253D346%2526emn_a%253D8581%2526emn_c%253D161949%2526emn_e%253Ddce212a6a9997341079f93b6dcdce96d%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10049022-9757854%2526term%253D%2526emn_t%253D9757854%2526ref_offer%253D10049022%2526hs%253D1291495691%2526sd%253Dw.oferting.fr%2526go%253Dhttps%25253A%25252F%25252Folx.relieautr.com%25252Ftracking%25252F%25253Ftype%25253Dredirectemail%252526i%25253Dbic0jd0fdag0bihhd0dfehjf0de%252526avuid%25253D%2525255BUID%2525255D%252526emn_sid%25253D08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d&c=PHRpdGxlPk9mZXJ0aW5nIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUmVkYnlzZnIncyB3ZWJzaXRlPC90aXRsZT4
- https://trac.oferting.fr/of/?st=webpower_smtp&na=0&emn_i=346&emn_a=8581&emn_c=161949&emn_e=dce212a6a9997341079f93b6dcdce96d&emn_rt=0&ol=B&emn_p=&emn_cat=10049022-9757854&term=&emn_t=9757854&ref_offer=10049022&hs=1291495691&sd=w.oferting.fr&go=https%3A%2F%2Folx.relieautr.com%2Ftracking%2F%3Ftype%3Dredirectemail%26i%3Dbic0jd0fdag0bihhd0dfehjf0de%26avuid%3D%255BUID%255D%26emn_sid%3D08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d HTTP 302
- https://olx.relieautr.com/tracking/?type=redirectemail&i=bic0jd0fdag0bihhd0dfehjf0de&avuid=%5BUID%5D&emn_sid=08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d HTTP 301
- http://collecte.aventurecollecte.com/tracking/?type=redirectemail&iid=bic0jd0fdag0bihhd0dfehjf0de&avuid=%5BUID%5D&emn_sid=08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d HTTP 302
- https://i.adv-img.com/content/upl/red/2023/Trafic/mentionslegales-trafic-generique-decembre.pdf?&avuid=%5BUID%5D&emn_sid=08581034601004902209757854161949dce212a6a9997341079f93b6dcdce96d
- https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
- https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4346906069560260746 HTTP 303
- https://dpm.demdex.net/ibs:dpid=127444&dpuuid=07508720-783d-4721-8b83-1430ee1ff2fa HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=07508720-783d-4721-8b83-1430ee1ff2fa
- https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=07508720-783d-4721-8b83-1430ee1ff2fa HTTP 302
- https://p.rfihub.com/cm?pub=39342&in=1&userid=161b4f5a-498b-4a85-bf45-ed02b133357d%3A1702899673.8577514&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D161b4f5a-498b-4a85-bf45-ed02b133357d%253A1702899673.8577514%26_%3D1702899673.8595986&cb=1702899673.8596308 HTTP 302
- https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831629385735&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D161b4f5a-498b-4a85-bf45-ed02b133357d%253A1702899673.8577514%26_%3D1702899673.8595986 HTTP 302
- https://idsync.rlcdn.com/501709.gif?partner_uid=161b4f5a-498b-4a85-bf45-ed02b133357d%3A1702899673.8577514&_=1702899673.8595986 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjcxNjFiNGY1YS00OThiLTRhODUtYmY0NS1lZDAyYjEzMzM1N2Q6MTcwMjg5OTY3My44NTc3NTE0EAAaDQja34CsBhIFCOgHEABCAEoA HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
