urlscan.io logo urlscan.io
SecurityTrails logo

one-time-offer.com Open in urlscan Pro
52.210.180.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://banners.wlservices.fr/jump-312
Effective URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C...
Submission: On February 16 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 56 HTTP transactions. The main IP is 52.210.180.6, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is one-time-offer.com. The Cisco Umbrella rank of the primary domain is 453234.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 16th 2021. Valid for: a year.
This is the only time one-time-offer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.229.255.43 16509 (AMAZON-02)
3 8 52.210.180.6 16509 (AMAZON-02)
33 13.32.118.51 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:224... 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.48.117.255 16509 (AMAZON-02)
56 10
1    54.229.255.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-255-43.eu-west-1.compute.amazonaws.com
banners.wlservices.fr
8    52.210.180.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
one-time-offer.com
33    13.32.118.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-51.fra60.r.cloudfront.net
d3dh5c7rwzliwm.cloudfront.net
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:2240:aa00:14:9586:a100:21 (United States)

ASN16509 (AMAZON-02, US)
dkdrawii0zqtg.cloudfront.net
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    52.48.117.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-117-255.eu-west-1.compute.amazonaws.com
analytics.member-center.com
Apex Domain
Subdomains		 Transfer
36 cloudfront.net
d3dh5c7rwzliwm.cloudfront.net
dkdrawii0zqtg.cloudfront.net
268 KB
8 one-time-offer.com
one-time-offer.com — Cisco Umbrella Rank: 453234
36 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 443
122 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 member-center.com
analytics.member-center.com — Cisco Umbrella Rank: 631718
154 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 709
431 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
61 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 wlservices.fr
banners.wlservices.fr
302 B
56 9
Domain Requested by
33 d3dh5c7rwzliwm.cloudfront.net one-time-offer.com
d3dh5c7rwzliwm.cloudfront.net
8 one-time-offer.com 3 redirects banners.wlservices.fr
one-time-offer.com
d3dh5c7rwzliwm.cloudfront.net
7 cdn.cookielaw.org d3dh5c7rwzliwm.cloudfront.net
cdn.cookielaw.org
3 dkdrawii0zqtg.cloudfront.net one-time-offer.com
dkdrawii0zqtg.cloudfront.net
3 fonts.googleapis.com one-time-offer.com
d3dh5c7rwzliwm.cloudfront.net
1 analytics.member-center.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.googletagmanager.com d3dh5c7rwzliwm.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 banners.wlservices.fr
56 10

This site contains links to these domains. Also see Links.

Domain
www.remisesetreductions.fr
d3dh5c7rwzliwm.cloudfront.net
webloyalty.com
onetrust.com
Subject Issuer Validity Valid
wlservices.fr
Amazon		 2021-08-10 -
2022-09-08		 a year crt.sh
one-time-offer.com
Entrust Certification Authority - L1K		 2021-12-16 -
2023-01-15		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
member-center.com
Amazon		 2021-12-13 -
2023-01-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Frame ID: BF374D157D1C93AD58CB8335BEEACD7D
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Remises & RéductionsFR_RR_ARROW_Voucher4fr_rr_sellpageMockup_updates_v5_arrowfr_rr_sellpageMockup_updates_v5_arrowFR_Cashback_iconFR_MMB_iconFR_Coupon_iconfr_rr_sellpageMockup_updates_v5_arrowBack ButtonFilter Button

Page URL History Show full URLs

  1. https://banners.wlservices.fr/jump-312 Page URL
  2. https://one-time-offer.com/sg/gateway.aspx?v=532343A353&p=A2D29252E242BE77B7D7F706E72FC3B32303A3239F16D... HTTP 302
    https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

56
Requests

96 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

533 kB
Transfer

1522 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://banners.wlservices.fr/jump-312 Page URL
  2. https://one-time-offer.com/sg/gateway.aspx?v=532343A353&p=A2D29252E242BE77B7D7F706E72FC3B32303A3239F16D6060727&cl=0776 HTTP 302
    https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
  • https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Request Chain 54
  • https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
  • https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
jump-312
banners.wlservices.fr/ 		181 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://banners.wlservices.fr/jump-312
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.255.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-255-43.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Wed, 16 Feb 2022 20:28:06 GMT
content-type
text/html; charset=UTF-8
content-length
176
server
Apache
vary
Accept-Encoding
content-encoding
gzip
Primary Request promo.asp
one-time-offer.com/sol9/cdiscount_fr/pb698260/
Redirect Chain
  • https://one-time-offer.com/sg/gateway.aspx?v=532343A353&p=A2D29252E242BE77B7D7F706E72FC3B32303A3239F16D6060727&cl=0776
  • https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B...
66 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Requested by
Host: banners.wlservices.fr
URL: https://banners.wlservices.fr/jump-312
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
204eb2f71a99d3c23773ff749c0c42b5773f62f78e0364b05bd2b506d2a88441

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://banners.wlservices.fr/jump-312

Response headers

date
Wed, 16 Feb 2022 20:28:06 GMT
content-type
text/html
content-length
23599
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET

Redirect headers

date
Wed, 16 Feb 2022 20:28:06 GMT
content-type
text/html; charset=utf-8
content-length
1131
cache-control
private
location
/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f85013ff265bef7b4f7dbbb38eba7a7b9f015c1aeaff39e0d0399660ac046f2c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Tue, 21 Dec 2021 07:40:22 GMT
Server
AmazonS3
ETag
W/"ca5c05eaeaa54f93d2bb39b99b158fbc"
Vary
Accept-Encoding
x-amz-version-id
omKORCqZFLN3uETAlbPg0VzNRMIGxxUv
Via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
kucgb7Fom8WzdM2Eti6Z_FzJCf_bGe2i5q8wMlrdxLCOtKldXIDYiw==
style_REY2_428_3DS_desktop-template-05.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd1c4312fd3a94a09aa6e960cbb18ef4058e5687138747adf95207350ceb8225

