urlscan.io logo urlscan.io
SecurityTrails logo

offerta-clarins.it Open in urlscan Pro
79.137.123.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://echo7.bluehornet.com/ct/55337302:JqGpxyb1N:m:1:3026323711:54D4E6AE48BD89016EDC56595D5B99E3:r
Effective URL: https://offerta-clarins.it/?source=TIO
Submission: On March 27 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 11 domains to perform 32 HTTP transactions. The main IP is 79.137.123.127, located in France and belongs to OVH, FR. The main domain is offerta-clarins.it.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 2nd 2020. Valid for: 3 months.
This is the only time offerta-clarins.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.39.168.155 16509 (AMAZON-02)
1 1 52.210.174.128 16509 (AMAZON-02)
1 1 89.185.38.84 8426 (CLARANET-...)
1 2 34.95.109.120 15169 (GOOGLE)
1 52.85.242.104 16509 (AMAZON-02)
15 79.137.123.127 16276 (OVH)
1 188.165.150.177 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 51.158.22.151 12876 (Online SAS)
2 2a00:1450:400... 15169 (GOOGLE)
6 13.225.18.47 16509 (AMAZON-02)
3 195.154.94.172 12876 (Online SAS)
32 11
1    52.39.168.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-168-155.us-west-2.compute.amazonaws.com
echo7.bluehornet.com
1    52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
loudingads.go2cloud.org
1    89.185.38.84 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
tracking.publicidees.com
2    34.95.109.120 (United States)

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com
clk.tradedoubler.com
1    52.85.242.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-242-104.arn1.r.cloudfront.net
vht.tradedoubler.com
15    79.137.123.127 (France)

ASN16276 (OVH, FR)
PTR: ip127.ip-79-137-123.eu
offerta-clarins.it
1    188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com
analytics.tradedoubler.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    51.158.22.151 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: cdn.sk.ht
events.sk.ht
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    13.225.18.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-18-47.bru50.r.cloudfront.net
d1h8fl8on3a554.cloudfront.net
3    195.154.94.172 (France)

ASN12876 (Online SAS, FR)
PTR: 195-154-94-172.rev.poneytelecom.eu
sk.ht
tag.avent-media.fr
Domain Requested by
15 offerta-clarins.it clk.tradedoubler.com
offerta-clarins.it
6 d1h8fl8on3a554.cloudfront.net offerta-clarins.it
2 sk.ht events.sk.ht
offerta-clarins.it
2 www.google-analytics.com www.googletagmanager.com
offerta-clarins.it
2 clk.tradedoubler.com 1 redirects
1 tag.avent-media.fr offerta-clarins.it
1 events.sk.ht offerta-clarins.it
1 code.jquery.com offerta-clarins.it
1 www.googletagmanager.com offerta-clarins.it
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 tracking.publicidees.com 1 redirects
1 loudingads.go2cloud.org 1 redirects
1 echo7.bluehornet.com 1 redirects
32 14

This site contains links to these domains. Also see Links.

Domain
www.avent-media.fr
avent-media.fr
Subject Issuer Validity Valid
*.tradedoubler.com
GlobalSign Domain Validation CA - SHA256 - G2		 2018-12-10 -
2021-01-27		 2 years crt.sh
offerta-clarins.it
Let's Encrypt Authority X3		 2020-03-02 -
2020-05-31		 3 months crt.sh
analytics.tradedoubler.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-02 -
2021-02-01		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
events.sk.ht
Let's Encrypt Authority X3		 2020-03-05 -
2020-06-03		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
sk.ht
Let's Encrypt Authority X3		 2020-03-25 -
2020-06-23		 3 months crt.sh
tag.avent-media.fr
Let's Encrypt Authority X3		 2020-03-25 -
2020-06-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://offerta-clarins.it/?source=TIO
Frame ID: F8E225D4944EC4A0A436292DB7BFC5DA
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://echo7.bluehornet.com/ct/55337302:JqGpxyb1N:m:1:3026323711:54D4E6AE48BD89016EDC56595D5B99E3:r HTTP 302
    https://loudingads.go2cloud.org/aff_c?offer_id=1499&aff_id=1&file_id=2610&aff_sub=redeglisconti&aff_sub3=111... HTTP 302
    https://tracking.publicidees.com/clic.php?promoid=217339&progid=7449&partid=57795&url=https%3A%2F%2Fclk.trade... HTTP 302
    https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO Page URL
  2. https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO HTTP 302
    https://offerta-clarins.it/?source=TIO Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

