Submitted URL: https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=461b830c5400ef3c93aa7d4a3851883d18ab947b&url_key...
Effective URL: https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c
Submission: On July 02 via api from BE

Summary

This website contacted 11 IPs in 6 countries across 8 domains to perform 19 HTTP transactions. The main IP is 212.116.25.21, located in Germany and belongs to NEXINTO-, DE. The main domain is www.mediamarkt.be.
TLS certificate: Issued by GeoTrust RSA CA 2018 on June 21st 2019. Valid for: a year.
This is the only time www.mediamarkt.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 78.137.118.22 34934 (UKFAST)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a02:21a8:0:3... 61323 (SECARMA)
1 209.197.3.15 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.210.195.24 16509 (AMAZON-02)
1 52.222.157.32 16509 (AMAZON-02)
1 188.165.150.178 16276 (OVH)
1 185.33.223.200 29990 (ASN-APPNEXUS)
1 1 54.72.51.173 16509 (AMAZON-02)
1 2 212.116.25.21 6659 (NEXINTO-)
19 11
Domain Requested by
7 static.orangebuddies.com nl-be.cashbackdeals.be
3 nl-be.cashbackdeals.be 1 redirects nl-be.cashbackdeals.be
2 www.mediamarkt.be 1 redirects clk.tradedoubler.com
2 clk.tradedoubler.com 1 redirects
2 www.google-analytics.com nl-be.cashbackdeals.be
1 redir.tradedoubler.com 1 redirects
1 ib.adnxs.com clk.tradedoubler.com
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 fonts.googleapis.com nl-be.cashbackdeals.be
1 maxcdn.bootstrapcdn.com nl-be.cashbackdeals.be
19 11

This site contains no links.

Subject Issuer Validity Valid
www.cashbackkorting.nl
Sectigo RSA Domain Validation Secure Server CA
2019-05-06 -
2021-05-21
2 years crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-06-11 -
2019-09-03
3 months crt.sh
static.orangebuddies.com
Sectigo RSA Domain Validation Secure Server CA
2019-06-17 -
2021-06-17
2 years crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-06-18 -
2019-09-10
3 months crt.sh
*.tradedoubler.com
GlobalSign Domain Validation CA - SHA256 - G2
2018-12-10 -
2021-01-27
2 years crt.sh
analytics.tradedoubler.com
COMODO RSA Domain Validation Secure Server CA
2018-02-02 -
2021-02-01
3 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.mediamarkt.be
GeoTrust RSA CA 2018
2019-06-21 -
2020-07-20
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c
Frame ID: A802B866A03015D774C107B41FE106D9
Requests: 8 HTTP requests in this frame

Frame: https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Frame ID: 0E6498088FBD461F15050519426BE463
Requests: 11 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=461b830c5400ef3c93aa7d4a3851... HTTP 302
    https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876 Page URL
  2. https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340 Page URL
  3. https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340 HTTP 302
    https://redir.tradedoubler.com/projectr/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c&_t... HTTP 302
    http://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c HTTP 301
    https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

95 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

11
IPs

6
Countries

163 kB
Transfer

466 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=461b830c5400ef3c93aa7d4a3851883d18ab947b&url_key=media-markt&type=voucher&typeId=529876 HTTP 302
    https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876 Page URL
  2. https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340 Page URL
  3. https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340 HTTP 302
    https://redir.tradedoubler.com/projectr/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c&_td_deeplink=http://www.mediamarkt.be/nl/ HTTP 302
    http://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c HTTP 301
    https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=461b830c5400ef3c93aa7d4a3851883d18ab947b&url_key=media-markt&type=voucher&typeId=529876 HTTP 302
  • https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set visit.php
nl-be.cashbackdeals.be/popup/
Redirect Chain
  • https://nl-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=461b830c5400ef3c93aa7d4a3851883d18ab947b&url_key=media-markt&type=voucher&typeId=529876
  • https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
936 B
1 KB
Document
General
Full URL
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
c9c08f31b859024764e5576c28beb8cfcc87f69ef2463cb4faf0aede770f260d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
nl-be.cashbackdeals.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=fhn52cu2rpl418oatsselos331
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 02 Jul 2019 20:33:08 GMT
Content-Type
text/html; charset=utf-8
Content-Length
624
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie
stores_viewed_by_user=a%3A1%3A%7Bi%3A43891%3Bs%3A5%3A%2243891%22%3B%7D; expires=Wed, 17-Jul-2019 20:31:56 GMT; Max-Age=1296000; path=/ visitedStoresKey=a%3A1%3A%7Bi%3A0%3Bs%3A11%3A%22media-markt%22%3B%7D; expires=Wed, 17-Jul-2019 20:31:56 GMT; Max-Age=1296000; path=/
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*

