one-time-offer.com Open in urlscan Pro
52.210.180.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://banners.wlservices.fr/jump-510
Effective URL:
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C...
Submission: On January 04 via api (January 4th 2022, 5:11:43 am UTC) from BE — Scanned from FR

Summary HTTP 56 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 56 HTTP transactions. The main IP is 52.210.180.6, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is one-time-offer.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 16th 2021. Valid for: a year.

This is the only time one-time-offer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.154.6.235 54.154.6.235	16509 (AMAZON-02) (AMAZON-02)
3 8	52.210.180.6 52.210.180.6	16509 (AMAZON-02) (AMAZON-02)
33	99.86.3.181 99.86.3.181	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:de00:14:9586:a100:21	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.48.117.255 52.48.117.255	16509 (AMAZON-02) (AMAZON-02)
56	10

1 54.154.6.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-6-235.eu-west-1.compute.amazonaws.com

banners.wlservices.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.210.180.6 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-180-6.eu-west-1.compute.amazonaws.com

one-time-offer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 99.86.3.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-181.fra6.r.cloudfront.net

d3dh5c7rwzliwm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:de00:14:9586:a100:21 (United States)

ASN16509 (AMAZON-02, US)

dkdrawii0zqtg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.117.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-117-255.eu-west-1.compute.amazonaws.com

analytics.member-center.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	cloudfront.net d3dh5c7rwzliwm.cloudfront.net dkdrawii0zqtg.cloudfront.net	268 KB
8	one-time-offer.com 3 redirects one-time-offer.com	36 KB
7	cookielaw.org cdn.cookielaw.org	122 KB
3	googleapis.com fonts.googleapis.com	2 KB
1	member-center.com analytics.member-center.com	154 B
1	onetrust.com geolocation.onetrust.com	398 B
1	googletagmanager.com www.googletagmanager.com	61 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	wlservices.fr banners.wlservices.fr	300 B
56	9

	Domain	Requested by
33	d3dh5c7rwzliwm.cloudfront.net	one-time-offer.com d3dh5c7rwzliwm.cloudfront.net
8	one-time-offer.com	3 redirects banners.wlservices.fr one-time-offer.com d3dh5c7rwzliwm.cloudfront.net
7	cdn.cookielaw.org	d3dh5c7rwzliwm.cloudfront.net cdn.cookielaw.org
3	dkdrawii0zqtg.cloudfront.net	one-time-offer.com dkdrawii0zqtg.cloudfront.net
3	fonts.googleapis.com	one-time-offer.com d3dh5c7rwzliwm.cloudfront.net
1	analytics.member-center.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	d3dh5c7rwzliwm.cloudfront.net
1	fonts.gstatic.com	fonts.googleapis.com
1	banners.wlservices.fr
56	10

This site contains links to these domains. Also see Links.

Domain
www.remisesetreductions.fr
d3dh5c7rwzliwm.cloudfront.net
webloyalty.com
onetrust.com

Subject Issuer	Validity	Valid
wlservices.fr Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
one-time-offer.com Entrust Certification Authority - L1K	`2021-12-16` - `2023-01-15`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
member-center.com Amazon	`2021-12-13` - `2023-01-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Frame ID: 1D4FBFFEADE868F584966AB19356DBCB
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Remises & RéductionsFR_RR_ARROW_Voucher4fr_rr_sellpageMockup_updates_v5_arrowfr_rr_sellpageMockup_updates_v5_arrowFR_Cashback_iconFR_MMB_iconFR_Coupon_iconfr_rr_sellpageMockup_updates_v5_arrowBack ButtonFilter Button

Page URL History Show full URLs

https://banners.wlservices.fr/jump-510 Page URL
https://one-time-offer.com/sg/gateway.aspx?v=532343A353&p=A2D29252E242BE77B7D7F706E72FC3A32303A3239F16D... HTTP 302
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

56
Requests

96 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

534 kB
Transfer

1525 kB
Size

7
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.remisesetreductions.fr/terms-and-conditions
Title: les Conditions d’Utilisation du Service

Search URL Search Domain Scan URL

URL: https://www.remisesetreductions.fr/privacy-policy
Title: Charte de Données Personnelles.

Search URL Search Domain Scan URL

URL: https://www.remisesetreductions.fr/Home/AllRetailers/698260
Title: 700 e-marchands

Search URL Search Domain Scan URL

URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/site/20190913/Remises_et_Reductions_Formulaire_de_Retractation.pdf
Title: rétractation

Search URL Search Domain Scan URL

URL: http://webloyalty.com/
Title: webloyalty.com

Search URL Search Domain Scan URL

URL: https://www.remisesetreductions.fr/about-us
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/pdf/FR_RR_TnC_210617_TnC.pdf
Title: Conditions d'Utilisation du Service

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://banners.wlservices.fr/jump-510 Page URL
https://one-time-offer.com/sg/gateway.aspx?v=532343A353&p=A2D29252E242BE77B7D7F706E72FC3A32303A3239F16D6060727&cl=0776 HTTP 302
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

Request Chain 54

https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 jump-510 Show response
banners.wlservices.fr/ 181 B
300 B 199ms
62ms Document
text/html 54.154.6.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.wlservices.fr/jump-510
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.6.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-6-235.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 74c1729764fb747dc56427110c363d9a16acd517b261e531d1b6c8074f87d53d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

date: Tue, 04 Jan 2022 05:11:38 GMT
content-type: text/html; charset=UTF-8
content-length: 174
server: Apache
vary: Accept-Encoding
content-encoding: gzip

GET
H2

200

Primary Request promo.asp Show response
one-time-offer.com/sol9/cdiscount_fr/pb698260/
Redirect Chain

https://one-time-offer.com/sg/gateway.aspx?v=532343A353&p=A2D29252E242BE77B7D7F706E72FC3A32303A3239F16D6060727&cl=0776
https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B...