Page Statistics

32
Requests

100 %
HTTPS

23 %
IPv6

11
Domains

14
Subdomains

11
IPs

5
Countries

918 kB
Transfer

5486 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://echo7.bluehornet.com/ct/55337302:JqGpxyb1N:m:1:3026323711:54D4E6AE48BD89016EDC56595D5B99E3:r HTTP 302
    https://loudingads.go2cloud.org/aff_c?offer_id=1499&aff_id=1&file_id=2610&aff_sub=redeglisconti&aff_sub3=11177075 HTTP 302
    https://tracking.publicidees.com/clic.php?promoid=217339&progid=7449&partid=57795&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D304676%26a%3D2778258%26g%3D24742450%26epi%3DTIO HTTP 302
    https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO Page URL
  2. https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO HTTP 302
    https://offerta-clarins.it/?source=TIO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://echo7.bluehornet.com/ct/55337302:JqGpxyb1N:m:1:3026323711:54D4E6AE48BD89016EDC56595D5B99E3:r HTTP 302
  • https://loudingads.go2cloud.org/aff_c?offer_id=1499&aff_id=1&file_id=2610&aff_sub=redeglisconti&aff_sub3=11177075 HTTP 302
  • https://tracking.publicidees.com/clic.php?promoid=217339&progid=7449&partid=57795&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D304676%26a%3D2778258%26g%3D24742450%26epi%3DTIO HTTP 302
  • https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
clk.tradedoubler.com/
Redirect Chain
  • http://echo7.bluehornet.com/ct/55337302:JqGpxyb1N:m:1:3026323711:54D4E6AE48BD89016EDC56595D5B99E3:r
  • https://loudingads.go2cloud.org/aff_c?offer_id=1499&aff_id=1&file_id=2610&aff_sub=redeglisconti&aff_sub3=11177075
  • https://tracking.publicidees.com/clic.php?promoid=217339&progid=7449&partid=57795&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D304676%26a%3D2778258%26g%3D24742450%26epi%3DTIO
  • https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO
840 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
b31f3651967ba04677ba2c0d953704cb243cda9dc1fd76f1605df7d938c5c00f

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=304676&a=2778258&g=24742450&epi=TIO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Fri, 27 Mar 2020 19:39:21 GMT
content-length
840
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx/1.14.0
Date
Fri, 27 Mar 2020 19:39:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Expires
0
Last-Modified
Fri, 27 Mar 2020 19:39:22 GMT
Cache-Control
no-cache, must-revalidate
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie
IC=eJwVx8ERABAMBMCaJOJcykEBxviJ3o39LXLmGZ6smipYJPYPKPyZbgAt5nJJUGX05vcBbjIORw; expires=Sat, 27-Mar-2021 19:39:22 GMT; Max-Age=31536000; path=/; SameSite=None; secure WUC=eJxFzDEOgCAMRuEjSVvgp71NkZi4EeMG3N0wOb18y0OMOppRKkkEmnm%7CG1DWjW4J0DT7Y0wQ0XlWW_cIhnxSJPFW4VR4x_1yCQoN7OH4l%7CsDZfwbKw; expires=Sat, 27-Mar-2021 19:39:22 GMT; Max-Age=31536000; path=/; SameSite=None; secure SC=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location
https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.242.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-242-104.arn1.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 27 Mar 2020 08:56:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Age
38593
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 23c0f38b3232ce0b791a0dc79e0ef643.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ARN1-C1
Connection
keep-alive
X-Amz-Cf-Id
Fn2g_-t142XqKMIj_-0GTk1XwbrvaXEjbI5Ng9-b8-X8s7jVmkXGng==
Expires
Fri, 03 Apr 2020 08:56:09 GMT
Primary Request /
offerta-clarins.it/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO
  • https://offerta-clarins.it/?source=TIO
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/?source=TIO
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=304676&a=2778258&g=24742450&epi=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
4ca588daeebc9979859d442700848ca806512d7331bad8debf305389a8c4547e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
offerta-clarins.it
:scheme
https
:path
/?source=TIO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://clk.tradedoubler.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Origin
https://clk.tradedoubler.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://clk.tradedoubler.com/

Response headers

status
200
server
nginx
date
Fri, 27 Mar 2020 19:39:22 GMT
content-type
text/html; charset=UTF-8
content-length
3193
set-cookie
ci_session=b0733ac70aeed44a781bd7633264add1a7213c63; expires=Fri, 27-Mar-2020 21:39:22 GMT; Max-Age=7200; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-content-type-options
nosniff
strict-transport-security
max-age=63072000