Redirect headers

Server
nginx
Date
Tue, 02 Jul 2019 20:33:08 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
20
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=fhn52cu2rpl418oatsselos331; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location
/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
analytics.js
www.google-analytics.com/
43 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
6391
date
Tue, 02 Jul 2019 18:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17707
expires
Tue, 02 Jul 2019 20:47:08 GMT
Cookie set storeExitPage.php
nl-be.cashbackdeals.be/popup/ Frame 0E64
4 KB
2 KB
Document
General
Full URL
https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 , United Kingdom, ASN34934 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
5d177b3f386ff2f2ebd0d1922db94c9f3278329da22955103e1ac3826ffa6092
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
nl-be.cashbackdeals.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=fhn52cu2rpl418oatsselos331; stores_viewed_by_user=a%3A1%3A%7Bi%3A43891%3Bs%3A5%3A%2243891%22%3B%7D; visitedStoresKey=a%3A1%3A%7Bi%3A0%3Bs%3A11%3A%22media-markt%22%3B%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876

Response headers

Server
nginx
Date
Tue, 02 Jul 2019 20:33:08 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1088
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie
cashback_mediamarkt.be=yes; expires=Tue, 02-Jul-2019 21:01:56 GMT; Max-Age=1800; path=/
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
collect
www.google-analytics.com/r/
35 B
199 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1496664817&t=pageview&_s=1&dl=https%3A%2F%2Fnl-be.cashbackdeals.be%2Fpopup%2Fvisit.php%3Furl_key%3Dmedia-markt%26type%3Dvoucher%26typeId%3D529876&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1531409863&gjid=52453379&cid=1086929322.1562099619&tid=UA-45189585-1&_gid=1633045285.1562099619&_r=1&z=572717030
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 20:33:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
layout.css
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/ Frame 0E64
241 KB
51 KB
Stylesheet
General
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/layout.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
736352cfb3b8c3e4bb995026247f44b68dba655b506a9a8dfc504bc2483e1193

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 20:33:54 GMT
content-encoding
gzip
last-modified
Tue, 25 Jun 2019 09:40:42 GMT
server
nginx/1.4.7
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/css
status
200
responsive.css
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/ Frame 0E64
64 KB
13 KB
Stylesheet
General
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/responsive.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
a7d71c13c964162b9c9644bc35a10b22af22bb31a44926b20f3c257fdddfa853

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 20:33:54 GMT
content-encoding
gzip
last-modified
Wed, 14 Nov 2018 11:28:27 GMT
server
nginx/1.4.7
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/css
status
200
popup.css
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/popup/ Frame 0E64
9 KB
3 KB
Stylesheet
General
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/popup/popup.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
23d66c8e0b83e5b8959d9b20dc57b3e9ca04957835e43323d40afd63a95cfb23

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 20:33:54 GMT
content-encoding
gzip
last-modified
Thu, 15 Nov 2018 05:25:46 GMT
server
nginx/1.4.7
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/css
status
200
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ Frame 0E64
26 KB
6 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 20:33:42 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin
*
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
6079
43891.jpg
static.orangebuddies.com/image/stores/ Frame 0E64
4 KB
4 KB
Image
General
Full URL
https://static.orangebuddies.com/image/stores/43891.jpg
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
92b7b3076b98eb6f61c1336d4717909736e3e1f7ef47de2c57022721daebab89