66 KB
23 KB

120ms
120ms

Document
text/html

52.210.180.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Requested by: Host: banners.wlservices.fr
URL: https://banners.wlservices.fr/jump-510
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9dcaf5acafd6e9a97e8b3b668f553101de9c53377a78b2774d20fbf383c60653

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://banners.wlservices.fr/jump-510

Response headers

date: Tue, 04 Jan 2022 05:11:39 GMT
content-type: text/html
content-length: 23597
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET

Redirect headers

date: Tue, 04 Jan 2022 05:11:39 GMT
content-type: text/html; charset=utf-8
content-length: 1131
cache-control: private
location: /sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H/1.1 200
OK FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 18 KB
5 KB 101ms
30ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f85013ff265bef7b4f7dbbb38eba7a7b9f015c1aeaff39e0d0399660ac046f2c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: omKORCqZFLN3uETAlbPg0VzNRMIGxxUv
Content-Encoding: gzip
ETag: W/"ca5c05eaeaa54f93d2bb39b99b158fbc"
Age: 78657
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Tue, 21 Dec 2021 07:40:22 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 08:56:58 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: GgMjyGuer9r4uxyMOVSUXffyzh-6VkVgf_tM2EqhBrPT6_HI0-h2Cw==

GET
H/1.1 200
OK style_REY2_428_3DS_desktop-template-05.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 21 KB
6 KB 99ms
28ms Stylesheet
text/css 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56d093829d0cd9b62dc75efc785f6e5c67885825919caa7f05ff109b234ff21f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 07:20:43 GMT
Content-Encoding: gzip
Age: 78657
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ymarchand
Last-Modified: Wed, 01 Dec 2021 08:59:57 GMT
Server: AmazonS3
ETag: W/"89f57b0c09fcafdc1a4a8bbd8e72e496"
Vary: Accept-Encoding
x-amz-version-id: eb6OCkkOZpIX0Uc_P401RaLqxIvEHlaJ
Via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Content-Type: text/css
X-Amz-Cf-Id: rr7UY9H5c9FjIkwRUCGB-glhC_-KwLiCXsswDI4fUbEED9OcO1xGlw==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
819 B 107ms
38ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Requested by

Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e9187ce99f6871a91e57bea12068ac166269a35f14e1c4c69ac85203502c2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 03:30:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 05:11:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 05:11:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
927 B 106ms
37ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Paytone+One

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab5365562797d4cb63c04ed8fac0399746471d2c6c5d7b26a219cfebc6a15068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 05:11:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 05:11:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 05:11:39 GMT

GET
H2 200 Oxanium.css
dkdrawii0zqtg.cloudfront.net/Oxanium/ 2 KB
2 KB 107ms
29ms Stylesheet
text/css 2600:9000:206f:de00:14:9586:a100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57dfc7637aef7db2b5b68775b512f8fce25575d803f4af4e87260118938186d4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Jt7AsrgWb3slIlimj7CQkX7TLYpJPz75
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jan 2021 15:01:38 GMT
server: AmazonS3
age: 84888
etag: "e60cbab4e2b902891d27b2cd1c5fcb7d"
x-cache: Hit from cloudfront
content-type: text/css
date: Mon, 03 Jan 2022 05:40:25 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1823
x-amz-meta-user: aparatore
x-amz-cf-id: UO_ARPlWTkuVprRzfP_tZYwZWMjeKd78EFoEZ7Vw55mOqfNMcxAjVA==

GET
H2 200 fr_validation.js Show response
one-time-offer.com/scripts/ 10 KB
3 KB 39ms
37ms Script
application/javascript 52.210.180.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/scripts/fr_validation.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: gzip
etag: "0263d5297b2d11:0"
last-modified: Fri, 20 May 2016 12:58:36 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2913

GET
H2 200 solicitations.js Show response
one-time-offer.com/scripts/ 20 KB
6 KB 47ms
46ms Script
application/javascript 52.210.180.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/scripts/solicitations.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fbf348522c351325f56d42ccf21b228de0c7c7d8a5fd899e58650a14fcc28190

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: gzip
etag: "03e51108edd71:0"
last-modified: Thu, 09 Dec 2021 14:21:32 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5907

GET
H2 200 promo_flow.js Show response
one-time-offer.com/scripts/ 17 KB
3 KB 45ms
43ms Script
application/javascript 52.210.180.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/scripts/promo_flow.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7ca9827b9cb830e35c510501de1ad37e7ebedd8c8cb388a925253a64f95bee15

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: gzip
etag: "0e5593923aed71:0"
last-modified: Mon, 20 Sep 2021 13:27:14 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2740

GET
H/1.1 200
OK countryCode.js Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 266 B
812 B 97ms
28ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/countryCode.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: hJeSIGv5pXXyyKYreNWGJPLdd.bjVqsC
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Last-Modified: Wed, 13 Feb 2019 14:14:18 GMT
Server: AmazonS3
Age: 77004
ETag: "683ec31106c6b7258f17d8e4099090d2"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Date: Mon, 03 Jan 2022 08:01:55 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 266
x-amz-meta-user: wgarrido
X-Amz-Cf-Id: EIVGMcV-EWC74THClIOp9VDXCETd6_q-53eMB2u424VFxIq6kvSr3A==

GET
H/1.1 200
OK jquery-1.4.2.min.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 71 KB
25 KB 107ms
37ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: L2DvUgs5paiYR8R6q.gze5i_hvR889T7
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 29 Feb 2016 09:54:16 GMT
Server: AmazonS3
Age: 73317
ETag: W/"a8a2a48ddaa95527c6d3db763e2b7809"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Mon, 03 Jan 2022 08:56:58 GMT
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: 6fo7k9S37WijxXSFIpa34EYBTR1eCSNF366v_jAVZ33eypUGroc6KQ==