Redirect headers

status
302
location
https://offerta-clarins.it/?source=TIO
set-cookie
EH_0=1z11z1zhJz2C1JqDz1ObuyY8jRaGLyCPAZrdvXrc0x6m2GVOMgA.ebE2WDqGOUv8rwk6F2E%7aYjspE9GVrbjhY%7aR%7a%79OFXcT36;expires=Sat, 27-Mar-2021 19:39:22 GMT;path=/;domain=.tradedoubler.com GUID=1z11zzhJzE7Wqhza839e0539d1367dd9c4a8ed17c535a59;expires=Sat, 27-Mar-2021 19:39:22 GMT;path=/;domain=.tradedoubler.com TradeDoublerGUID=a839e0539d1367dd9c4a8ed17c535a59;expires=Sat, 27-Mar-2021 19:39:22 GMT;path=/;domain=.tradedoubler.com
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Fri, 27 Mar 2020 19:39:22 GMT
content-length
243
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
/
analytics.tradedoubler.com/ 		0
241 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
Origin
https://clk.tradedoubler.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 27 Mar 2020 19:39:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
screen.css
offerta-clarins.it/assets/css/prod/ 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/assets/css/prod/screen.css
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
588787c8dbec69659024dc64279e51086778b5e21da8307ac4aedbdb01dc893f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-e8dc"
strict-transport-security
max-age=63072000
content-type
text/css
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
59612
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-125916567-16
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21fc00a837e3450e8d44ea49c53ff1df7b879d834a8bfc018a5710c3042455bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28644
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 27 Mar 2020 19:39:22 GMT
logo-clarins.svg
offerta-clarins.it/assets/img/landing/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerta-clarins.it/assets/img/landing/logo-clarins.svg
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
053543e01982be701d70c5a491d9a9a7c961d51cba646cadbc9537bfce93eb0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-3111"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
12561
x-content-type-options
nosniff
logo-avent.png
offerta-clarins.it/assets/img/landing/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerta-clarins.it/assets/img/landing/logo-avent.png
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
6f5ef9857a74d5127fb777f0f68890c6af8eb05e7e3fa8f2cce25aaf8ef85671
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-2103"
strict-transport-security
max-age=63072000
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
8451
x-content-type-options
nosniff
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
https://offerta-clarins.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 27 Mar 2020 19:39:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-15851"
Vary
Accept-Encoding
X-HW
1585337962.dop138.fr8.shc,1585337962.dop138.fr8.t,1585337962.cds159.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30638
slick.min.js
offerta-clarins.it/assets/js/libs/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/assets/js/libs/slick.min.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
f295ebe06fc74dd639fc1d926abdea188a4c960b17266e73da205d034ac37f0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-8f1d"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
36637
x-content-type-options
nosniff
jquery.validate.min.js
offerta-clarins.it/assets/js/libs/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/assets/js/libs/jquery.validate.min.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
38d44a986cf44c041c3b451fad85b10e217793e28556e1f2577fa997750ff38b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-543a"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
21562
x-content-type-options
nosniff
additional-methods.js
offerta-clarins.it/assets/js/libs/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/assets/js/libs/additional-methods.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
c9f436ae79092323b81bfb1cd4c4646e24ad8e6254634c68a3b8c447c6dc1383
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-8a3b"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
35387
x-content-type-options
nosniff
remodal.min.js
offerta-clarins.it/assets/js/libs/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/assets/js/libs/remodal.min.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
4a07722a6f12b33c61fecdb7c412c258d8ca99cef79045b4b07932d3c8dde4c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-1de5"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
7653
x-content-type-options
nosniff
response.min.js
offerta-clarins.it/assets/js/libs/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/assets/js/libs/response.min.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
9ce429741964cbd15a2adabc55b221240d2131aae1fa4b8ea4d6356107359b96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-2211"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
8721
x-content-type-options
nosniff
main.js
offerta-clarins.it/assets/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/assets/js/main.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
79ee9a935494501548e0317d5db89f7bba9f20fe903aba8b7a4ed67d339d262c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-fff"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
4095
x-content-type-options
nosniff
index.js
offerta-clarins.it/assets/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offerta-clarins.it/assets/js/index.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
42d8c17214d3eed09622e4e3bc13537cded4c940c1cf8824373636b761277f3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/?source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-16e6"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
5862
x-content-type-options
nosniff
lib.js
events.sk.ht/avent/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.sk.ht/avent/lib.js
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.158.22.151 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
cdn.sk.ht
Software
nginx/1.14.2 /
Resource Hash
66b91349f8cbad640e32aa8c1ab3660f80b069d0c3232fb4715a72a6e434d965