- https://idsync.rlcdn.com/362358.gif?google_error=15
- https://x.dlx.addthis.com/e/live_intent_sync?na_exid=07508720-783d-4721-8b83-1430ee1ff2fa HTTP 302
- https://x.dlx.addthis.com/e/live_intent_sync?na_exid=07508720-783d-4721-8b83-1430ee1ff2fa&rd=Y
- https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
- https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
- https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=07508720-783d-4721-8b83-1430ee1ff2fa&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
r.oferting.fr/r/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a-00xy.min.js
b-code.liadm.com/ |
47 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
0f6236e0-0f87-431b-ba56-c3f6d629310e
ercm.clicplan.fr/r/dce212a6a9997341079f93b6dcdce96d/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
asset
ersq.clicplan.fr/1693/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
preload.gif
r.oferting.fr/images/ |
18 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.3.1.min.js
r.oferting.fr/js/ |
85 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
174 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
230 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
j
rp4.liadm.com/ Redirect Chain
|
13 B 318 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a-00xy
i.liadm.com/s/c/ Frame 94C5 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mentionslegales-trafic-generique-decembre.pdf
i.adv-img.com/content/upl/red/2023/Trafic/ Redirect Chain
|
0 0 |
Document
application/pdf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
demconf.jpg
dpm.demdex.net/ Frame 94C5 Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
362358.gif
idsync.rlcdn.com/ Frame 94C5 Redirect Chain
|
42 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
live_intent_sync
x.dlx.addthis.com/e/ Frame 94C5 Redirect Chain
|
43 B 595 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 94C5 |
70 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
x.bidswitch.net/ Frame 94C5 |
43 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usersync.aspx
dis.criteo.com/dis/ Frame 94C5 |
43 B 363 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syncd
x.bidswitch.net/ Frame 94C5 Redirect Chain
|
43 B 145 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ercm.clicplan.fr
- URL
- https://ercm.clicplan.fr/r/dce212a6a9997341079f93b6dcdce96d/0f6236e0-0f87-431b-ba56-c3f6d629310e
- Domain
- ersq.clicplan.fr
- URL
- https://ersq.clicplan.fr/1693/asset?type=IMG&optin=11&b_optin=11&email=dce212a6a9997341079f93b6dcdce96d@MD5
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| dataLayer object| LI object| __li__evt_bus object| liQ object| liQ_instances object| google_tag_manager object| google_tag_data function| $ function| jQuery object| gaGlobal36 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| trac.oferting.fr/of | Name: emntkgidentifiant Value: ni4bjjdeebtek4rvcok5aktnqs722i2v |