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 20:33:54 GMT
last-modified
Tue, 04 Apr 2017 12:50:29 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"58e39695-108e"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
4238
41273-Normal.jpg
static.orangebuddies.com/image/banners/ Frame 0E64
32 KB
33 KB
Image
General
Full URL
https://static.orangebuddies.com/image/banners/41273-Normal.jpg
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
0f24dee1be5a42b866cedbad8232ffa9b70d0c18a6006b52dc604ed7ff624db4

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 20:33:54 GMT
last-modified
Wed, 17 Apr 2019 13:13:09 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"5cb72665-814c"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
33100
css
fonts.googleapis.com/ Frame 0E64
0
0

css
fonts.googleapis.com/ Frame 0E64
2 KB
751 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nl-be.cashbackdeals.be/popup/storeExitPage.php?store=media-markt&culture=allstore&showSafari=yes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jul 2019 20:33:39 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 02 Jul 2019 20:33:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 02 Jul 2019 20:33:39 GMT
bg.jpg
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/assets/ Frame 0E64
14 KB
15 KB
Image
General
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/assets/bg.jpg
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f

Request headers

Referer
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 20:33:57 GMT
last-modified
Wed, 02 Nov 2016 07:31:44 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"58199660-39c1"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
14785
bar-loading.gif
static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/assets/ Frame 0E64
3 KB
3 KB
Image
General
Full URL
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/assets/bar-loading.gif
Requested by
Host: nl-be.cashbackdeals.be
URL: https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2

Request headers

Referer
https://static.orangebuddies.com/templates/nl-be.cashbackdeals.be/march16/css/popup/popup.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 20:33:57 GMT
last-modified
Thu, 30 Jun 2016 11:28:29 GMT
server
nginx/1.4.7
access-control-allow-origin
*
etag
"5775025d-c59"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
3161
Cookie set click
clk.tradedoubler.com/
3 KB
3 KB
Document
General
Full URL
https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.195.24 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-195-24.eu-west-1.compute.amazonaws.com
Software
TXServerHttp /
Resource Hash
e3909b1df36f28b351c755de15dc9d75f805451408e8dd8cce65c65624a69331

Request headers

Host
clk.tradedoubler.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nl-be.cashbackdeals.be/popup/visit.php?url_key=media-markt&type=voucher&typeId=529876

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Content-Type
text/html; charset=ISO-8859-1
Date
Tue, 02 Jul 2019 20:33:50 GMT
P3P
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
Pragma
no-cache
Server
TXServerHttp
Set-Cookie
SYNC=1z11zzctz5KQIrzy1562099631414;expires=Wed, 01-Jul-2020 20:33:51 GMT;path=/;domain=.tradedoubler.com
Content-Length
2639
Connection
keep-alive
prefs.js
vht.tradedoubler.com/fp/
9 KB
10 KB
Script
General
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-32.fra53.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 01 Jul 2019 17:21:42 GMT
Via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Age
97939
ETag
"2509-57841106334e6"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9481
X-Amz-Cf-Id
6EU3xRvBN_k_Q8yf1rGS3BG6JwFcpX4GD37pPiFIpqqjaIVdgv5mRg==
Expires
Mon, 03 Jun 2019 17:21:32 GMT
/
analytics.tradedoubler.com/
0
241 B
Other
General
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340
Origin
https://clk.tradedoubler.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 02 Jul 2019 20:33:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
getuidj
ib.adnxs.com/
11 B
711 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.200 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340
Origin
https://clk.tradedoubler.com