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 27 Mar 2020 19:39:23 GMT
Last-Modified
Wed, 26 Feb 2020 10:18:19 GMT
Server
nginx/1.14.2
ETag
"5e5645eb-533f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21311
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125916567-16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3950
date
Fri, 27 Mar 2020 18:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Fri, 27 Mar 2020 20:33:32 GMT
video1.mp4
d1h8fl8on3a554.cloudfront.net/www-clarins/video/ 		35 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d1h8fl8on3a554.cloudfront.net/www-clarins/video/video1.mp4
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.18.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-18-47.bru50.r.cloudfront.net
Software
Apache /
Resource Hash

Request headers

Sec-Fetch-Dest
video
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 06 Mar 2020 10:00:49 GMT
Via
1.1 10db8eeb97259074d22f6f4d6f6f1346.cloudfront.net (CloudFront)
Age
1849114
X-Cache
Hit from cloudfront
Content-Range
bytes 0-4554963/4554964
Connection
keep-alive
Content-Length
4554964
With-Dyn
(null)
Last-Modified
Tue, 25 Feb 2020 15:37:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
BRU50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
TtOICddGE3bEL8EjfXgbaMr2xU-ojmbqh5jvPR-1rxdIQV6-QF280A==
background-karite.png
offerta-clarins.it/assets/img/landing/ 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerta-clarins.it/assets/img/landing/background-karite.png
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
2ff5da734f5bc8f7b700118135a97a801888cb8da69d1ec6b7dd4297a117b1ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/assets/css/prod/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 19:39:22 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-356d0"
strict-transport-security
max-age=63072000
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
218832
x-content-type-options
nosniff
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
noeud-c.png
offerta-clarins.it/assets/img/landing/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerta-clarins.it/assets/img/landing/noeud-c.png
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
dd64288e830be1c6446a12664f1ff4588daf10cdc2a108ae2a88c4dd846a2739
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/assets/css/prod/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 19:39:23 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-473"
strict-transport-security
max-age=63072000
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
1139
x-content-type-options
nosniff
parfums.png
offerta-clarins.it/assets/img/landing/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerta-clarins.it/assets/img/landing/parfums.png
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
cef7b91c531d234b8f4a2ebe5c9a436772b69f07e518b5848e6335b856d6f243
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/assets/css/prod/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 19:39:23 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-ac16"
strict-transport-security
max-age=63072000
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
44054
x-content-type-options
nosniff
product-bottom.png
offerta-clarins.it/assets/img/landing/ 		230 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerta-clarins.it/assets/img/landing/product-bottom.png
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.123.127 , France, ASN16276 (OVH, FR),
Reverse DNS
ip127.ip-79-137-123.eu
Software
nginx /
Resource Hash
61c3c9cff99002a3f1edb4d6eeee419012fdbecec6b800649554fd7a1f5cf252
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offerta-clarins.it/assets/css/prod/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 19:39:23 GMT
referrer-policy
same-origin
last-modified
Fri, 13 Mar 2020 15:42:57 GMT
server
nginx
etag
"5e6baa01-39777"
strict-transport-security
max-age=63072000
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
235383
x-content-type-options
nosniff
Clarins-Regular.woff
d1h8fl8on3a554.cloudfront.net/fonts/Clarins/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Clarins/Clarins-Regular.woff
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.18.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-18-47.bru50.r.cloudfront.net
Software
Apache /
Resource Hash
3b6bb0351d8493b5f8b9542b04e633d96e6ad8051a2786e88eb62f46bf58a50e

Request headers

Origin
https://offerta-clarins.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
font

Response headers

Date
Fri, 27 Mar 2020 08:18:28 GMT
Via
1.1 583308eb4f461d4428530a34ba6d1e04.cloudfront.net (CloudFront)
Age
40855
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
41828
With-Dyn
(null)
Last-Modified
Wed, 06 Mar 2019 16:13:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
BRU50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
zWKEUi2hgZCacZD9omS0ghth_0_USbdAeyBX3wBqKbT3kdCBCYZdDw==
GothamBook.woff
d1h8fl8on3a554.cloudfront.net/fonts/Gotham/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Gotham/GothamBook.woff
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.18.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-18-47.bru50.r.cloudfront.net
Software
Apache /
Resource Hash
cf42c27a44de5c05b7224b0d3192cbb856aa383b2daf065b1609a55a7c3b5530