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Thu, 13 Jan 2022 06:26:16 GMT
Server
AmazonS3
ETag
W/"88ed6cd3cb1693b57a647661a72c8dc0"
Vary
Accept-Encoding
x-amz-version-id
_WDvXg_6pRJFyyBiec__IBdiYU0mHNc4
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/css
X-Amz-Cf-Id
aw1Nk2l2wfpyYZZGTA3MKEOb7sUeGiRvHafJHlmZ0JyNPntzR2fK2Q==
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e9187ce99f6871a91e57bea12068ac166269a35f14e1c4c69ac85203502c2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 18:56:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 20:28:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 20:28:06 GMT
css
fonts.googleapis.com/ 		1 KB
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Paytone+One
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a3f3053512fedd4761250fc21dd859b59847164d3a0caf742d056d808c6dca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 20:28:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 20:28:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 20:28:06 GMT
Oxanium.css
dkdrawii0zqtg.cloudfront.net/Oxanium/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57dfc7637aef7db2b5b68775b512f8fce25575d803f4af4e87260118938186d4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Jt7AsrgWb3slIlimj7CQkX7TLYpJPz75
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Mon, 11 Jan 2021 15:01:38 GMT
server
AmazonS3
age
57721
etag
"e60cbab4e2b902891d27b2cd1c5fcb7d"
x-cache
Hit from cloudfront
content-type
text/css
date
Wed, 16 Feb 2022 04:52:11 GMT
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
1823
x-amz-meta-user
aparatore
x-amz-cf-id
gQevNO7Oso7WwqUaLIb0N0XbUipHCE1a01iLPP3Cdhvw6qDlSKckYg==
fr_validation.js
one-time-offer.com/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/scripts/fr_validation.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:28:06 GMT
content-encoding
gzip
etag
"0263d5297b2d11:0"
last-modified
Fri, 20 May 2016 12:58:36 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2913
solicitations.js
one-time-offer.com/scripts/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/scripts/solicitations.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fbf348522c351325f56d42ccf21b228de0c7c7d8a5fd899e58650a14fcc28190

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:28:06 GMT
content-encoding
gzip
etag
"03e51108edd71:0"
last-modified
Thu, 09 Dec 2021 14:21:32 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5907
promo_flow.js
one-time-offer.com/scripts/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/scripts/promo_flow.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7ca9827b9cb830e35c510501de1ad37e7ebedd8c8cb388a925253a64f95bee15

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:28:06 GMT
content-encoding
gzip
etag
"0e5593923aed71:0"
last-modified
Mon, 20 Sep 2021 13:27:14 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2740
countryCode.js
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 		266 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/countryCode.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:54 GMT
Via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
Last-Modified
Wed, 13 Feb 2019 14:14:18 GMT
Server
AmazonS3
Age
18673
ETag
"683ec31106c6b7258f17d8e4099090d2"
X-Cache
Hit from cloudfront
x-amz-version-id
hJeSIGv5pXXyyKYreNWGJPLdd.bjVqsC
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
266
x-amz-meta-user
wgarrido
X-Amz-Cf-Id
LP9LIn7z9_m6HZTQVA7dyGbQYrMs2n5wOVecw74DepjIYyP5H7PxYA==
jquery-1.4.2.min.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Feb 2016 09:54:16 GMT
Server
AmazonS3
Age
18668
ETag
W/"a8a2a48ddaa95527c6d3db763e2b7809"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
L2DvUgs5paiYR8R6q.gze5i_hvR889T7
Via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
t189h3iiZrEVoI0WmSa9GQWVoF3c1vlAozkEkF-DzOFLzZmVnpssPw==
jquery-ui-1.8.2.custom.min.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		204 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-ui-1.8.2.custom.min.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Mar 2016 13:51:59 GMT
Server
AmazonS3
Age
18668
ETag
W/"84d5c35fd13637738a036ed11be2a154"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
TIm7w0TXrACS8x4kx0h4b5m1QUXkNlkD
Via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
7t39AREuZnyHutzpmewBHY_l2UvMjg4BFUVal0gwCKU-Rw75i43WeQ==
jquery.autotab-1.1b.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/js/jquery.autotab-1.1b.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
aparatore
Last-Modified
Wed, 15 May 2019 07:06:30 GMT
Server
AmazonS3
ETag
W/"ef37b11d0b73e90b623e6be842e0d7a9"
Vary
Accept-Encoding
x-amz-version-id
84TczmOBEGkseG2zq3iic.24ZqSUYyTu
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
Aw01wQOLEv9V_QFG_iRiXaP1Fu-I24i4_anyr5SiT7xs0DDfEJofBA==
LabelFloat.js
d3dh5c7rwzliwm.cloudfront.net/UK/Templates/Js/ 		330 B
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/UK/Templates/Js/LabelFloat.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ebae3291f840fc32c3d128bbe9518706dc5c14dd704949984d802d28a8c20d0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Apr 2017 08:13:14 GMT
Server
AmazonS3
Age
18668
ETag
"8e7aeed06a461c2046ae2262ffde03d5"
X-Cache
Hit from cloudfront
x-amz-version-id
ijL6OI7v1PwiFDg9m2risraTCsyBP598
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
330
X-Amz-Cf-Id
0Uu9w9TXTRdTqWr7azYCEY6wBq50L-QeAZGGuDF2PsWauC-1z8R7KA==
FR_interactions-3DS-detect.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/desktop/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/js/desktop/FR_interactions-3DS-detect.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b3e62e67af93b6f17255fe99eded80525a7f3f678ff1488d7bf1792aa785152