GET
H/1.1 200
OK jquery-ui-1.8.2.custom.min.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 204 KB
52 KB 106ms
36ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-ui-1.8.2.custom.min.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: TIm7w0TXrACS8x4kx0h4b5m1QUXkNlkD
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 09 Mar 2016 13:51:59 GMT
Server: AmazonS3
Age: 72716
ETag: W/"84d5c35fd13637738a036ed11be2a154"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Mon, 03 Jan 2022 09:09:06 GMT
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: SdK-tn5Cr1NQ7cZhVj2Hb3CTsG68XgI-D_9y-CYl4JjmJFPKp1RWdQ==

GET
H/1.1 200
OK jquery.autotab-1.1b.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 7 KB
3 KB 126ms
29ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/jquery.autotab-1.1b.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 84TczmOBEGkseG2zq3iic.24ZqSUYyTu
Content-Encoding: gzip
ETag: W/"ef37b11d0b73e90b623e6be842e0d7a9"
Age: 78657
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: aparatore
Last-Modified: Wed, 15 May 2019 07:06:30 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 09:09:30 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: sen6mnPos-c9LT60BHTxHrSo98MIWlMHnwAX-60fSg9-oHnMaqdr3w==

GET
H/1.1 200
OK LabelFloat.js Show response
d3dh5c7rwzliwm.cloudfront.net/UK/Templates/Js/ 330 B
849 B 129ms
29ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/UK/Templates/Js/LabelFloat.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ebae3291f840fc32c3d128bbe9518706dc5c14dd704949984d802d28a8c20d0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: ijL6OI7v1PwiFDg9m2risraTCsyBP598
Via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Last-Modified: Mon, 10 Apr 2017 08:13:14 GMT
Server: AmazonS3
Age: 79077
ETag: "8e7aeed06a461c2046ae2262ffde03d5"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Date: Mon, 03 Jan 2022 07:32:39 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 330
X-Amz-Cf-Id: CvoIGaKa8DwlBTONUwBVLkVsXOUbHKc_RUWBAZK3Js9SBbCbul2Gdw==

GET
H/1.1 200
OK FR_interactions-3DS-detect.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/js/desktop/ 41 KB
12 KB 134ms
34ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/desktop/FR_interactions-3DS-detect.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b3e62e67af93b6f17255fe99eded80525a7f3f678ff1488d7bf1792aa785152

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 3pYGXgRy9A5M962sSVZ_o38IDj_cd2Vv
Content-Encoding: gzip
ETag: W/"9ac0f3408985eaa3d620d0b277cefc26"
Age: 95664
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: kbajwa
Last-Modified: Wed, 28 Jul 2021 10:42:38 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 05:40:25 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: 078egmbdvhxw8CBhf8ZHRUx2JcBO7E0O7mDs5rEPYkznl3tLAHN3wQ==

GET
H/1.1 200
OK leavers.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/ 11 KB
4 KB 129ms
30ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/leavers.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: in7W4mBFWew9Mao9xiNSyP6Xa5.RcTPA
Content-Encoding: gzip
ETag: W/"ee4a0db13c3da6956218b3a7891607a6"
Age: 72716
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ymarchand
Last-Modified: Thu, 04 Oct 2018 07:14:55 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 09:09:30 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: a7Otqyb9QKcdhk45IDJCDGPuKLZfT1rYo-JyL3_tNzUkrob_T1iQDw==

GET
H/1.1 200
OK style_KAPA.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 13 KB
4 KB 98ms
30ms Stylesheet
text/css 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c42ff05e2e248efed2b86bd41594a56dcdcdb3207082312856d569482a34b5a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: XFvUlSVHRjhsrjZ0yK7B_1KP2FxKydeb
Content-Encoding: gzip
ETag: W/"19fc800428d4724f3b59737412fdd08e"
Age: 77394
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: kbajwa
Last-Modified: Thu, 20 May 2021 09:26:02 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 08:16:23 GMT
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: sDYupuCza0ENDoqBdOrx0XukosIPXAD83AIA6nSHcVHmZ2PklsA7xQ==

GET
H/1.1 200
OK ga_cookie_fr.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 3 KB
2 KB 145ms
28ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/ga_cookie_fr.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a04e6c9a58e4f7de825fd103326e0f00a6b3b2634233c9b68870894cba763290

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: TJJs3QE_t.qOnxTyxStktSfCVvTOxy3x
Content-Encoding: gzip
ETag: W/"4f4f821662fbd06d10a7a6de6d2f6985"
Age: 72689
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Mon, 19 Jul 2021 11:34:21 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 09:09:06 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: ODtU88831FAOV2QzDfYMB4mrjjdKWijI8BI-3o5Be0pR6kGaZQ_11w==

GET
H/1.1 200
OK analytics_cookie_FR_RR.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 262 B
807 B 154ms
28ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/analytics_cookie_FR_RR.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cede639efd6c1d520bce74b3c1f5cbbccf57522abdad7c95e56025b82f986f0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wVJEc7mOuiOFVscNSlWqDosAcuqgRfb6
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Last-Modified: Thu, 01 Apr 2021 13:49:58 GMT
Server: AmazonS3
Age: 72716
ETag: "91923f128eb53ad36311b76a321757c2"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Date: Mon, 03 Jan 2022 09:09:06 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 262
x-amz-meta-user: gsokate
X-Amz-Cf-Id: NCDpIi-E-6L6kHlPgxhxJMjF28aEWQRmIq9xxXnhoiP7p_VHJ4AmkA==

GET
H/1.1 200
OK FR_RR_Zeta_TTB_CDsicount.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 18 KB
18 KB 33ms
33ms Image
image/jpeg 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/FR_RR_Zeta_TTB_CDsicount.jpg
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4c375371a89b85b3542beceb9c6af02284d582bc3f6574da43cd110a6fc6d73

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: COPKYW_aw1J6NqbbEZEuli2ouCyhGp9Y
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Jun 2018 15:13:50 GMT
Server: AmazonS3
Age: 82829
ETag: "52b80f8d6a1ac3b5b903cbd43bbc5a21"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Date: Mon, 03 Jan 2022 06:35:56 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 18284
x-amz-meta-user: ntambe
X-Amz-Cf-Id: mDgoIjXTbsfrzjy6pEEI4YWVYlMCmVs3HUY5pD3Yplvbb60i-AWBFQ==