Request headers

Origin
https://offerta-clarins.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
font

Response headers

Date
Fri, 27 Mar 2020 08:34:04 GMT
Via
1.1 583308eb4f461d4428530a34ba6d1e04.cloudfront.net (CloudFront)
Age
39919
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19692
With-Dyn
(null)
Last-Modified
Fri, 10 May 2019 09:59:03 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
BRU50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
OGDiJCaDV3l6yvKVdOnPjBpzBghlGe2qTQqVurqyZdJ9p366DGS-8A==
Gotham-Medium.woff
d1h8fl8on3a554.cloudfront.net/fonts/Gotham/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Gotham/Gotham-Medium.woff
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.18.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-18-47.bru50.r.cloudfront.net
Software
Apache /
Resource Hash
f64105abcb79b423705f4238d3e78cc5a38ea18469f2bed346e61aaddb7688df

Request headers

Origin
https://offerta-clarins.it
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
font

Response headers

Date
Mon, 16 Mar 2020 07:25:56 GMT
Via
1.1 583308eb4f461d4428530a34ba6d1e04.cloudfront.net (CloudFront)
Age
994407
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28176
With-Dyn
(null)
Last-Modified
Mon, 13 May 2019 10:25:59 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
BRU50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
ZU1O8QkR7u3L3I4VYtfFYshzhA36132pNKVJjprYhvuxdKOLL-D9xg==
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1297663230&t=pageview&_s=1&dl=https%3A%2F%2Fofferta-clarins.it%2F%3Fsource%3DTIO&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&ul=en-us&de=UTF-8&dt=Offerta%20Clarins&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1094697690&gjid=1812313792&cid=1464021030.1585337963&tid=UA-125916567-16&_gid=1704737340.1585337963&_r=1&gtm=2ou3i0&z=1219531142
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 27 Mar 2020 19:39:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
video1.mp4
d1h8fl8on3a554.cloudfront.net/www-clarins/video/ 		32 KB
33 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://d1h8fl8on3a554.cloudfront.net/www-clarins/video/video1.mp4
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.18.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-18-47.bru50.r.cloudfront.net
Software
Apache /
Resource Hash
95daf2d899199fc17b5d181d4544ab1cd35c1294dc2330e391c6a9ebc3e30d8f

Request headers

Sec-Fetch-Dest
video
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=4521984-

Response headers

Date
Fri, 06 Mar 2020 10:00:49 GMT
Via
1.1 4f6b42c00be2b57f5f03a09501620501.cloudfront.net (CloudFront)
Age
1849114
X-Cache
Hit from cloudfront
Content-Range
bytes 4521984-4554963/4554964
Connection
keep-alive
Content-Length
32980
With-Dyn
(null)
Last-Modified
Tue, 25 Feb 2020 15:37:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
BRU50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
y8sy27SAJmdYv5R2KXHx6B6ikPS5nkQnsDc7bekNW8g9i4XInnyL9A==
video1.mp4
d1h8fl8on3a554.cloudfront.net/www-clarins/video/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d1h8fl8on3a554.cloudfront.net/www-clarins/video/video1.mp4
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.18.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-18-47.bru50.r.cloudfront.net
Software
Apache /
Resource Hash

Request headers

Sec-Fetch-Dest
video
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=32768-