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
kbajwa
Last-Modified
Wed, 28 Jul 2021 10:42:38 GMT
Server
AmazonS3
ETag
W/"9ac0f3408985eaa3d620d0b277cefc26"
Vary
Accept-Encoding
x-amz-version-id
3pYGXgRy9A5M962sSVZ_o38IDj_cd2Vv
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
x_unG8t0Xs_i9y9bj0BmY5A0luMm_eFl3d98vcRhC0JhcBrocULC6A==
leavers.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/leavers.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
ymarchand
Last-Modified
Thu, 04 Oct 2018 07:14:55 GMT
Server
AmazonS3
ETag
W/"ee4a0db13c3da6956218b3a7891607a6"
Vary
Accept-Encoding
x-amz-version-id
in7W4mBFWew9Mao9xiNSyP6Xa5.RcTPA
Via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
a7OFVCiBSdQ4ob8eTkqrEwXp6t6Y7iyvfPP3_8IchpT1fS8S-1dUQg==
style_KAPA.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c42ff05e2e248efed2b86bd41594a56dcdcdb3207082312856d569482a34b5a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
kbajwa
Last-Modified
Thu, 20 May 2021 09:26:02 GMT
Server
AmazonS3
ETag
W/"19fc800428d4724f3b59737412fdd08e"
Vary
Accept-Encoding
x-amz-version-id
XFvUlSVHRjhsrjZ0yK7B_1KP2FxKydeb
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/css
X-Amz-Cf-Id
FjfEC20BpE-uPp_dQFutNPW62tBvJIqITTq9Mg89I9bGM0smwP5E2g==
ga_cookie_fr.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/js/ga_cookie_fr.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a04e6c9a58e4f7de825fd103326e0f00a6b3b2634233c9b68870894cba763290

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Mon, 19 Jul 2021 11:34:21 GMT
Server
AmazonS3
ETag
W/"4f4f821662fbd06d10a7a6de6d2f6985"
Vary
Accept-Encoding
x-amz-version-id
TJJs3QE_t.qOnxTyxStktSfCVvTOxy3x
Via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
q0ANq-580z3loGpN3HRS2LOe6YJbmkIINatIGahvh18tPz5Iq0DtMw==
analytics_cookie_FR_RR.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		262 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/analytics_cookie_FR_RR.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cede639efd6c1d520bce74b3c1f5cbbccf57522abdad7c95e56025b82f986f0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
Last-Modified
Thu, 01 Apr 2021 13:49:58 GMT
Server
AmazonS3
Age
18668
ETag
"91923f128eb53ad36311b76a321757c2"
X-Cache
Hit from cloudfront
x-amz-version-id
wVJEc7mOuiOFVscNSlWqDosAcuqgRfb6
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
262
x-amz-meta-user
gsokate
X-Amz-Cf-Id
4L48ZmyVHs_fYdkTGx4aQwKDBHQMEqB6nMHE4h5BpVSKBz8ZVIbe0Q==
FR_RR_Zeta_TTB_CDsicount.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/FR_RR_Zeta_TTB_CDsicount.jpg
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4c375371a89b85b3542beceb9c6af02284d582bc3f6574da43cd110a6fc6d73

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:03 GMT
Via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 Jun 2018 15:13:50 GMT
Server
AmazonS3
Age
18664
ETag
"52b80f8d6a1ac3b5b903cbd43bbc5a21"
X-Cache
Hit from cloudfront
x-amz-version-id
COPKYW_aw1J6NqbbEZEuli2ouCyhGp9Y
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
18284
x-amz-meta-user
ntambe
X-Amz-Cf-Id
_jpgzZeOabv3itB5dzFlWFTY7Zs6O4_yyAnwClztXxkIMy2afJnTzQ==
CCgoldBG_nolines.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/CCgoldBG_nolines.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b38ad3bc616f69332f3ecca87016bbfe66c77ec1a31b68dece47776e0a4bb39

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:00 GMT
Via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
Last-Modified
Mon, 11 Jan 2021 08:11:42 GMT
Server
AmazonS3
Age
18667
ETag
"4ccf1c0909d1d808868817d8ea1c1325"
X-Cache
Hit from cloudfront
x-amz-version-id
TlJj4CazOH62IHi7YjR2.8FCQmt2Wnxo
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
22276
x-amz-meta-user
aparatore
X-Amz-Cf-Id
5xchSb9SlbHKTtkpS9PJmiSXHzuj5IYO4liyG35K6azfeIe5wLVE_g==
logo_RR_DoubleClic.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/logo_RR_DoubleClic.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4104c36d9a497be97630c8ed0576708bfc1381b2ff6a92aa7a41e17122390083

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
Last-Modified
Fri, 09 Sep 2016 08:31:54 GMT
Server
AmazonS3
Age
18667
ETag
"7fc0f32c7a54d89729ef528c55b0a314"
X-Cache
Hit from cloudfront
x-amz-version-id
yU.38jbX0Db8bW5Bcosai9Kwl9OXAGIU
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
7963
X-Amz-Cf-Id
HFwriVdhegQCkCkRNRPF_SRysKjizANkgPbs-lBx1TFlSGCiw2cfOg==
mdp_info.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ 		346 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/mdp_info.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:00 GMT
Via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
Last-Modified
Thu, 22 Oct 2015 07:20:28 GMT
Server
AmazonS3
Age
18667
ETag
"68c514ae5f431a73795154b2d19c17eb"
X-Cache
Hit from cloudfront
x-amz-version-id
LKFRulTcNBjSQVNkYEoc0dWx4zWzEs4A
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
346
X-Amz-Cf-Id
GaU5xGBAoWYPdq0_LgC2Cae2nHxH8RPb906-XBmBHobc0Z2wY6WLgw==
tracker_cookie.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04754f2aaa06245d39b24f387c3e90b65dd2c8751d4dadba2edbebca190b0cdc