GET
H/1.1 200
OK CCgoldBG_nolines.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ 22 KB
22 KB 29ms
29ms Image
image/png 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/CCgoldBG_nolines.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b38ad3bc616f69332f3ecca87016bbfe66c77ec1a31b68dece47776e0a4bb39

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: TlJj4CazOH62IHi7YjR2.8FCQmt2Wnxo
Via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Last-Modified: Mon, 11 Jan 2021 08:11:42 GMT
Server: AmazonS3
Age: 72716
ETag: "4ccf1c0909d1d808868817d8ea1c1325"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 03 Jan 2022 08:59:44 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 22276
x-amz-meta-user: aparatore
X-Amz-Cf-Id: OiYnxt8vBO1-wyT-uMiIt8ivn22lx7wjTOpc8ARCVUucPUl7mCM1oA==

GET
H/1.1 200
OK logo_RR_DoubleClic.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 8 KB
8 KB 32ms
32ms Image
image/png 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/logo_RR_DoubleClic.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4104c36d9a497be97630c8ed0576708bfc1381b2ff6a92aa7a41e17122390083

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: yU.38jbX0Db8bW5Bcosai9Kwl9OXAGIU
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Last-Modified: Fri, 09 Sep 2016 08:31:54 GMT
Server: AmazonS3
Age: 73623
ETag: "7fc0f32c7a54d89729ef528c55b0a314"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 03 Jan 2022 08:47:24 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 7963
X-Amz-Cf-Id: sM3xezARpamDT7heSiDLlFnXBeaPWRXgOWeWNYSnFy5idK5BS7D17A==

GET
H/1.1 200
OK mdp_info.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ 346 B
859 B 28ms
28ms Image
image/png 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/mdp_info.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: LKFRulTcNBjSQVNkYEoc0dWx4zWzEs4A
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Oct 2015 07:20:28 GMT
Server: AmazonS3
Age: 78656
ETag: "68c514ae5f431a73795154b2d19c17eb"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 03 Jan 2022 08:16:23 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 346
X-Amz-Cf-Id: tEAAGkZJoBnuMlRGvkQr8oye5uhpDuc0_nXo_yU4mE4G97E9_1VAZA==

GET
H/1.1 200
OK tracker_cookie.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 4 KB
2 KB 29ms
29ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04754f2aaa06245d39b24f387c3e90b65dd2c8751d4dadba2edbebca190b0cdc

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: UXlrH7e1SrHfx6EYxrK15cBZddi.bHuH
Content-Encoding: gzip
ETag: W/"878fcb0716cadb3d2b4bd05d4527611d"
Age: 13333
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Tue, 21 Dec 2021 07:41:18 GMT
Server: AmazonS3
Date: Tue, 04 Jan 2022 02:07:27 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: h26Q8mbeF96dJnX2jEzkgBwWAmAcnZcZw2ns4DmWVla0yAhTNmQ2gA==

GET
H/1.1 200
OK FIX_FR_RR_428_REY2_3DS_0520.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 597 B
1 KB 28ms
28ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FIX_FR_RR_428_REY2_3DS_0520.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8571d74f55eff7ea2c94150a0607f7e8f0a2403da66f238f7c89f4822ae7f9b8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: p6TghjpTZorApap7LTJwGt3tTRDxpOxU
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Oct 2021 13:38:37 GMT
Server: AmazonS3
Age: 78656
ETag: "8c1dd793a0627e839732ee61b0383499"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Date: Mon, 03 Jan 2022 09:11:55 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 597
x-amz-meta-user: ymarchand
X-Amz-Cf-Id: pbQAA_J7O7EoAaWwziSAXvhAax4VnVWhCePW2tx_qDq9zL-lZR7dYw==

GET
H/1.1 200
OK milestone_tracking.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 3 KB
1 KB 96ms
95ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/milestone_tracking.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c28d2287ba25f531f52f96d00895c8d04ecebb1ed5ae5849b5c2b088c2ea7f82

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: oF5VVWcAGofDUUwE7pHM0yPp6Y2DZ0Sl
Content-Encoding: gzip
ETag: W/"b9168af0c5cf07f58ea7ea1c82eff881"
Age: 73964
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: kbajwa
Last-Modified: Wed, 23 Jun 2021 09:48:10 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 08:47:06 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: ywQQj7Icf7KdZW_9U4MrdljUQpvacejbJiirlWoNT8y7yDR5y9Cj9Q==

GET
H/1.1 200
OK FR_resize-boxes.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 1 KB
1 KB 34ms
33ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_resize-boxes.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c19badd2e95becdb5b490d89efe6e57d8d6f903121f22d86efbafc117c49870e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: kIMhMlGnl6VJWfv8OTYNVRecmZEv1yw4
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 04 Oct 2021 11:31:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
ETag: W/"b6891efad76d60fd53a2a9f0af3f9f5f"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Date: Tue, 04 Jan 2022 05:11:39 GMT
Connection: keep-alive
X-Amz-Cf-Id: MqyTtILhnsydoCUcvTzLINhEbo7VDlqM7okk_3tpd3medxkdx40gqg==
x-amz-meta-user: kbajwa

GET
H/1.1 200
OK FIX_WORDING_KAPPA_435.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 44 B
590 B 29ms
27ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FIX_WORDING_KAPPA_435.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8174f782feed11dbaf66bd035300d24623814e61f1500ac6b73a00895ec1bd3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 4C1M7yG4avbtj.dUlHYDkx29dPRCpxCA
Via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Jan 2021 07:38:51 GMT
Server: AmazonS3
Age: 78657
ETag: "c14211e92b5d54952e8119bf7d6b5a54"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Date: Mon, 03 Jan 2022 09:09:30 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 44
x-amz-meta-user: aparatore
X-Amz-Cf-Id: JHntqWm4BIL6eprI6JO1rzTP9Sczpnsxjy6nXqvvW_iY5ZSDV91BUg==