|
| trac.oferting.fr/of | Name: emntkgidentifiant_cpl Value: ni4bjjdeebtek4rvcok5aktnqs722i2v |
|
| trac.oferting.fr/of | Name: emntkgidentifiant_cpv Value: ni4bjjdeebtek4rvcok5aktnqs722i2v |
|
| trac.oferting.fr/of | Name: emntkgidentifiant_usr Value: dce212a6a9997341079f93b6dcdce96d |
|
| trac.oferting.fr/of | Name: emntkg_72232364aac7137d5c7486341fc694cd Value: 8581%7C161949%7C346%7C0%7C |
|
| trac.oferting.fr/of | Name: emntkg_cpl_72232364aac7137d5c7486341fc694cd Value: 8581%7C161949%7C346%7C0%7C |
|
| trac.oferting.fr/of | Name: emntkg_cpv_72232364aac7137d5c7486341fc694cd Value: 8581%7C161949%7C346%7C0%7C |
|
| .liadm.com/j | Name: lidid Value: 07508720-783d-4721-8b83-1430ee1ff2fa |
|
| i.liadm.com/s | Name: _li_ss Value: CkQKBQgKEOEWCgYI3QEQ4RYKBgiBARDhFgoFCAwQ6xYKBgiiARDhFgoFCAsQ4RYKBgiLARDhFgoGCNIBEOEWCgUIfhDhFg |
|
| .w.oferting.fr/ | Name: DMDconv Value: hVJNj5swFPwrvaS3TWzAgFtZ1a5WkSr12nNk.AHexRgZs_n_evrsOJt0L5UQnjczxn7zEKzcLCM1LTfPcIsbREi9jU6w895p5YOZ_r3228ga3JJtYEMI8.LtcPD38sEffqzBnha3eqGYV7J7X7T.yu38PfJWSbNaJmERXLoPXgDgpp8YRqiiqCgeaEOallTJ4bzpmeXTysePHUF5y4ISQ2J8CCwBzVBaxU3r2aTOFxcc65UIxk2X6_.Kx11xhCd4Lu77AMrpKJXHJezK57PqZndW.rTYMO_KeuJAIgDKTicDuKzqXEWlJS3OpYAS15hWNBMKCClUgQtec0ppU1YYNVTTsqulAIXWMlt9yKe4EcBTZmfA14.z6PicGYgxnZstmm6aV.rkNPR6txXoYYl1QXFF4S_I119k7PzfWOreAXkJryAxPhIDhJcb._y9Go3ia.B74WxiY7CvsPnqK4.hfVYRPF_noSw3Y9Rrk.jOCPQikZa8R50ZBomkVsOLRlIlF39bjUzOWBLy9PtnRmlJHS.ZgeIkEAwHXTtFOYjLTP43iE2yX2Z6.ZI3PTR.AQA41 |
|
| .oferting.webpower.eu/ | Name: DMDconv Value: hVJNj5swFPwrvaS3TWzAgFtZ1a5WkSr12nNk.AHexRgZs_n_evrsOJt0L5UQnjczxn7zEKzcLCM1LTfPcIsbREi9jU6w895p5YOZ_r3228ga3JJtYEMI8.LtcPD38sEffqzBnha3eqGYV7J7X7T.yu38PfJWSbNaJmERXLoPXgDgpp8YRqiiqCgeaEOallTJ4bzpmeXTysePHUF5y4ISQ2J8CCwBzVBaxU3r2aTOFxcc65UIxk2X6_.Kx11xhCd4Lu77AMrpKJXHJezK57PqZndW.rTYMO_KeuJAIgDKTicDuKzqXEWlJS3OpYAS15hWNBMKCClUgQtec0ppU1YYNVTTsqulAIXWMlt9yKe4EcBTZmfA14.z6PicGYgxnZstmm6aV.rkNPR6txXoYYl1QXFF4S_I119k7PzfWOreAXkJryAxPhIDhJcb._y9Go3ia.B74WxiY7CvsPnqK4.hfVYRPF_noSw3Y9Rrk.jOCPQikZa8R50ZBomkVsOLRlIlF39bjUzOWBLy9PtnRmlJHS.ZgeIkEAwHXTtFOYjLTP43iE2yX2Z6.ZI3PTR.AQA41 |
|
| .oferting.fr/ | Name: _li_dcdm_c Value: .oferting.fr |
|
| .oferting.fr/ | Name: _lc2_fpi Value: 6b4e69b91e72--01hhybnscx1nh01j5e6akpf2tt |
|
| .oferting.fr/ | Name: _lc2_fpi_meta Value: {%22w%22:1702899672477} |
|
| .oferting.fr/ | Name: _ga Value: GA1.1.1877905954.1702899673 |
|
| .oferting.fr/ | Name: _ga_B5QPSJDJ8N Value: GS1.1.1702899672.1.0.1702899672.0.0.0 |
|
| .liadm.com/ | Name: lidid Value: 07508720-783d-4721-8b83-1430ee1ff2fa |
|
| .oferting.fr/ | Name: _li_ss Value: CjYKBQgKEOEWCgYI3QEQ4RYKBgiBARDhFgoFCAwQ6xYKBgiiARDhFgoGCIsBEOEWCgYI0gEQ4RY |
|
| .oferting.fr/ | Name: _li_ss_meta Value: {%22w%22:1702899673698%2C%22e%22:1705491673698} |
|
| .turn.com/ | Name: uid Value: 4346906069560260746 |
|