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Tue, 21 Dec 2021 07:41:18 GMT
Server
AmazonS3
ETag
W/"878fcb0716cadb3d2b4bd05d4527611d"
Vary
Accept-Encoding
x-amz-version-id
UXlrH7e1SrHfx6EYxrK15cBZddi.bHuH
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
10jdUY6r6vi84mNU-hGreZJ6NklpjqTYe4tX5QcE4dkeydVG40c-OQ==
FIX_FR_RR_428_REY2_3DS_0520.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		597 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FIX_FR_RR_428_REY2_3DS_0520.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8571d74f55eff7ea2c94150a0607f7e8f0a2403da66f238f7c89f4822ae7f9b8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Oct 2021 13:38:37 GMT
Server
AmazonS3
Age
18668
ETag
"8c1dd793a0627e839732ee61b0383499"
X-Cache
Hit from cloudfront
x-amz-version-id
p6TghjpTZorApap7LTJwGt3tTRDxpOxU
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
597
x-amz-meta-user
ymarchand
X-Amz-Cf-Id
PoASfbdm49zG2RQfBx0otbcRb5YjhKeUGlrQUzd6Yivq92soJ8oT1A==
milestone_tracking.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/milestone_tracking.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c28d2287ba25f531f52f96d00895c8d04ecebb1ed5ae5849b5c2b088c2ea7f82

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
kbajwa
Last-Modified
Wed, 23 Jun 2021 09:48:10 GMT
Server
AmazonS3
ETag
W/"b9168af0c5cf07f58ea7ea1c82eff881"
Vary
Accept-Encoding
x-amz-version-id
oF5VVWcAGofDUUwE7pHM0yPp6Y2DZ0Sl
Via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
9ga2tk-0Gv8O8EVQ2R2ObVFzfKYkVZuZipia71ZMnesawCjKWipDwA==
FR_resize-boxes.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_resize-boxes.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c19badd2e95becdb5b490d89efe6e57d8d6f903121f22d86efbafc117c49870e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Content-Encoding
gzip
Age
18668
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
kbajwa
Last-Modified
Mon, 04 Oct 2021 11:31:12 GMT
Server
AmazonS3
ETag
W/"b6891efad76d60fd53a2a9f0af3f9f5f"
Vary
Accept-Encoding
x-amz-version-id
kIMhMlGnl6VJWfv8OTYNVRecmZEv1yw4
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
j2x8ppM9RDmy5MR8O0VKmasDZ5Pbrhrrb3qRhb8cC5AeFxz3xBEROQ==
FIX_WORDING_KAPPA_435.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		44 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FIX_WORDING_KAPPA_435.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8174f782feed11dbaf66bd035300d24623814e61f1500ac6b73a00895ec1bd3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 Jan 2021 07:38:51 GMT
Server
AmazonS3
Age
18668
ETag
"c14211e92b5d54952e8119bf7d6b5a54"
X-Cache
Hit from cloudfront
x-amz-version-id
4C1M7yG4avbtj.dUlHYDkx29dPRCpxCA
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
44
x-amz-meta-user
aparatore
X-Amz-Cf-Id
UmPVEG8gNrDsnTiVru1qqLab6bXprxpxWXDshS5V1iith14st_wIeA==
FIX_WORDING_KAPPA_435.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 		163 B
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FIX_WORDING_KAPPA_435.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c3651c48dc8ee266374f9e3e555ab44225199712db261b303156c5d2d62d609

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
Last-Modified
Mon, 31 May 2021 09:47:22 GMT
Server
AmazonS3
Age
18668
ETag
"4038b68d9fd0e6c102df86826bc03ad4"
X-Cache
Hit from cloudfront
x-amz-version-id
B8kjDTDLhl2t.1R.RdbELd_ksfT.e0TD
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
163
x-amz-meta-user
disune
X-Amz-Cf-Id
F1Bx8dk2D06FQn5T0u0c6NMdqjKyOvX_ICZRX2odsLNQLp32t5c7ZQ==
FR_RR_KAPPA_PROMO_RWD_cookies.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FR_RR_KAPPA_PROMO_RWD_cookies.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6f0978189cc569303e3f98accc039dbb600bf11f6377b110a1c6d88ce7db7ae

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:00 GMT
Content-Encoding
gzip
Age
18667
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Tue, 04 May 2021 09:55:43 GMT
Server
AmazonS3
ETag
W/"73d8e9734478bb3088df3849c3d9cb89"
Vary
Accept-Encoding
x-amz-version-id
iIlgXU8LHfcpGGgHjp9MOTChN0oVRvrx
Via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/css
X-Amz-Cf-Id
gV8f2avH4MPMIcGxIoRCygsHrjwPfMPOKOhDX7YhAA7hRQvIr6XrAQ==
OtAutoBlock.js
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/OtAutoBlock.js
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c30ba96503f1de9a792a9e725155b852434607e956eb5b6e8997013dfb653091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iVcbIayDAoC1oama2voL9w==
age
9115
vary
Accept-Encoding
content-length
1474
x-ms-lease-status
unlocked
last-modified
Thu, 15 Jul 2021 08:22:45 GMT
server
cloudflare
etag
0x8D94769B9383812
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
57c2fffe-201e-0123-7115-b6f178000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de9853f1d05048f-CDG
expires
Thu, 17 Feb 2022 00:28:06 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zadN1tnUFXNBOXe6vsJdDg==
age
9029
vary
Accept-Encoding
content-length
6456
x-ms-lease-status
unlocked
last-modified
Wed, 16 Feb 2022 14:19:43 GMT
server
cloudflare
etag
0x8D9F15760A3EA92
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
174e9637-101e-012b-225e-23ea0b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de9853f1d0f048f-CDG
script_cvv_bb_3DS_global_V4_FR.js
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/script_cvv_bb_3DS_global_V4_FR.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c8e1815b9b726abef95c02b9767cfeecd9de36dd18fe928d38b030fa32ce033