GET
H/1.1 200
OK FIX_WORDING_KAPPA_435.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 163 B
700 B 28ms
28ms Stylesheet
text/css 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FIX_WORDING_KAPPA_435.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c3651c48dc8ee266374f9e3e555ab44225199712db261b303156c5d2d62d609

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: B8kjDTDLhl2t.1R.RdbELd_ksfT.e0TD
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Last-Modified: Mon, 31 May 2021 09:47:22 GMT
Server: AmazonS3
Age: 78656
ETag: "4038b68d9fd0e6c102df86826bc03ad4"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
Date: Mon, 03 Jan 2022 08:56:58 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 163
x-amz-meta-user: disune
X-Amz-Cf-Id: sYeQxXDJk4s4tzOCe30gpTZ5BBnL3I4mr330WawSNY_sHtE5ocKErg==

GET
H/1.1 200
OK FR_RR_KAPPA_PROMO_RWD_cookies.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 18 KB
4 KB 31ms
31ms Stylesheet
text/css 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FR_RR_KAPPA_PROMO_RWD_cookies.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6f0978189cc569303e3f98accc039dbb600bf11f6377b110a1c6d88ce7db7ae

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: iIlgXU8LHfcpGGgHjp9MOTChN0oVRvrx
Content-Encoding: gzip
ETag: W/"73d8e9734478bb3088df3849c3d9cb89"
Age: 72716
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Tue, 04 May 2021 09:55:43 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 08:59:44 GMT
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: ES1Yw5ehVbw4RFOWaYAK40CfXXGcS9sk8h0xzraC8MK1fdPBCeX_LA==

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/ 4 KB
2 KB 255ms
179ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/OtAutoBlock.js

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c30ba96503f1de9a792a9e725155b852434607e956eb5b6e8997013dfb653091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: iVcbIayDAoC1oama2voL9w==
vary: Accept-Encoding
content-length: 1474
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jul 2021 08:22:45 GMT
server: cloudflare
etag: 0x8D94769B9383812
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 385f64ab-601e-0124-0f15-b607fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c81f7a7ccdf5a2b-MXP
expires: Tue, 04 Jan 2022 09:11:39 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 117ms
41ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dMq6iJthjOyg56NOUFVpHQ==
age: 1069
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Tue, 04 Jan 2022 03:52:42 GMT
server: cloudflare
etag: 0x8D9CF35A9471075
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e2f0e903-c01e-000f-7d27-013510000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c81f7a7cce15a2b-MXP

GET
H/1.1 200
OK script_cvv_bb_3DS_global_V4_FR.js Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 39 KB
7 KB 31ms
30ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/script_cvv_bb_3DS_global_V4_FR.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c8e1815b9b726abef95c02b9767cfeecd9de36dd18fe928d38b030fa32ce033

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 79FNBUb0HdOSXzgQ52t9bk4X5xMK0jVf
Content-Encoding: gzip
ETag: W/"a7366f2f44b6140715289cc15a677089"
Age: 73317
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ymarchand
Last-Modified: Thu, 02 Dec 2021 13:45:01 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 08:56:59 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: 07l-jn4EROG8aYcJXxnmK-i_0PfcyPuLKIV-ZN3sK9RbYtOQtWJEbA==

GET
H/1.1 200
OK fleche.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ 165 B
678 B 31ms
28ms Image
image/png 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/fleche.png
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: H16EQssbPPddOYVe7DwcZybv7.ktAvKj
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Aug 2016 06:29:28 GMT
Server: AmazonS3
Age: 72716
ETag: "7f4eb8719c5b81a2c81f81fd1120e909"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 03 Jan 2022 08:59:44 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 165
X-Amz-Cf-Id: 3MbdLkpieUveL6PvBnPX_OIiS3Tw7WomirQckMHT3hGBXUSkwJNVmA==

GET
H/1.1 200
OK round_left.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 288 B
827 B 34ms
28ms Image
image/png 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/round_left.png
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4654da0fb6b121c04d5943a7365c6cd6bcbff0f4e9b7f20261bb136d39dddd86

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 52Jq3Y9FYGXnUbVoINJOCzkPs8ktRHMh
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Last-Modified: Wed, 12 May 2021 14:07:06 GMT
Server: AmazonS3
Age: 72689
ETag: "367efb880f245df06cd614e17fd3f955"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 03 Jan 2022 09:09:07 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 288
x-amz-meta-user: ngandhi
X-Amz-Cf-Id: 1OfPUTooAFWHSE-PaFVs_ChwbIJWTMSfehE6CtAsfQGu1Xo9HwzuOA==

GET
H/1.1 200
OK round_right.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 278 B
817 B 35ms
30ms Image
image/png 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/round_right.png
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 077081403676ca25396e6fbe5cce7155e7d63e83903868b91695a9d5cf8a15ce

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: O2dNpEjvoqERy4hXgKJKImWcQbKzRIjN
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Last-Modified: Wed, 12 May 2021 14:07:04 GMT
Server: AmazonS3
Age: 84678
ETag: "fb752cf8eac72d694dea5b6928834164"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 03 Jan 2022 05:40:22 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 278
x-amz-meta-user: ngandhi
X-Amz-Cf-Id: ALJybW1H9PYhVDx8M9qwrJ5wlK8pzjf1XAkJtrbIpua-X_Fo2Y_EiQ==

GET
H/1.1 200
OK card.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ 3 KB
3 KB 28ms
28ms Image
image/jpeg 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/card.jpg
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cec4205899ad0e0c3874cdfce2eb2577bc38a99422da5cc951c4014d66532226

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 07:20:44 GMT
Via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Last-Modified: Mon, 10 May 2021 06:59:35 GMT
Server: AmazonS3
Age: 78656
ETag: "4fe3d1fbeb039955a75d473adbf6cbce"
X-Cache: Hit from cloudfront
x-amz-version-id: UiM4cS9jJ8wdA2dpxycB5ivEL_i0yyby
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 2614
x-amz-meta-user: ymarchand
X-Amz-Cf-Id: Se_Af7FXroDfAfu6SC8sPnoeq8XFHsFvxc5ys9U46ol2Y3xDuTNDSQ==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 95ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one-time-offer.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 314377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:52:02 GMT