Response headers

Date
Fri, 06 Mar 2020 10:00:49 GMT
Via
1.1 4f6b42c00be2b57f5f03a09501620501.cloudfront.net (CloudFront)
Age
1849114
X-Cache
Hit from cloudfront
Content-Range
bytes 32768-4554963/4554964
Connection
keep-alive
Content-Length
4522196
With-Dyn
(null)
Last-Modified
Tue, 25 Feb 2020 15:37:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
BRU50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
H_jw24DZrpP2_NzL4u14W6noDAgeFi7S6NWA8l7dDNGNi_9I9ml9mQ==
/
sk.ht/aventmedia/ 		37 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sk.ht/aventmedia/
Requested by
Host: events.sk.ht
URL: https://events.sk.ht/avent/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Origin
https://offerta-clarins.it
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 27 Mar 2020 19:39:23 GMT
Last-Modified
Fri, 27 Mar 2020 19:39:23 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://offerta-clarins.it
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sk.ht/ck/ 		37 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sk.ht/ck/?c=5A0344A6-D7E1-148D-6478-079B41655307&r=1585337963320
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Fri, 27 Mar 2020 19:39:23 GMT
Last-Modified
Fri, 27 Mar 2020 19:39:23 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
tag.avent-media.fr/ck/ 		37 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.avent-media.fr/ck/?c=5A0344A6-D7E1-148D-6478-079B41655307&r=1585337963320
Requested by
Host: offerta-clarins.it
URL: https://offerta-clarins.it/?source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Fri, 27 Mar 2020 19:39:23 GMT
Last-Modified
Fri, 27 Mar 2020 19:39:23 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga string| marche function| $ function| jQuery boolean| alreadySentEmail function| IsNumeric function| validateEmail object| avmd object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| page number| iterator string| url

4 Cookies

Domain/Path Name / Value
.offerta-clarins.it/ Name: _gat_gtag_UA_125916567_16
Value: 1
.offerta-clarins.it/ Name: _gid
Value: GA1.2.1704737340.1585337963
.offerta-clarins.it/ Name: _ga
Value: GA1.2.1464021030.1585337963
offerta-clarins.it/ Name: ci_session
Value: b0733ac70aeed44a781bd7633264add1a7213c63

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
clk.tradedoubler.com
code.jquery.com
d1h8fl8on3a554.cloudfront.net
echo7.bluehornet.com
events.sk.ht
loudingads.go2cloud.org
offerta-clarins.it
sk.ht
tag.avent-media.fr
tracking.publicidees.com
vht.tradedoubler.com
www.google-analytics.com
www.googletagmanager.com
13.225.18.47
188.165.150.177
195.154.94.172
2001:4de0:ac19::1:b:1a
2a00:1450:4001:800::2008
2a00:1450:4001:81c::200e
34.95.109.120
51.158.22.151
52.210.174.128
52.39.168.155
52.85.242.104
79.137.123.127
89.185.38.84
053543e01982be701d70c5a491d9a9a7c961d51cba646cadbc9537bfce93eb0e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
21fc00a837e3450e8d44ea49c53ff1df7b879d834a8bfc018a5710c3042455bc
2ff5da734f5bc8f7b700118135a97a801888cb8da69d1ec6b7dd4297a117b1ef
38d44a986cf44c041c3b451fad85b10e217793e28556e1f2577fa997750ff38b
3b6bb0351d8493b5f8b9542b04e633d96e6ad8051a2786e88eb62f46bf58a50e
42d8c17214d3eed09622e4e3bc13537cded4c940c1cf8824373636b761277f3e
4a07722a6f12b33c61fecdb7c412c258d8ca99cef79045b4b07932d3c8dde4c3
4ca588daeebc9979859d442700848ca806512d7331bad8debf305389a8c4547e
588787c8dbec69659024dc64279e51086778b5e21da8307ac4aedbdb01dc893f
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
61c3c9cff99002a3f1edb4d6eeee419012fdbecec6b800649554fd7a1f5cf252
66b91349f8cbad640e32aa8c1ab3660f80b069d0c3232fb4715a72a6e434d965
6f5ef9857a74d5127fb777f0f68890c6af8eb05e7e3fa8f2cce25aaf8ef85671
79ee9a935494501548e0317d5db89f7bba9f20fe903aba8b7a4ed67d339d262c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95daf2d899199fc17b5d181d4544ab1cd35c1294dc2330e391c6a9ebc3e30d8f
9ce429741964cbd15a2adabc55b221240d2131aae1fa4b8ea4d6356107359b96
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b31f3651967ba04677ba2c0d953704cb243cda9dc1fd76f1605df7d938c5c00f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c9f436ae79092323b81bfb1cd4c4646e24ad8e6254634c68a3b8c447c6dc1383
cef7b91c531d234b8f4a2ebe5c9a436772b69f07e518b5848e6335b856d6f243
cf42c27a44de5c05b7224b0d3192cbb856aa383b2daf065b1609a55a7c3b5530
dd64288e830be1c6446a12664f1ff4588daf10cdc2a108ae2a88c4dd846a2739
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f295ebe06fc74dd639fc1d926abdea188a4c960b17266e73da205d034ac37f0e
f64105abcb79b423705f4238d3e78cc5a38ea18469f2bed346e61aaddb7688df