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:00 GMT
Content-Encoding
gzip
Age
18667
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
ymarchand
Last-Modified
Thu, 02 Dec 2021 13:45:01 GMT
Server
AmazonS3
ETag
W/"a7366f2f44b6140715289cc15a677089"
Vary
Accept-Encoding
x-amz-version-id
79FNBUb0HdOSXzgQ52t9bk4X5xMK0jVf
Via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Content-Type
text/javascript
X-Amz-Cf-Id
CFjNGD4lVLd4_EtYWDvT48qN179GcJ76AyCvIG1E298jeYIxhfPp4A==
Clicktale_FR.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 		209 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/js/Clicktale_FR.js
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc24527c156532b8a3f9ee65ea20dec14f9ea769d765033a51b24d855bb4038c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:56 GMT
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 Feb 2021 15:38:34 GMT
Server
AmazonS3
Age
18671
ETag
"6e1a68de54fba21ee7d2a84bb9a5e03e"
X-Cache
Hit from cloudfront
x-amz-version-id
9qSqGm8P7p6Rz_pkW4Rh_2HBy1PqGQ98
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
209
x-amz-meta-user
ymarchand
X-Amz-Cf-Id
UQ3TvwZVfCC2i_Lr227HdtogZmJPJ7HLXUQZsM7cBmqp6605bdNWJA==
xt_rta_info.asp
one-time-offer.com/common/ 		79 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/common/xt_rta_info.asp?ccType=Unknown+Type&bin=0
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1bce75f9438e0406ca18e08ef0070eda72016893f42ef7aca2e347ab77dd1329

Request headers

Accept
application/json, text/javascript, */*
Referer
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Feb 2022 20:28:06 GMT
cache-control
private
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
79
content-type
application/json; charset=utf-8
fleche.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ 		165 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/fleche.png
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:59 GMT
Via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 Aug 2016 06:29:28 GMT
Server
AmazonS3
Age
18667
ETag
"7f4eb8719c5b81a2c81f81fd1120e909"
X-Cache
Hit from cloudfront
x-amz-version-id
H16EQssbPPddOYVe7DwcZybv7.ktAvKj
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
165
X-Amz-Cf-Id
5vSsuCul8V0610II2FgFWhGoifYQ64KPWCfYs16wA3QfLFc5b42y2w==
round_left.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 		288 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/round_left.png
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4654da0fb6b121c04d5943a7365c6cd6bcbff0f4e9b7f20261bb136d39dddd86

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:00 GMT
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
Last-Modified
Wed, 12 May 2021 14:07:06 GMT
Server
AmazonS3
Age
18667
ETag
"367efb880f245df06cd614e17fd3f955"
X-Cache
Hit from cloudfront
x-amz-version-id
52Jq3Y9FYGXnUbVoINJOCzkPs8ktRHMh
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
288
x-amz-meta-user
ngandhi
X-Amz-Cf-Id
BlKw-Nt1F6hXT7yk2FNdInZPZRUiyJySM3b1C1MVoJoi312V-1xAMg==
round_right.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 		278 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/round_right.png
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
077081403676ca25396e6fbe5cce7155e7d63e83903868b91695a9d5cf8a15ce

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:00 GMT
Via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
Last-Modified
Wed, 12 May 2021 14:07:04 GMT
Server
AmazonS3
Age
18667
ETag
"fb752cf8eac72d694dea5b6928834164"
X-Cache
Hit from cloudfront
x-amz-version-id
O2dNpEjvoqERy4hXgKJKImWcQbKzRIjN
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
278
x-amz-meta-user
ngandhi
X-Amz-Cf-Id
FBykojfa60O_okAQrcLKV9FxfPNK4UG6twdQUWVvAsUZjsSWU-UcEw==
card.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/card.jpg
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cec4205899ad0e0c3874cdfce2eb2577bc38a99422da5cc951c4014d66532226

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:00 GMT
Via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 May 2021 06:59:35 GMT
Server
AmazonS3
Age
18667
ETag
"4fe3d1fbeb039955a75d473adbf6cbce"
X-Cache
Hit from cloudfront
x-amz-version-id
UiM4cS9jJ8wdA2dpxycB5ivEL_i0yyby
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2614
x-amz-meta-user
ymarchand
X-Amz-Cf-Id
kXdkW-CbXAZIYDiV9ETQ_urwviCfw1nCJcmR9eMs_fnVv0PRgn9wuQ==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://one-time-offer.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:58:52 GMT
x-content-type-options
nosniff
age
469754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:58:52 GMT
Oxanium-Medium.woff2
dkdrawii0zqtg.cloudfront.net/Oxanium/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium-Medium.woff2
Requested by
Host: dkdrawii0zqtg.cloudfront.net
URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86b1ccf63235b047380c389b74b118665df079b40706b9360a11f420ec62dceb

Request headers

Referer
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Origin
https://one-time-offer.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
RkDR4xitytH2CMza8MwbVPvedJPoZPAM
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
etag
"caf9fc1e7fec26b96984b826d6eb5e7c"
age
51209
x-cache
Hit from cloudfront
content-length
12808
x-amz-meta-user
aparatore
last-modified
Mon, 11 Jan 2021 14:59:49 GMT
server
AmazonS3
date
Wed, 16 Feb 2022 06:23:45 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
yqdS6Rv0ctnp9SLo9Xs0_oTdVuy_PXHu9rMrPHPJARysaymBVrZeGQ==
Oxanium-Bold.woff2
dkdrawii0zqtg.cloudfront.net/Oxanium/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium-Bold.woff2
Requested by
Host: dkdrawii0zqtg.cloudfront.net
URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd85536f1b59127421f184b4c8b186bb991fabe6c9d314ebb9a5bbaf11d8aed2