GET
H2 200 Oxanium-Medium.woff2
dkdrawii0zqtg.cloudfront.net/Oxanium/ 13 KB
13 KB 87ms
29ms Font
application/font-woff2 2600:9000:206f:de00:14:9586:a100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium-Medium.woff2
Requested by: Host: dkdrawii0zqtg.cloudfront.net
URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86b1ccf63235b047380c389b74b118665df079b40706b9360a11f420ec62dceb

Request headers

Referer: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Origin: https://one-time-offer.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: RkDR4xitytH2CMza8MwbVPvedJPoZPAM
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
etag: "caf9fc1e7fec26b96984b826d6eb5e7c"
age: 82061
x-cache: Hit from cloudfront
content-length: 12808
x-amz-meta-user: aparatore
last-modified: Mon, 11 Jan 2021 14:59:49 GMT
server: AmazonS3
date: Mon, 03 Jan 2022 06:33:08 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 1H-jagCEWk_1051T7o9IG3_rwWKimWYPbeHLPcY8vpr0O808SVy03Q==

GET
H2 200 Oxanium-Bold.woff2
dkdrawii0zqtg.cloudfront.net/Oxanium/ 12 KB
13 KB 87ms
30ms Font
application/font-woff2 2600:9000:206f:de00:14:9586:a100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium-Bold.woff2
Requested by: Host: dkdrawii0zqtg.cloudfront.net
URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd85536f1b59127421f184b4c8b186bb991fabe6c9d314ebb9a5bbaf11d8aed2

Request headers

Referer: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Origin: https://one-time-offer.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: eiGvopmXv.2ZAUZzPcQbcLQ8LtpUwpff
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
etag: "b5fe7985255d606213a15c9c06904c17"
age: 77952
x-cache: Hit from cloudfront
content-length: 12476
x-amz-meta-user: aparatore
last-modified: Mon, 11 Jan 2021 14:59:50 GMT
server: AmazonS3
date: Mon, 03 Jan 2022 07:44:34 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: IpGWbVZhCYj4cd0sNRc_qB22VQYBsdyqkQj1F2DkNqAdRonYNDlpkg==

GET
H/1.1 200
OK Clicktale_FR.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 209 B
756 B 28ms
28ms Script
text/javascript 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/Clicktale_FR.js
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc24527c156532b8a3f9ee65ea20dec14f9ea769d765033a51b24d855bb4038c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9qSqGm8P7p6Rz_pkW4Rh_2HBy1PqGQ98
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Feb 2021 15:38:34 GMT
Server: AmazonS3
Age: 72689
ETag: "6e1a68de54fba21ee7d2a84bb9a5e03e"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Date: Mon, 03 Jan 2022 09:09:30 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 209
x-amz-meta-user: ymarchand
X-Amz-Cf-Id: EOXsM4vjzbUrWATNs5l9H_HWiGqrE1seZQWYF0_A6ZKzsIwWcOB3TQ==

GET
H2 200 xt_rta_info.asp Show response
one-time-offer.com/common/ 79 B
270 B 68ms
68ms XHR
application/json 52.210.180.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/common/xt_rta_info.asp?ccType=Unknown+Type&bin=0
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.180.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-180-6.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1bce75f9438e0406ca18e08ef0070eda72016893f42ef7aca2e347ab77dd1329

Request headers

Accept: application/json, text/javascript, */*
Referer: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
X-Requested-With: XMLHttpRequest
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 Jan 2022 05:11:39 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-length: 79
content-type: application/json; charset=utf-8

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
480 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FR_RR_KAPPA_PROMO_RWD_cookies.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ad3ff657f32032ef8efa653730c135bd6aab764db571b1de66d295ec10c81ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 04:12:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 05:11:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 05:11:39 GMT

GET
H2 200 fcc01ff5-636a-461e-8941-bd653a7fe10d.json Show response
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/ 5 KB
2 KB 112ms
41ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/fcc01ff5-636a-461e-8941-bd653a7fe10d.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

943a12f8d6daafb119e543994b543f46e17a29e97df35167216de42102ab546f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: t5t40AmLJzHwWn0nRUuiRg==
age: 6217
vary: Accept-Encoding
content-length: 1505
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jul 2021 08:22:44 GMT
server: cloudflare
etag: 0x8D94769B8A727C8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8328c07f-801e-010c-2a8b-cc7042000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c81f7a88eec5a37-MXP
expires: Tue, 04 Jan 2022 09:11:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
61 KB 115ms
41ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5XHZJF

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/ga_cookie_fr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0857bd310b4593b1ebc887daa10f525b6cf730586fb08ce7520983412a03a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62282
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Jan 2022 05:11:39 GMT

GET
H/1.1 200
OK scanning.gif
d3dh5c7rwzliwm.cloudfront.net/UK/Templates/CCScan/ 46 KB
46 KB 42ms
42ms Image
image/gif 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/UK/Templates/CCScan/scanning.gif
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 667fbd73600f9931eb3ab39292833c7ed9182385858d5004d1e93132daa3bb5b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: P5X8e32szzZRuYav0b9HEo6Tqj_nFIPW
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
Last-Modified: Wed, 30 Mar 2016 13:29:50 GMT
Server: AmazonS3
Age: 84061
ETag: "123876a2d2f4e3cf7cb8ce35eb5f1383"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Date: Mon, 03 Jan 2022 05:50:39 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 46809
X-Amz-Cf-Id: v_ePqrgB5pr7roq9iMdzgQGL6WdT0hbSatnljoR5WsDw5wH2GqsAbA==