| .rezync.com/ | Name: zync-uuid Value: 161b4f5a-498b-4a85-bf45-ed02b133357d:1702899673.8577514 |
|
| .demdex.net/ | Name: demdex Value: 47603675912022427872703567742358787786 |
|
| .addthis.com/ | Name: na_id Value: 2023121811411300050264211397 |
|
| .addthis.com/ | Name: na_tc Value: Y |
|
| .addthis.com/ | Name: uid Value: 65802fd9d3943074 |
|
| .addthis.com/ | Name: ouid Value: 65802fd9000139bbd794b3896fe6986a18ee8ec1a5b19abcd686 |
|
| .dpm.demdex.net/ | Name: dpm Value: 47603675912022427872703567742358787786 |
|
| .rfihub.com/ | Name: eud Value: H4sIAAAAAAAA_1XIsRGAMAgF0AmsMgceP0AgbhMuZiBLSye1887yvas4GlKXDdIeSTrCKJcanZNrQkTM5wHnGr03lz3M3aB32b5UMD9_4wX4XJqrWgAAAA |
|
| .rfihub.com/ | Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQzsjS2MDU3NhXiM9T1TXOKyC0pSPSrTPEFANAAepMlAAAA |
|
| .rfihub.com/ | Name: euds Value: H4sIAAAAAAAA_wXBwRHAIAgEwE_aISPCeWA3MsZCUrm7_0MdWn6wxDNKfAWkjkO-3XqpmYF7KluPzEF7AyTULwGPpbU6AAAA |
|
| .rfihub.com/ | Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQzsjS2MDU3NhXiM9T1TXOKyC0pSPSrTPEFANAAepMlAAAA |
|
| .dlx.addthis.com/ | Name: na_sc_x Value: 1 |
|
| live.rezync.com/ | Name: sd-session-id Value: .eJwNzE0KwyAQQOG7zDoWJ-P4d5mgdQLSxpaYbBpy97p88PEuWL6yb6lJOyAe-ykTPN91VId4Qa-_TV4QgVE7Q-QJ7RzIsyOGe4IuvddPW2oZBi1ms3JSJvisTPKs8mpYSdFzRiJiVyI6PfsQrKPHuDhGA_cfqw4leg.ZYAv2g.8J4VNm5ioTQS03A45qETybn9-cM |
|
| .rlcdn.com/ | Name: rlas3 Value: M3/QrHwZCxct8FFB1dPspiyL/XX/4B9PgbRV7w0xzgI= |
|
| .rlcdn.com/ | Name: pxrc Value: CNrfgKwGEgUI6AcQABIGCLrqARAA |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b-code.liadm.com
b1sync.zemanta.com
cm.g.doubleclick.net
collecte.aventurecollecte.com
d.turn.com
dis.criteo.com
dpm.demdex.net
ercm.clicplan.fr
ersq.clicplan.fr
i.adv-img.com
i.liadm.com
idsync.rlcdn.com
live.rezync.com
match.adsrvr.org
oferting.webpower.eu
olx.relieautr.com
p.rfihub.com
r.oferting.fr
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
trac.oferting.fr
w.oferting.fr
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
ercm.clicplan.fr
ersq.clicplan.fr
142.250.186.66
15.197.193.217
178.250.1.9
193.0.160.130
2001:4860:4802:32::36
2001:678:cb4:bbbb::13
2600:1f18:730:b120:12e:9f8f:e13b:3343
2600:9000:20a0:ce00:8:8845:1500:93a1
2606:4700:3034::6815:465f
2a00:1450:4001:81c::2008
2a06:98c1:3120::3
2a06:98c1:3121::3
3.220.148.57
35.156.190.4
35.244.174.68
44.195.173.209
52.208.49.162
52.213.184.39
70.42.32.223
72.246.169.24
91.197.72.25
99.84.88.113
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19d80fda11a4e1bbddd89d507f033f3449da39794f5689584d1b830eb107b586
209ece7ec9df39a83b1e49686674e4eac65d64c0d1b0175ec05ac58b1fb88f31
42b22d7672be195d26973bca9ea15e29e7b6c8b054fe5e705aca590d6c337496
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
8055f27eeba86022e0c261677609b407d1b9cde2f6ff1389ee576b7992ec53ec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f65d37a4e326ea7257ada539709281491777b3e2f87b71c0937538827bd6c76e