Request headers

Referer
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Origin
https://one-time-offer.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eiGvopmXv.2ZAUZzPcQbcLQ8LtpUwpff
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
etag
"b5fe7985255d606213a15c9c06904c17"
age
60814
x-cache
Hit from cloudfront
content-length
12476
x-amz-meta-user
aparatore
last-modified
Mon, 11 Jan 2021 14:59:50 GMT
server
AmazonS3
date
Wed, 16 Feb 2022 04:44:32 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
pYcyxWQe_ZwS66MC1akFSVRemoarRl3ltxZe4USVCFjGo82SdXhyFQ==
css2
fonts.googleapis.com/ 		1 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FR_RR_KAPPA_PROMO_RWD_cookies.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 18:54:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 20:28:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 20:28:06 GMT
fcc01ff5-636a-461e-8941-bd653a7fe10d.json
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/fcc01ff5-636a-461e-8941-bd653a7fe10d.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943a12f8d6daafb119e543994b543f46e17a29e97df35167216de42102ab546f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
t5t40AmLJzHwWn0nRUuiRg==
age
2103
vary
Accept-Encoding
content-length
1505
x-ms-lease-status
unlocked
last-modified
Thu, 15 Jul 2021 08:22:44 GMT
server
cloudflare
etag
0x8D94769B8A727C8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
42927c12-f01e-012a-0531-0eebf6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de985400f6e3311-CDG
expires
Thu, 17 Feb 2022 00:28:07 GMT
gtm.js
www.googletagmanager.com/ 		259 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W5XHZJF
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/ga_cookie_fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c266858a552c52812ddab411582a8ab78e8763b50c77fdc40e5a4f89a1c822a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:28:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61537
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 19:41:29 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 20:28:07 GMT
scanning.gif
d3dh5c7rwzliwm.cloudfront.net/UK/Templates/CCScan/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/UK/Templates/CCScan/scanning.gif
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
667fbd73600f9931eb3ab39292833c7ed9182385858d5004d1e93132daa3bb5b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:00 GMT
Via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
Last-Modified
Wed, 30 Mar 2016 13:29:50 GMT
Server
AmazonS3
Age
18667
ETag
"123876a2d2f4e3cf7cb8ce35eb5f1383"
X-Cache
Hit from cloudfront
x-amz-version-id
P5X8e32szzZRuYav0b9HEo6Tqj_nFIPW
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
46809
X-Amz-Cf-Id
bjVZnj6RzQjJd39fTBZN3LJDg27dJufGt229pI9umB6qn0m31g3FAQ==
FR_RR_logo_voucher_0050_cdiscount.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/header/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/header/FR_RR_logo_voucher_0050_cdiscount.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=07f1a00358f426c2bca005e749159466&ci=C6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425&infoid=07f1a00358f426c2bca005e749159466
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b083980f56aa6d6377a82f898ba925e637c03b9c6a35c28d0a1e31d149c34f5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:17:04 GMT
Via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Sep 2016 12:48:38 GMT
Server
AmazonS3
Age
18664
ETag
"be331e551b5eeeb36d104ce3518ccda0"
X-Cache
Hit from cloudfront
x-amz-version-id
jnjHokFcUYYGsx.KYFJeWHaNU8K7PlO.
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5454
X-Amz-Cf-Id
G31lfC_mpHyLBkMKQ2v7UG3dZzRudLfIrRLjRp8U9ScUHBTJVa8W5Q==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		152 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be48c2e5d5eefb671366e913c889f156b60dce7e62ed74f15a4df29740d78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://one-time-offer.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:28:07 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6de98540bdff3b61-CDG
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.16.0/ 		374 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dGCXlveaBvO7BI0nfZKP+g==
age
10448405
vary
Accept-Encoding
content-length
85065
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:31:04 GMT
server
cloudflare
etag
0x8D910C57D52F14C
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7f96f259-201e-0027-396c-c442af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98541187c048f-CDG
fr.json
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/b50097ae-2b29-4c1e-ac3c-9dfac67cc172/ 		48 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/b50097ae-2b29-4c1e-ac3c-9dfac67cc172/fr.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b80826c55b0d331392995f79a267770e779b98d4cca0d7124e78ec60cf304f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xiashj9IKKW7GQT5tOkWvA==
age
9376
vary
Accept-Encoding
content-length
13180
x-ms-lease-status
unlocked
last-modified
Thu, 15 Jul 2021 08:22:53 GMT
server
cloudflare
etag
0x8D94769BDE98160
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0275fb2c-d01e-00f5-4415-b6fcf7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de985417a3b3311-CDG
expires
Thu, 17 Feb 2022 00:28:07 GMT
LambdaWLAnalytics
analytics.member-center.com/lambda/ 		79 B
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.member-center.com/lambda/LambdaWLAnalytics?WLUMID=undefined&PID=27400
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5XHZJF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.117.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-117-255.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
173dca22aed758a683176f3e3d9ccc10964a100628a575ebc2b467eb4620359d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:28:07 GMT
server
awselb/2.0
content-length
79
content-type
application/javascript
otFlat.json
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
DKM3/i+7h7Fs8cEMor3s2A==
age
9878
vary
Accept-Encoding
content-length
2938
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:30:47 GMT
server
cloudflare
etag
0x8D910C572DA86E8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0a3f93f1-701e-013b-5d94-dadced000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98541bac83311-CDG
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/ 		46 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2Zi7TemSsXHh6hY5sI0Yeg==
age
10448397
vary
Accept-Encoding
content-length
11890
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:30:50 GMT
server
cloudflare
etag
0x8D910C574C4FC1A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cf8a5131-801e-016a-0e6c-c4c218000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98541baca3311-CDG
spacer.gif
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain
  • https://one-time-offer.com/common/xt_recMilestone.asp
  • https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
43 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Protocol
HTTP/1.1
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:55 GMT
Via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Age
18673
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
x-amz-meta-user
ymarchand
Last-Modified
Mon, 11 May 2020 07:31:23 GMT
Server
AmazonS3
ETag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
HEAD, GET
x-amz-version-id
iG7_tlWBrGLw6cWT9taMgLAkJAqZyJ2R
Access-Control-Allow-Origin
https://one-time-offer.com
Access-Control-Expose-Headers
ETag, x-amz-meta-custom-header
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/gif
X-Amz-Cf-Id
bmFZtwiueTdGE_d2rXIqFyCOk21EFADb1EybQtogqtFRPoAU9XvwUg==