GET
H/1.1 200
OK FR_RR_logo_voucher_0050_cdiscount.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/header/ 5 KB
6 KB 37ms
37ms Image
image/png 99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/header/FR_RR_logo_voucher_0050_cdiscount.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/cdiscount_fr/pb698260/promo.asp?sid=234901e8d8b9bcd2a7e3a0e11cc4d7f8&ci=C6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425&infoid=234901e8d8b9bcd2a7e3a0e11cc4d7f8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b083980f56aa6d6377a82f898ba925e637c03b9c6a35c28d0a1e31d149c34f5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: jnjHokFcUYYGsx.KYFJeWHaNU8K7PlO.
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Last-Modified: Thu, 15 Sep 2016 12:48:38 GMT
Server: AmazonS3
Age: 74499
ETag: "be331e551b5eeeb36d104ce3518ccda0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 03 Jan 2022 08:30:01 GMT
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 5454
X-Amz-Cf-Id: 2LhDDn33SqvTTwxJ458NveVvJcf4Y5Y1IZh9VZvb76Rm7kX_xzq3_g==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 190 B
398 B 124ms
45ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

726d69f35e4220ac81e2dac4b57076b2e3eed60c9fbabd3221a914abc8e400da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c81f7a948800e1a-MXP

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 42ms
42ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 05:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 6678215
vary: Accept-Encoding
content-length: 85065
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:31:04 GMT
server: cloudflare
etag: 0x8D910C57D52F14C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e5ddc35e-701e-0156-066c-c476c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c81f7a99e835a2b-MXP

GET
H2 200 fr.json Show response
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/b50097ae-2b29-4c1e-ac3c-9dfac67cc172/ 48 KB
13 KB 190ms
189ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/b50097ae-2b29-4c1e-ac3c-9dfac67cc172/fr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b80826c55b0d331392995f79a267770e779b98d4cca0d7124e78ec60cf304f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 05:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: Xiashj9IKKW7GQT5tOkWvA==
vary: Accept-Encoding
content-length: 13180
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jul 2021 08:22:53 GMT
server: cloudflare
etag: 0x8D94769BDE98160
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: de9ae775-701e-0059-539c-00dd60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c81f7aa58645a37-MXP
expires: Tue, 04 Jan 2022 09:11:40 GMT

GET
H2 200 LambdaWLAnalytics Show response
analytics.member-center.com/lambda/ 79 B
154 B 178ms
71ms Script
application/javascript 52.48.117.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.member-center.com/lambda/LambdaWLAnalytics?WLUMID=undefined&PID=27400
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5XHZJF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.117.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-117-255.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 173dca22aed758a683176f3e3d9ccc10964a100628a575ebc2b467eb4620359d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:11:40 GMT
server: awselb/2.0
content-length: 79
content-type: application/javascript

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 41ms
40ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 05:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 6677915
vary: Accept-Encoding
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C572DA86E8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e93132c4-e01e-00d4-736d-c491c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c81f7ab99795a37-MXP

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/ 46 KB
12 KB 42ms
41ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 05:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2Zi7TemSsXHh6hY5sI0Yeg==
age: 6677914
vary: Accept-Encoding
content-length: 11890
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:50 GMT
server: cloudflare
etag: 0x8D910C574C4FC1A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d4acc663-a01e-005b-026d-c4df9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c81f7ab997a5a37-MXP

GET
H/1.1

200
OK

spacer.gif Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain

https://one-time-offer.com/common/xt_recMilestone.asp
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

43 B
859 B

85ms
28ms

XHR
image/gif

99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Protocol: HTTP/1.1
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: iG7_tlWBrGLw6cWT9taMgLAkJAqZyJ2R
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
Age: 26262
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
x-amz-meta-user: ymarchand
Last-Modified: Mon, 11 May 2020 07:31:23 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 21:57:08 GMT
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: HEAD, GET
Content-Type: image/gif
Access-Control-Allow-Origin: https://one-time-offer.com
Access-Control-Expose-Headers: ETag, x-amz-meta-custom-header
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: ByPQujan2yxsnJVXrPk_rhnTuCEHqMbpD5aRXEAnTalpLSMZ28k7WA==

Redirect headers

location: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
date: Tue, 04 Jan 2022 05:11:40 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-length: 180
content-type: text/html

GET
H/1.1

200
OK

spacer.gif Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain

https://one-time-offer.com/common/xt_recMilestone.asp
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

43 B
859 B

28ms
28ms

XHR
image/gif

99.86.3.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Protocol: HTTP/1.1
Server: 99.86.3.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-181.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: iG7_tlWBrGLw6cWT9taMgLAkJAqZyJ2R
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
Age: 26263
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
x-amz-meta-user: ymarchand
Last-Modified: Mon, 11 May 2020 07:31:23 GMT
Server: AmazonS3
Date: Mon, 03 Jan 2022 21:57:08 GMT
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: HEAD, GET
Content-Type: image/gif
Access-Control-Allow-Origin: https://one-time-offer.com
Access-Control-Expose-Headers: ETag, x-amz-meta-custom-header
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 1FE4ZvQeEpQ9lnhFveyfbRw-7EZDPseDB8_62VXtyEdEFf_gkiB95Q==

Redirect headers

location: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
date: Tue, 04 Jan 2022 05:11:41 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-length: 180
content-type: text/html