Response headers

Pragma
no-cache
Date
Tue, 02 Jul 2019 20:33:53 GMT
X-Proxy-Origin
195.206.105.139; 195.206.105.139; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid
6e29074e-38b8-45a7-9926-e4e3e6d693b3
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://clk.tradedoubler.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Primary Request Cookie set /
www.mediamarkt.be/nl/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340
  • https://redir.tradedoubler.com/projectr/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c&_td_deeplink=http://www.mediamarkt.be/nl/
  • http://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c
  • https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c
11 KB
0
Document
General
Full URL
https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=272943&a=2297478&g=23552574&epi=40-OBS-5d1bbf3c2d5d340
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.116.25.21 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Host
www.mediamarkt.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Cookie
TS0173859f=014cde72301cbb946f99dad82f4503bb41efddaa46d7227308c672438509e171191d5eccd24fcb05b52bfa1844bd441ea935c0f44f
Origin
https://clk.tradedoubler.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 02 Jul 2019 20:34:02 GMT
Set-Cookie
MC_LANG_ID=-17; Expires=Thu, 01-Aug-2019 20:34:02 GMT; Path=/ MC_DEVICE_ID=-1; Path=/ MC_DEVICE_ID_EXT=-1; Domain=mediamarkt.be; Path=/ TS0173859f=014cde72308f753e0d265267c1d2e9f1626accbbabd7227308c672438509e171191d5eccd2f1fdced9b70de7d67e5f152e51c3adc312ef577b95a50efaa47eea6ef25876b59d8b15c3c06679d5ba1ac11b08d92640; Path=/ TS01ceb651=014cde723006cf17e739bdcd2f27c91722224a5b6bd7227308c672438509e171191d5eccd25bc7fa8d4b3118153ef3e70a5faddcb40becea03c71df9423d62c788b462e8e3; path=/; domain=mediamarkt.be
Strict-Transport-Security
max-age=86400
X-Content-Security-Policy
upgrade-insecure-requests
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache, max-age=0
Content-Type
text/html;charset=UTF-8
Content-Encoding
gzip
Age
0
X-OVcl
(recv)(hash)(pass)(backend=shop_https)(deliver)
X-OVcl-Cache
MISS
Vary
Accept-Encoding
Accept-Ranges
bytes
Connection
keep-alive
Transfer-Encoding
chunked

Redirect headers

Date
Tue, 02 Jul 2019 20:33:59 GMT
Location
https://www.mediamarkt.be/nl/?rbtc=tra|con|2297478||||&tduid=605310b198981c900d6e5b4c3b8b8c5c
Content-Encoding
gzip
Age
0
X-OVcl
(recv)(hash)(pass)(backend=shop_http)(deliver)
X-OVcl-Cache
MISS
Vary
Accept-Encoding
Content-Length
20
Connection
keep-alive
Set-Cookie
TS0173859f=014cde72301cbb946f99dad82f4503bb41efddaa46d7227308c672438509e171191d5eccd24fcb05b52bfa1844bd441ea935c0f44f; Path=/

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400italic,400|Open+Sans+Condensed:700

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
.tradedoubler.com/ Name: SYNC
Value: 1z11zzctz5KQIrzy1562099631414

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
clk.tradedoubler.com
fonts.googleapis.com
ib.adnxs.com
maxcdn.bootstrapcdn.com
nl-be.cashbackdeals.be
redir.tradedoubler.com
static.orangebuddies.com
vht.tradedoubler.com
www.google-analytics.com
www.mediamarkt.be
fonts.googleapis.com
185.33.223.200
188.165.150.178
209.197.3.15
212.116.25.21
2a00:1450:4001:819::200e
2a00:1450:4001:81b::200a
2a02:21a8:0:3::ca6b:ba66
52.210.195.24
52.222.157.32
54.72.51.173
78.137.118.22
0f24dee1be5a42b866cedbad8232ffa9b70d0c18a6006b52dc604ed7ff624db4
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
23d66c8e0b83e5b8959d9b20dc57b3e9ca04957835e43323d40afd63a95cfb23
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f
5d177b3f386ff2f2ebd0d1922db94c9f3278329da22955103e1ac3826ffa6092
71ce8fc7d2207e9fc8c455121b8c45e6cc0a68313c88bc2beee5b3818c44dbb2
736352cfb3b8c3e4bb995026247f44b68dba655b506a9a8dfc504bc2483e1193
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92b7b3076b98eb6f61c1336d4717909736e3e1f7ef47de2c57022721daebab89
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a7d71c13c964162b9c9644bc35a10b22af22bb31a44926b20f3c257fdddfa853
c9c08f31b859024764e5576c28beb8cfcc87f69ef2463cb4faf0aede770f260d
e3909b1df36f28b351c755de15dc9d75f805451408e8dd8cce65c65624a69331