Redirect headers

location
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
date
Wed, 16 Feb 2022 20:28:07 GMT
cache-control
private
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
180
content-type
text/html
spacer.gif
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain
  • https://one-time-offer.com/common/xt_recMilestone.asp
  • https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
43 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Protocol
HTTP/1.1
Server
13.32.118.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-51.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:16:55 GMT
Via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Age
18675
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
x-amz-meta-user
ymarchand
Last-Modified
Mon, 11 May 2020 07:31:23 GMT
Server
AmazonS3
ETag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
HEAD, GET
x-amz-version-id
iG7_tlWBrGLw6cWT9taMgLAkJAqZyJ2R
Access-Control-Allow-Origin
https://one-time-offer.com
Access-Control-Expose-Headers
ETag, x-amz-meta-custom-header
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Type
image/gif
X-Amz-Cf-Id
OvFGX8zR1g71MqaycSYcxzp2vOqwKqxTjPHyJc5Gr0hzBQ6HJeS5aQ==

Redirect headers

location
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
date
Wed, 16 Feb 2022 20:28:09 GMT
cache-control
private
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
180
content-type
text/html

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone string| winURL object| cookie_script_01 object| cookie_script_02 function| OptanonWrapper function| otGetInitialGrps function| otDeleteCookie function| otGetInactiveId function| eraseCookie function| eraseCookieFromAllPaths function| deleteCookies function| dropContent function| createCookies function| showCMP function| hideCookieUI function| validateRequiredFields function| toggleNcof function| ncofOnErr function| popUp function| popUp2 function| popUp_toolbar function| changeImage function| changeCCImage function| scrolltop function| closeDivElement function| playAudio function| setExpDateEnabled function| getPrivateLabelCCTypes function| postExpDates function| postRecMilestone function| postRecSiteUsage function| postWLCLTMemberOptInInfo function| postRecSession function| exitPop function| noExitPop function| noThanksButton function| noThanksButtonSubmit function| noThanksButtonBrylaneIntegrated function| exitPopIntoWindow boolean| nosubmit function| survey function| cancelEnter function| keyhandler function| siteWindowDisplay function| siteWinFocus function| siteWinFocusP1b function| siteWinSubmit function| intSiteWinSubmit function| awaWinFocus function| sitePop function| postGateway function| submitonce function| checkHotelCard function| noThanksButtonP2bFlow_DC function| noThanksButtonP2bFlow_DC_575_mlst function| addDays function| getBrowser function| intSitePopFull function| formClickRecMilestone function| formPopGeneric function| formTabGeneric function| formPopChooseCoupon function| formPopHybridDataOnSell function| formPopHybridDataOnDC function| formPopMatchBack function| formPopNoInterim function| getRadios function| disableNoncof function| IsDuplicateDriver function| ValidateDriverList function| breakOut object| countryCode function| $ function| jQuery function| DP_jQuery_1645043286839 boolean| keyboardOpen function| detect object| timeout number| slideIndex boolean| sliderActive function| showSlides function| checkSize function| goSlides function| plusSlides number| AFKtimer function| arrowDownAnimation function| arrowUpAnimation function| clickOnClickOpener function| ccMaxLenght function| cocher function| checkValidation function| updateTypedEmail function| testFields function| f_testAddress_fields function| f_trim function| charCode object| requiredFields object| validateFields object| compareFields function| processBeforeSubmit function| wl_copyField1 function| TestCountry function| TestZip function| VerifyPassword function| TestPwdLength function| TestMail function| VerifyMail function| VerifyCCExp function| expdate function| modMY function| ccnumSpace function| mailSpace function| clearBlanksB function| clearBlanksA function| showInterimModal function| hideInterimModal function| addvalidmark boolean| moduleLeavers boolean| ignore_onbeforeunload string| htmlLeavers undefined| generateProspectId string| srcRta object| scriptRta object| arrCCTypeRealTime object| arr_cardtype function| closeInterimPageIfError function| addValid function| addInvalid function| isRealTimeAuth function| addValidation string| SessionID string| VTOgetValue string| VoucherLink string| VoucherLinkModal string| LogoLink object| s function| CS_Content string| p_lngSolId string| p_strPubNoThanksURL string| p_lngClientId string| p_strErrorMessage string| p_astrBadCharacters string| p_astrMissingFields string| p_astrRedLabels string| p_astrBadCard string| p_astrBadCardType string| p_astrBadExpiration string| p_lngProductId string| f_strAccountName_CCdata string| f_strErrorMessages string| f_strErrorFlag string| f_strSessionId string| p_intCountryId string| premiumOffer string| cvvNumBin string| solBrand string| solPremiumValue string| solOfferPrice string| solCpid function| checkCVVvisible object| paramRouter number| nbClickDetails function| changeModalTosSmart string| partner string| clientId string| pricePoint string| rewardType string| productID string| CPID string| sessionId string| premiumAmount string| premiumType boolean| threedsFl function| validateModalFields function| show3DS function| ErrorASPRecMilestone function| resizeBoxes function| Clicktale function| router function| open_hint function| checkCvvLgth function| checkCVV function| set_ccLgth function| getCvvFl function| selectCC boolean| maestro_isAccepted boolean| americanExpress_isAccepted boolean| mastercard_isAccepted boolean| visa_isAccepted boolean| visaElectron_isAccepted boolean| switch_isAccepted boolean| solo_isAccepted boolean| visaDebit_isAccepted string| CCT_mc string| CCT_v string| CCT_ae string| CCT_vd string| CCT_mss string| ico_amex string| ico_visa string| ico_master function| displayLogoCC function| addValidCC_836 function| addValidCC_837 function| createOverlay function| centerOverlay function| showOverlay function| closeOverlay number| isError object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer string| c_month number| c_year string| i_month string| i_year string| i_trg object| otStubData object| google_tag_manager function| postscribe object| google_tag_manager_external object| Optanon object| OneTrust string| OptanonWrapperCount string| otIniGrps object| pathArray