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
one-time-offer.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ntffl42kx1kfio0yazeth10q
one-time-offer.com/	1969-12-31 23:59:59	Name: WLSession Value: SID=234901e8d8b9bcd2a7e3a0e11cc4d7f8&SessionClosed=false
one-time-offer.com/	1970-01-20 08:40:09	Name: USER%5FID Value: 1255972580
one-time-offer.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSSTABABB Value: IHMLEHOBKOKDLJANGCJGNLBG
one-time-offer.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSSRBACDD Value: PMJHNGOBLIPLJDOJPKILANII
.one-time-offer.com/	1970-01-20 08:40:09	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jan+04+2022+05%3A11%3A40+GMT%2B0000+(GMT)&version=6.16.0&isIABGlobal=false&hosts=&consentId=28d09477-5d8c-4de0-ae47-f2c7425ad1e6&interactionCount=0&landingPath=https%3A%2F%2Fone-time-offer.com%2Fsol9%2Fcdiscount_fr%2Fpb698260%2Fpromo.asp%3Fsid%3D234901e8d8b9bcd2a7e3a0e11cc4d7f8%26ci%3DC6A62606A6269A11D1C0712120A110E13BB7C7B707E707AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DB1A1B1A1114161C17131ED46651435352594A4D5449E52C262026292A3B3F3D34FE4047555345545C4A425%26infoid%3D234901e8d8b9bcd2a7e3a0e11cc4d7f8&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0
one-time-offer.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDAADRBDBD Value: MJIHKGOBEJBFGLEIFGKCLPKE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.member-center.com
banners.wlservices.fr
cdn.cookielaw.org
d3dh5c7rwzliwm.cloudfront.net
dkdrawii0zqtg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
one-time-offer.com
www.googletagmanager.com
2600:9000:206f:de00:14:9586:a100:21
2606:4700:10::6814:b844
2606:4700::6810:9540
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:82a::2003
52.210.180.6
52.48.117.255
54.154.6.235
99.86.3.181
04754f2aaa06245d39b24f387c3e90b65dd2c8751d4dadba2edbebca190b0cdc
077081403676ca25396e6fbe5cce7155e7d63e83903868b91695a9d5cf8a15ce
0c42ff05e2e248efed2b86bd41594a56dcdcdb3207082312856d569482a34b5a
0cede639efd6c1d520bce74b3c1f5cbbccf57522abdad7c95e56025b82f986f0
11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c
124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334
173dca22aed758a683176f3e3d9ccc10964a100628a575ebc2b467eb4620359d
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3
1bce75f9438e0406ca18e08ef0070eda72016893f42ef7aca2e347ab77dd1329
1c3651c48dc8ee266374f9e3e555ab44225199712db261b303156c5d2d62d609
2b083980f56aa6d6377a82f898ba925e637c03b9c6a35c28d0a1e31d149c34f5
2b38ad3bc616f69332f3ecca87016bbfe66c77ec1a31b68dece47776e0a4bb39
2b3e62e67af93b6f17255fe99eded80525a7f3f678ff1488d7bf1792aa785152
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
4104c36d9a497be97630c8ed0576708bfc1381b2ff6a92aa7a41e17122390083
4654da0fb6b121c04d5943a7365c6cd6bcbff0f4e9b7f20261bb136d39dddd86
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4e9187ce99f6871a91e57bea12068ac166269a35f14e1c4c69ac85203502c2fa
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938
56d093829d0cd9b62dc75efc785f6e5c67885825919caa7f05ff109b234ff21f
57dfc7637aef7db2b5b68775b512f8fce25575d803f4af4e87260118938186d4
5b80826c55b0d331392995f79a267770e779b98d4cca0d7124e78ec60cf304f3
667fbd73600f9931eb3ab39292833c7ed9182385858d5004d1e93132daa3bb5b
726d69f35e4220ac81e2dac4b57076b2e3eed60c9fbabd3221a914abc8e400da
74c1729764fb747dc56427110c363d9a16acd517b261e531d1b6c8074f87d53d
7ad3ff657f32032ef8efa653730c135bd6aab764db571b1de66d295ec10c81ac
7c8e1815b9b726abef95c02b9767cfeecd9de36dd18fe928d38b030fa32ce033
7ca9827b9cb830e35c510501de1ad37e7ebedd8c8cb388a925253a64f95bee15
8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913
8571d74f55eff7ea2c94150a0607f7e8f0a2403da66f238f7c89f4822ae7f9b8
86b1ccf63235b047380c389b74b118665df079b40706b9360a11f420ec62dceb
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
943a12f8d6daafb119e543994b543f46e17a29e97df35167216de42102ab546f
9dcaf5acafd6e9a97e8b3b668f553101de9c53377a78b2774d20fbf383c60653
9ebae3291f840fc32c3d128bbe9518706dc5c14dd704949984d802d28a8c20d0
a04e6c9a58e4f7de825fd103326e0f00a6b3b2634233c9b68870894cba763290
ab5365562797d4cb63c04ed8fac0399746471d2c6c5d7b26a219cfebc6a15068
b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554
b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117
c0857bd310b4593b1ebc887daa10f525b6cf730586fb08ce7520983412a03a42
c19badd2e95becdb5b490d89efe6e57d8d6f903121f22d86efbafc117c49870e
c28d2287ba25f531f52f96d00895c8d04ecebb1ed5ae5849b5c2b088c2ea7f82
c30ba96503f1de9a792a9e725155b852434607e956eb5b6e8997013dfb653091
c4c375371a89b85b3542beceb9c6af02284d582bc3f6574da43cd110a6fc6d73
cc24527c156532b8a3f9ee65ea20dec14f9ea769d765033a51b24d855bb4038c
cec4205899ad0e0c3874cdfce2eb2577bc38a99422da5cc951c4014d66532226
cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670
d8174f782feed11dbaf66bd035300d24623814e61f1500ac6b73a00895ec1bd3
e6f0978189cc569303e3f98accc039dbb600bf11f6377b110a1c6d88ce7db7ae
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
f85013ff265bef7b4f7dbbb38eba7a7b9f015c1aeaff39e0d0399660ac046f2c
fbf348522c351325f56d42ccf21b228de0c7c7d8a5fd899e58650a14fcc28190
fd85536f1b59127421f184b4c8b186bb991fabe6c9d314ebb9a5bbaf11d8aed2

one-time-offer.com Open in urlscan Pro 52.210.180.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

60 %IPv6

9 Domains

10 Subdomains

10 IPs

3 Countries

534 kBTransfer

1525 kBSize

7 Cookies

8 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

one-time-offer.com Open in urlscan Pro
52.210.180.6 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

534 kB
Transfer

1525 kB
Size

7
Cookies

56 HTTP transactions
0 data transactions