7 Cookies

Domain/Path Name / Value
one-time-offer.com/ Name: ASP.NET_SessionId
Value: kevanetfu20a4uhikqpadsk1
one-time-offer.com/ Name: WLSession
Value: SID=07f1a00358f426c2bca005e749159466&SessionClosed=false
one-time-offer.com/ Name: USER%5FID
Value: 1262628527
one-time-offer.com/ Name: ASPSESSIONIDQQDRCAQA
Value: HJFFEDECINEEDJCPGDEJFPOE
one-time-offer.com/ Name: ASPSESSIONIDAQABRCTD
Value: ELGKBNDCAHOHINODMGJGHJDE
.one-time-offer.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Feb+16+2022+20%3A28%3A07+GMT%2B0000+(GMT)&version=6.16.0&isIABGlobal=false&hosts=&consentId=ea21273c-64e5-4b41-b964-1fe662cbcd4b&interactionCount=0&landingPath=https%3A%2F%2Fone-time-offer.com%2Fsol9%2Fcdiscount_fr%2Fpb698260%2Fpromo.asp%3Fsid%3D07f1a00358f426c2bca005e749159466%26ci%3DC6B62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DE1E101C16131D1416131ED46651435352594A4D5449E226262A23262D383F3D34FE4047555345545C4A425%26infoid%3D07f1a00358f426c2bca005e749159466&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0
one-time-offer.com/ Name: ASPSESSIONIDSCQAQDQB
Value: LELBMBECKFJHDDDHKDGCOIBI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.member-center.com
banners.wlservices.fr
cdn.cookielaw.org
d3dh5c7rwzliwm.cloudfront.net
dkdrawii0zqtg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
one-time-offer.com
www.googletagmanager.com
13.32.118.51
2600:9000:2240:aa00:14:9586:a100:21
2606:4700:10::6814:b844
2606:4700::6810:9440
2a00:1450:4001:809::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
52.210.180.6
52.48.117.255
54.229.255.43
04754f2aaa06245d39b24f387c3e90b65dd2c8751d4dadba2edbebca190b0cdc
077081403676ca25396e6fbe5cce7155e7d63e83903868b91695a9d5cf8a15ce
0a3f3053512fedd4761250fc21dd859b59847164d3a0caf742d056d808c6dca8
0c42ff05e2e248efed2b86bd41594a56dcdcdb3207082312856d569482a34b5a
0cede639efd6c1d520bce74b3c1f5cbbccf57522abdad7c95e56025b82f986f0
11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c
124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
173dca22aed758a683176f3e3d9ccc10964a100628a575ebc2b467eb4620359d
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3
1bce75f9438e0406ca18e08ef0070eda72016893f42ef7aca2e347ab77dd1329
1c3651c48dc8ee266374f9e3e555ab44225199712db261b303156c5d2d62d609
204eb2f71a99d3c23773ff749c0c42b5773f62f78e0364b05bd2b506d2a88441
2b083980f56aa6d6377a82f898ba925e637c03b9c6a35c28d0a1e31d149c34f5
2b38ad3bc616f69332f3ecca87016bbfe66c77ec1a31b68dece47776e0a4bb39
2b3e62e67af93b6f17255fe99eded80525a7f3f678ff1488d7bf1792aa785152
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3c266858a552c52812ddab411582a8ab78e8763b50c77fdc40e5a4f89a1c822a
4104c36d9a497be97630c8ed0576708bfc1381b2ff6a92aa7a41e17122390083
4654da0fb6b121c04d5943a7365c6cd6bcbff0f4e9b7f20261bb136d39dddd86
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
4e9187ce99f6871a91e57bea12068ac166269a35f14e1c4c69ac85203502c2fa
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938
57dfc7637aef7db2b5b68775b512f8fce25575d803f4af4e87260118938186d4
5b80826c55b0d331392995f79a267770e779b98d4cca0d7124e78ec60cf304f3
667fbd73600f9931eb3ab39292833c7ed9182385858d5004d1e93132daa3bb5b
7c8e1815b9b726abef95c02b9767cfeecd9de36dd18fe928d38b030fa32ce033
7ca9827b9cb830e35c510501de1ad37e7ebedd8c8cb388a925253a64f95bee15
8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913
8571d74f55eff7ea2c94150a0607f7e8f0a2403da66f238f7c89f4822ae7f9b8
86b1ccf63235b047380c389b74b118665df079b40706b9360a11f420ec62dceb
86be48c2e5d5eefb671366e913c889f156b60dce7e62ed74f15a4df29740d78f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
943a12f8d6daafb119e543994b543f46e17a29e97df35167216de42102ab546f
9ebae3291f840fc32c3d128bbe9518706dc5c14dd704949984d802d28a8c20d0
a04e6c9a58e4f7de825fd103326e0f00a6b3b2634233c9b68870894cba763290
b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554
b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117
bd1c4312fd3a94a09aa6e960cbb18ef4058e5687138747adf95207350ceb8225
c19badd2e95becdb5b490d89efe6e57d8d6f903121f22d86efbafc117c49870e
c28d2287ba25f531f52f96d00895c8d04ecebb1ed5ae5849b5c2b088c2ea7f82
c30ba96503f1de9a792a9e725155b852434607e956eb5b6e8997013dfb653091
c4c375371a89b85b3542beceb9c6af02284d582bc3f6574da43cd110a6fc6d73
cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6
cc24527c156532b8a3f9ee65ea20dec14f9ea769d765033a51b24d855bb4038c
cec4205899ad0e0c3874cdfce2eb2577bc38a99422da5cc951c4014d66532226
cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670
d8174f782feed11dbaf66bd035300d24623814e61f1500ac6b73a00895ec1bd3
e6f0978189cc569303e3f98accc039dbb600bf11f6377b110a1c6d88ce7db7ae
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
f85013ff265bef7b4f7dbbb38eba7a7b9f015c1aeaff39e0d0399660ac046f2c
fbf348522c351325f56d42ccf21b228de0c7c7d8a5fd899e58650a14fcc28190
fd85536f1b59127421f184b4c8b186bb991fabe6c9d314ebb9a5bbaf11d8aed2